Allowing #XLSM and #XLSB files ? Stop it to save your Infra

XLS Jun 29, 2020

I understand that a company having legacy systems running always. But, are you permitting XLSM and XLSB filetypes ? #STOP it as fast as possible !!

Following images are from a malware packer, possibly related with latest #Zloader and other infections.

Credit @DissectMalware

From the 2nd screenshot it is clear that XLSM and XLSB files are always fully undetectable ( FUD ) by Anti Viruses and it is easy to evade all other detection measures which we already have seens in multiple variants .

Better safe than sorry !

Tags

Great! You've successfully subscribed.
Great! Next, complete checkout for full access.
Welcome back! You've successfully signed in.
Success! Your account is fully activated, you now have access to all content.