Allowing #XLSM and #XLSB files ? Stop it to save your Infra

Krishnendu Paul

Jun 29, 2020 1 min read

I understand that a company having legacy systems running always. But, are you permitting XLSM and XLSB filetypes ? #STOP it as fast as possible !!

Following images are from a malware packer, possibly related with latest #Zloader and other infections.

Credit @DissectMalware

From the 2nd screenshot it is clear that XLSM and XLSB files are always fully undetectable ( FUD ) by Anti Viruses and it is easy to evade all other detection measures which we already have seens in multiple variants .

Better safe than sorry !

Great! You've successfully subscribed.
Great! Next, complete checkout for full access.
Welcome back! You've successfully signed in.
Success! Your account is fully activated, you now have access to all content.