According to researchers at Proofpoint , the use of traditional macro attachments dropped by recently because Microsoft started blocking them by default. In response, attackers pivoted to using RAR and ISO attachments to trick users into manually extracting and running the malicious files. Interesting Reads on the Topic
Are Internet Macros Dead or Alive? covers how attackers are still finding ways to make macros effective despite new security measures. Office Macro Downloader.rar
Are threat actors turning to archives and disk images? provides a technical look at how .rar and .iso files help bypass "Mark of the Web" security tags. According to researchers at Proofpoint , the use
Because Microsoft has been cracking down on Office macros, threat actors have started hiding their malicious files inside container formats like or ISO to bypass security filters. covers how attackers are still finding ways to