we have recently recived a bunch of emails that have attachments that are not in themselves malicious, but contain links to malicious sites with downloads, the files dont have the same names, and or links, but they all have filenames that match one of the regex rules that i was using to block them when they had the filename as subject lines.
blocking each by name would take forever and be a game of wack-a-mole, and all are pdfs so the mount of false positives by blocking the entire attachment type is unsustainable.
Is there any way to match extension name by regex?
This thread was automatically locked due to age.