Warnings on SentinelSneak. The rise of malicious XLLs. Updates from Russia’s hybrid war. An unusually loathsome campaign targets children.
SentinelSneak is out in the wild. XLLs for malware delivery. CERT-UA warns of attacks against the DELTA situational awareness system. FSB cyber operations against Ukraine. Trends in the cyber phases of Russia's hybrid war. Mr. Security Answer Person John Pescatore offers his sage wisdom. Microsoft’s Ann Johnson from Afternoon Cyber Tea speaks with Dr. Chenxi Wang from Rain Capital. And an unusually unpleasant sextortion campaign.
SentinelSneak is not a legitimate SDK. (CyberWire)
Malicious ‘SentinelOne’ PyPI package steals data from developers (BleepingComputer)
Cisco research on XLL Abuse. (CyberWire)
Threat Spotlight: XLLing in Excel - threat actors using malicious add-ins (Cisco Talos Blog)
Cyber Dimensions of the Armed Conflict in Ukraine (CyberPeace Institute)
Ukraine's DELTA military system users targeted by info-stealing malware (BleepingComputer)
Ukraine's Delta Military Intel System Hit by Attacks (Infosecurity Magazine)
FBI and Partners Issue National Public Safety Alert on Financial Sextortion Schemes | Federal Bureau of Investigation (Federal Bureau of Investigation)
HSI, federal partners issue national public safety alert on sextortion schemes (US Immigration and Customs Enforcement)