I published the following diary on isc.sans.org: “Stop relying on file extensions“.
Yesterday, I found an interesting file in my spam trap. It was called ‘16509878451.XLAMâ€™. To be honest, I was not aware of this extension and I found this on the web: “A file with the XLAMÂ file extensionÂ is an Excel Macro-Enabled Add-In file that’s used to add new functions to Excel. Similar to other spreadsheet file formats, XLAM files contain cells that are divided into rows and columns that can contain text, formulas, charts, images andâ€¦ macros!â€ Indeed, the file contained some VBA code… [Read more]