From kitploit.com
XLMMacroDeobfuscator can be used to decode obfuscated XLM macros (also known as Excel 4.0 macros). It utilizes an internal XLM emulator to interpret the macros, without fully performing the code.
It supports both xls, xlsm, and xlsb formats.
It uses xlrd2, pyxlsb2 and its own parser to extract cells and other information from xls, xlsb and xlsm files, respectively.
You can also find XLM grammar in xlm-macro-lark.template
From bleepingcomputer.com
A new ransomware gang known as LockFile encrypts Windows domains after hacking into Microsoft Exchange servers using the recently disclosed ProxyShell vulnerabilities.
ProxyShell is the name of an attack consisting of three chained Microsoft Exchange vulnerabilities that result in unauthenticated, remote code execution.
The three vulnerabilities were discovered by Devcore Principal Security Researcher Orange Tsai, who chained them together to take over a Microsoft Exchange server in April’s Pwn2Own 2021 hacking contest.
From bleepingcomputer.com
Starting this week, Microsoft customers can use the Azure Virtual Desktop (formerly Windows Virtual Desktop) to virtualize a Windows 11 preview desktop on Azure virtual machines.
“Azure Virtual Desktop has become a popular cloud VDI platform to run desktops and apps in the cloud and deliver a full Windows experience to users virtually anywhere,” said Kam VedBrat, GM for Windows Virtual Desktop at Microsoft.
“Windows Virtual Desktop GM Organizations today use it with Windows 10, Windows 7, Windows Server … and now we are pleased to offer Windows 11 on Azure Virtual Desktop.”
From securityaffairs.co
The U.S. State Department was recently hit by a cyber attack, the Department of Defense Cyber Command is notifying impacted individuals, White House Correspondent and fill-in anchor at Fox News Jacqui Heinrich revealed.
It is unclear when the security breach was discovered, but analysts believe it took place a couple of weeks ago.
From bleepingcomputer.com
EXCLUSIVE: Anyone can create a job listing on the leading recruitment platform LinkedIn on behalf of just about any employer—no verification needed.
And worse, the employer cannot easily take these down.
Now, that might be nothing new, but the feature and lax verification on career websites pave the ways for attackers to post bogus listings for malicious purposes.
The attackers can, for example, use this social engineering tactic to collect personal information and resumes from professionals who believe they are applying to a legitimate company, without realizing their data may be sold or used for phishing scams.
From tripwire.com
IBM’s Cost of a Data Breach Report 2021 analyzed 537 real breaches and conducted nearly 3,500 interviews to uncover the true cost of a data breach in 2020. The publication covers initial attack vectors, how long it took organizations to discover and contain braces, as well as the effects that incident response efforts and artificial intelligence have on mitigating breach costs.
From helpnetsecurity.com
Zix announced the release of a report which finds attackers are rapidly adopting new techniques to target users.
Cybercrime is exploding in 2021 and if there is anything that could be learned over the past year, it is that threat hunters are essential,” says Troy Gill, Manager of Research at Zix.
“Companies cannot wait for potential threats to emerge but must proactively identify security incidents that may go undetected by automated security tools. As we enter into the back half of the year, we will continue to see phishing, Business Email Compromise (BEC) and ransomware attackers become more sophisticated and bad actors asking for higher bounties to release data they have compromised.”