[SI-LAB] FlawedAmmyy Leveraging Undetected XLM Macros as an Infection Vehicle
Security Affairs
MARCH 2, 2019
This is part of a giant list of Living off the Land (LOL) techniques that attackers employ to mask their activities from runtime endpoint security monitoring tools such as AVs. Next, the user is asked to enable active content, and then the msiexec and subsequent chain of events are automatically executed.
Let's personalize your content