Macros have been a long time favorite of users and threat actors alike. Unfortunately, the same automation that macros afford users for efficiency and convenience have also been abused by threat actors to launch cyber attacks - most notably, Excel 4.0 XLM macros in phishing emails. Some organizations globally disable macros, but for those that have not, be advised that Microsoft will begin disabling Excel 4.0 XLM macros by default in Microsoft 365 tenants. This action is designed to protect users from the less secure macros that are still in use (and abuse) today. For more on the rollout schedule check out BleepingComputer.
Early bird registration for H2OSecCon 2024 is now open! - REGISTER HERE