← Back to context

Comment by andylynch

5 years ago

Depends on the org. Some firms block direct executable file downloads and scan for unrecognised code on the network, proxying them all through something like Nexus This is only going to become more common (and necessary) in the wake of things like the SolarWinds hack.

My Excel skills are a bit rusty but I remember the times when it was advised to not open .doc or .xls files from an unknown source because harmful VBA macros could be executed on opening the file. Did this changed lately? If not, how is opening an .xls file different from installing a non-tested python package from security perspective?