
‘GrimmResource’ Used With MSC Files in Phishing Attacks
After Microsoft finally disabled macros by default for files which bear the ‘Mark of the Web’ (MotW) flag, threat actors adapted by changing their initial infection vector. After initially switching to ISO and ZIP files, to MSI and LNK files...