Security News > 2022 > December > Cisco Talos report: Threat actors use known Excel vulnerability
Microsoft Office files, particularly Excel and Word files, have been targeted by some cybercriminals for a long time.
As exposed in new research from Cisco Talos, threat actors might leverage event handling functions in Excel files in order to automatically launch.
XLL SDK and samples generated using the ExcelDNA framework, as it is free and tends to be the one most used by threat actors.
XLL files sent as attachment files in malicious email campaigns.
XLL. The threat actor used a file named "Details of Project Marketing Plan and Facebook Google Ads Results Report.xll" to infect its targets with the Ducktail malware.
XLL add-ins are generally developed in the C/C++ programming language using the Microsoft Excel.
News URL
https://www.techrepublic.com/article/cisco-talos-xll-excel-vulnerability/
Related news
- Zscaler Report: Mobile, IoT, and OT Cyber Threats Surge in 2024 (source)
- Cisco Issues Urgent Fix for ASA and FTD Software Vulnerability Under Active Attack (source)
- Enterprise Identity Threat Report 2024: Unveiling Hidden Threats to Corporate Identities (source)
- Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems (source)
- Critical vulnerability in Cisco industrial wireless access points fixed (CVE-2024-20418) (source)