Threat actors have moved to other means of initial access, such as ISO files combined with LNKs or OneNote payloads, but some appearances of VBA macro’s in Office documents can still be seen in use.

 

 

Click here to read the full article.