windows defender
Is this a case of WD being the attack vector (unsafe zip) or just that it doesn't spot it?
A new version of the decade-old banking credential-stealing Qbot malware is doing the rounds, according to infosec firm Varonis. The latest version, spotted after an unfortunate customer's systems were infected, retains the anti-analysis polymorphism features of the original, Varonis researchers said. Once present on a …
Well yes and no, it's up to admins to impliment policy on the assumption that anything is possible and treat the network as a castle, wall, moat type tiered line of defences assuming zero knowledge from the user.
Unfortunately, there are still people out there who click on everything and anything and have to ask 'what do I do with this?' when an email states ******INFECTED******* in the subject line.
I used it for a basic automation job at work before PowerShell was created (a few trigger buttons on an Excel spreadsheet). Like PowerShell it is however grossly overpowered for normal use.
Both PowerShell and VBScript should be optional components that are only installed if the user accepts a warning message.
In my previous job my employer point blank refused to pay for any commercial monitoring or automation software to manage our Enterprise level Exchange 2003 Estate. The only licensed software available to me was VB6 so I wrote a large number of utilities in that and made extensive use of VBS for both monitoring and automation.
When we went over to Exchange 2010 I had to create a large amount of automation and utilities for that in PowerShell and VB6, including a monitoring tool which gave a near real-time status update of the systems health.
Because all the cool kids did it back in the day probably. Thanks Lotus.
I will admit that from a VB point of view, the access you can still get into office apps is awesome if you need it, but vba automation is such a niche market, it can only be a fraction of a percent of the use base.
The fraction of a percent of skint teenagers leaning to program vb in the nineties will thank MS for embedding VB6 IDE into office tools that only cost a quarter of the official product :)
>Because all the cool kids did it back in the day probably. Thanks Lotus.<
Lotus? vi comes from 1976, and ed was even earlier than that.
Line editors like ed where scriptable in any system that allowed scripting, and one of the reasons was because line editors like ed were one of the first tools written for a new os, because that's what you used to write subsequent programs. The first three tools of unix were assembler, editor, and shell. vi was part of the very first BSD release.
And when you started advanced scripting with your editor, of course you could have a system that didn't allow you to interact with the file system of with the gui, but wtf would be the use of that?
The problem isn't necessarily a scripting language inside a word processor or spreadsheet. After all, LaTeX allows all sorts of scripting (made very easy with the ifthen package), and I am not aware of any security issues with that. The problem is allowing scripts like this to do anything not related to the document itself. That is a security nightmare.