Microsoft blocks VBA macros originating from Internet based on MOTW flag. Im now sharing a tool presenting risk for MOTW bypasses, which will play crucial role in evading MS default setting and smuggle macros back in. Threat Actors already do that. https://github.com/mgeeky/PackMyPayload mariuszbit @malwr 99 views08:22