Security Stop-Press : Hackers Adapting Methods Following Microsoft’s Macro Blocking

A new Proofpoint report has warned that hackers, who used to use macro-enabled documents attached to messages to deliver malware are now adapting to Microsoft’s move to block XL4 and VBA macros by default for Office users. Proofpoint says that hackers have now switched to methods such as using container files like ISO and RAR, and Windows Shortcut (LNK) files in campaigns because they can bypass Microsoft’s macro blocking protections and facilitate the distribution of executables to distribute malware. The advice is to keep antivirus protection up to date and pay particular attention to email security.