The Gamaredon threat group has given its post-compromise toolset a facelift with the addition of a new Visual Basic for Applications (VBA) macro. The VBA macro leverages compromised victims’ Microsoft Outlook email accounts to send spear-phishing emails to their contacts – rapidly widening the potential attack surface.
Read full article on Threat Post