Podcasts
CyberWire Daily
Ep 1727
The CyberWire Daily Podcast 12.20.22
Ep 1727 | 12.20.22

Warnings on SentinelSneak. The rise of malicious XLLs. Updates from Russia’s hybrid war. An unusually loathsome campaign targets children.

Show Notes
Transcript

SentinelSneak is out in the wild. XLLs for malware delivery. CERT-UA warns of attacks against the DELTA situational awareness system. FSB cyber operations against Ukraine. Trends in the cyber phases of Russia's hybrid war. Mr. Security Answer Person John Pescatore offers his sage wisdom. Microsoft’s Ann Johnson from Afternoon Cyber Tea speaks with Dr. Chenxi Wang from Rain Capital. And an unusually unpleasant sextortion campaign.

Selected reading.

SentinelSneak is not a legitimate SDK. (CyberWire)

SentinelSneak: Malicious PyPI module poses as security software development kit (ReversingLabs)

Malicious Python Trojan Impersonates SentinelOne Security Client (Dark Reading)

Malicious ‘SentinelOne’ PyPI package steals data from developers (BleepingComputer)

Cisco research on XLL Abuse. (CyberWire)

Threat Spotlight: XLLing in Excel - threat actors using malicious add-ins (Cisco Talos Blog) 

Ukraine at D+299: Cyber operations 300 days into the war. (CyberWire)

Cyber Dimensions of the Armed Conflict in Ukraine (CyberPeace Institute)

Ukraine's DELTA military system users targeted by info-stealing malware (BleepingComputer)

Ukraine's Delta Military Intel System Hit by Attacks (Infosecurity Magazine)

Russia’s Trident Ursa (aka Gamaredon APT) Cyber Conflict Operations Unwavering Since Invasion of Ukraine (Unit 42)

FBI and Partners Issue National Public Safety Alert on Financial Sextortion Schemes | Federal Bureau of Investigation (Federal Bureau of Investigation)

HSI, federal partners issue national public safety alert on sextortion schemes (US Immigration and Customs Enforcement)

CyberWire Daily
Podcast Info
HOST(S):
Dave Bittner
Dave Bittner is a security podcast host and one of the founders at CyberWire. He's a creator, producer, videographer, actor, experimenter, and entrepreneur. He's had a long career in the worlds of television, journalism and media production, and is one of the pioneers of non-linear editing and digital storytelling.
Schedule: Monday-Friday
Creator: CyberWire, Inc.
CyberWire Daily
ADVERTISEMENT
Sponsored by Intrusion
Sponsored by Intrusion

We make proactive possible.

Our mission is to empower your IT team with the technology, insights, and resources you need to proactively hunt down and stop malicious actions in your network. Learn more.

Sponsored by Strata Identity
Sponsored by Strata Identity

Strata, the #1 platform for Identity Orchestration, integrates multi-cloud and hybrid identity infrastructure and allows enterprises to enforce consistent identity and access policies. Strata empowers IT and cybersecurity teams to architect identity that’s forever modern and permanently flexible. Learn more.

Sponsored by Barracuda
Sponsored by Barracuda

More than 200,000 global customers trust Barracuda to safeguard their employees, data, and applications from a wide range of threats. Barracuda provides easy, comprehensive and affordable solutions for email protection, application and cloud security, network security and data protection. Learn More.