October 2014 saw the beginning of an e-mail campaign spamming malicious Microsoft Office documents. Mostly Word documents using the “old” binary format, but sometimes Excel documents and sometimes the “new” ZIP/XML format. All with VBA macros that auto-execute when opened.
Yesterday, we started to see XML attachments.
more here.............https://isc.sans.edu/diary/XML%3A+A+New+Vector+For+An+Old+Trick/
Yesterday, we started to see XML attachments.
more here.............https://isc.sans.edu/diary/XML%3A+A+New+Vector+For+An+Old+Trick/