In 2019, VBA macros are still heavily used to deliver malware, and new obfuscation techniques such as VBA Stomping implemented in EvilClippy allow attackers to deliver malicious payloads to end users without being detected. Luckily, analysis and detection tools are also progressing to address all the advanced attack techniques. This presentation will demonstrate some of the advanced attack techniques, and show how analysis and detection tools such as olevba have been recently improved to address the new challenges.

By Philippe Lagadec

Full Abstract & Presentation Materials: https://www.blackhat.com/eu-19/briefi...