Happy Monday everyone!

The Google Threat Intel Group (GTIP) discovered that a government website was hosting malware being used to target multiple other government entities and, with high confidence, attributed the activity to hashtag#APT41 (a.k.a. HOODOO). The group used a piece of malware dubbed #Toughprogress which executes on the compromised host and uses the Google Calendar for command-and-control (C2) communications. The initial access vector was a spear-phishing email that contained a link to a ZIP file which held an LNK masquerading as a pdf, and a directory, which all played their part in the attack. This was a great read and I hope you enjoy it too! Happy Hunting!

Mark Your Calendar: APT41 Innovative Tactics
https://cloud.google.com/blog/topics/threat-intelligence/apt41-innovative-tactics

Intel 471 Cyborg Security, Now Part of Intel 471 #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday

APT41 en het misbruik van Google Calendar: een nieuwe manier van cyberaanvallen

Artikel Cybercrimeinfo: https://www.ccinfo.nl/menu-onderwijs-ontwikkeling/cybercrime/2534024_apt41-en-het-misbruik-van-google-calendar-een-nieuwe-manier-van-cyberaanvallen

Podcast Spotify: https://open.spotify.com/episode/03l4nNcNixHx48RMGcJWr7?si=ySlbYv2kTt-rnHKNH5ZGxA

Podcast Youtube: https://youtu.be/h2ECy7-bKM8?si=lfaODP-d4IN4f65s

#APT41 #GoogleCalendar #cyberaanvallen #cyberdreigingen #cyberbeveiliging #cloudsecurity #phishing #MFA #TOUGHPROGRESS #C2communicatie #socialemanipulatie #digitaleveiligheid #cybercriminaliteit #APT41aanval