[embedded content]Follow ZDNET: Add us as a preferred source More

Image: ZDNet Google has patched this week a critical security flaw in Android’s Bluetooth component. If left unpatched, the vulnerability can be exploited without any user interaction and can even be used to create self-spreading Bluetooth worms, experts said. Fixes for the bug are available via the Android February 2020 Security Bulletin, which has been […] More

Image: Getty US security agency, the National Security Agency (NSA), has released new software supply chain guidance to help developers avoid cyberattacks targeting proprietary and open-source software.  The new guidance is meant to help US private and public sector organizations defend themselves against supply chain attacks, including the one Russian Foreign Intelligence Service (SVR) hackers […] More

Macro malware has been a popular choice for hackers since the 1990s and even in recent years the technique has continued to be a simple way of delivering malware to the unwary. 
Just last month, Ukraine accused Russian government spies of uploading documents with malicious macros to a Ukrainian government document-sharing site. And amid the first wave of the COVID-19 pandemic, Microsoft warned of emails containing Excel files with malicious macros. 

Microsoft Ignite

Microsoft has been using an integration between its Antimalware Scan Interface (AMSI) and Office 365 to knock out macro malware for years, but its successful efforts to take out macro scripts written in Visual Basic for Applications (VBA) ended up pushing attackers to an older macro language called XLM, which came with Excel 4.0 in 1992.  
SEE: Windows 10 Start menu hacks (TechRepublic Premium)
Now Microsoft is expanding the integration of its AMSI with Office 365 to include the scanning of Excel 4.0 XLM macros at runtime, bringing AMSI in line with VBA.
AMSI allows applications to integrate with any antivirus on a Windows machine to enable the antivirus to detect and block a range of malicious scripts in Office documents. Microsoft notes its Defender anti-malware is using this integration to detect and block XLM-based malware and is encouraging other anti-malware providers to adopt it, too. 
Although XLM was superseded by VBA in 1993, XLM is still used by some customers and so it remains supported in Excel.  

“While more rudimentary than VBA, XLM is powerful enough to provide interoperability with the operating system, and many organizations and users continue to use its functionality for legitimate purposes. Cybercriminals know this, and they have been abusing XLM macros, increasingly more frequently, to call Win32 APIs and run shell commands,” explain Microsoft’s security teams. 
The arrival of AMSI’s VBA runtime scan in 2018 “effectively removed the armor that macro-obfuscation equipped malware with, exposing malicious code to improved levels of scrutiny,” says Microsoft. 
“Naturally, threat actors like those behind Trickbot, Zloader, and Ursnif have looked elsewhere for features to abuse and operate under the radar of security solutions, and they found a suitable alternative in XLM,” it continues. 
SEE: Cybercrime groups are selling their hacking skills. Some countries are buying
If the antivirus detects a malicious XLM macro, the macro won’t execute and Excel is terminated, thus blocking the attack. 
Runtime inspection of XLM macros is now available in Microsoft Excel and is enabled by default on the February Current Channel and Monthly Enterprise Channel for Microsoft 365 subscription users.
Microsoft More

Asana’s Universal Reporting feature
Asana

Special feature

Turning Big Data into Business Insights

Businesses are good at collecting data, and the Internet of Things is taking it to the next level. But, the most advanced organizations are using it to power digital transformation.

Read More

Team management software provider Asana on Wednesday rolled out Enterprise Work Graph, a new suite of tools to help organizations stay on top of cross-team objectives while maintaining enterprise-grade security and controls. The new product is based on Asana’s proprietary Work Graph data model. It aligns teams around goals, coordinates workflows and provides visibility into the status of projects. It’s built to support enterprises with more than 100,000 users and offers an availability commitment of 99.9%. There are features for enterprise IT teams, such as an Admin Announcement capability, as well as a new SCIM functionality that automates group set-up and synchronizes profile updates with Okta. In terms of security, an upcoming Enterprise Key Management (EKM) feature will let organizations use their own keys to encrypt data.The Enterprise Work Graph offers a Goals API that lets organizations pull in information from other tools to stay on top of cross-team goals. For instance, an organization could link an Asana goal to a CRM report. When sales teams closed opportunities, the goal would automatically update in Asana so that teams across the organization would stay informed.Additionally, there’s a Workflow Builder tool that requires no coding and a Universal Reporting tool for tracking business objectives.Asana has been working to scale its business over the last few years. In 2019, Asana launched Asana Automation, opened a new office in Tokyo, and launched Asana for Marketing and Creative Teams. Overall, Asana has more than 100 integrations with enterprise software vendors including Slack, Microsoft Office 365, Gmail, Adobe Creative Cloud, and others.In September, the company reported it has over 107,000 paying customers, with strong growth in the enterprise. The number of customers spending over $50,000 grew 111% in Asana’s second quarter.

Enterprise Software More