Re: Email Phishing and Zloader: Such a Disappointment

[Kenneth Porter]

--On Sunday, July 11, 2021 4:55 PM -0400 "Kevin A. McGrail" 
<kmcgr...@apache.org> wrote:

We use the olevbmacro detection added to SA.  I would guess that's
blocking the payload.I would guess that's blocking the payload.

I see the plugin in the distribution but it doesn't appear to be loaded by 
default and the rules in the plugin's man page don't appear in the 
downloaded rules. So I guess I need to create a custom cf file.