When Malware Syncs To A Calendar App CyberBrief Project podcast

7d ago 5:52

Content provided by Meni Tasa. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Meni Tasa or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.

"Send me a quick text"

In this breakdown, we explore how APT41, one of the most resourceful state-backed threat groups, used Google Calendar as a stealthy command-and-control channel. No exploits. No shady domains.

Just encrypted commands hidden inside calendar events. This technique didn't rely on technical novelty, but on quietly blending into trusted cloud services that most defenders don't monitor.

If you're in cybersecurity, this one will challenge how you think about legitimate tools and what can be hiding in plain sight.|

This technique is also in my YouTube channel: ⁠https://www.youtube.com/@CyberBriefProject

Support the show

Thanks for spending a few minutes on the CyberBrief Project.

If you want to dive deeper or catch up on past episodes, head over to cyberbriefproject.buzzsprout.com.

You can also find the podcast on YouTube at youtube.com/@CyberBriefProject — I’d love to see you there.

And if you find these episodes valuable and want to support the project, you can do that here: buzzsprout.com/support

Your support means a lot.

See you in the next one, and thank you for listening.

11 episodes