Cisco Talos report: Threat actors use known Excel vulnerability

2022-12-22 18:25

Microsoft Office files, particularly Excel and Word files, have been targeted by some cybercriminals for a long time.

As exposed in new research from Cisco Talos, threat actors might leverage event handling functions in Excel files in order to automatically launch.

XLL SDK and samples generated using the ExcelDNA framework, as it is free and tends to be the one most used by threat actors.

XLL files sent as attachment files in malicious email campaigns.

XLL. The threat actor used a file named "Details of Project Marketing Plan and Facebook Google Ads Results Report.xll" to infect its targets with the Ducktail malware.

XLL add-ins are generally developed in the C/C++ programming language using the Microsoft Excel.

News URL

https://www.techrepublic.com/article/cisco-talos-xll-excel-vulnerability/

#cisco #excel #report #threat #vulnerability

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Cisco		4453	231	3069	1825	609	5734

News URL

Related news

Related vendor