Google Event Injection - Tradecraft Security Weekly 20 Tradecraft Security Weekly (Audio) podcast

Artwork

Tech Hacking Security Securityhowto Securitypodcast Securitytraining Technicalsegment Tech News News Security Weekly

Konten disediakan oleh Security Weekly. Semua konten podcast termasuk episode, grafik, dan deskripsi podcast diunggah dan disediakan langsung oleh Security Weekly atau mitra platform podcast mereka. Jika Anda yakin seseorang menggunakan karya berhak cipta Anda tanpa izin, Anda dapat mengikuti proses yang diuraikan di sini https://id.player.fm/legal.

Tradecraft Security Weekly (Audio) « »
Google Event Injection - Tradecraft Security Weekly 20

7y ago 13:12

Bagikan

MP3•Beranda episode

Konten disediakan oleh Security Weekly. Semua konten podcast termasuk episode, grafik, dan deskripsi podcast diunggah dan disediakan langsung oleh Security Weekly atau mitra platform podcast mereka. Jika Anda yakin seseorang menggunakan karya berhak cipta Anda tanpa izin, Anda dapat mengikuti proses yang diuraikan di sini https://id.player.fm/legal.

Google provides the ability to automatically add events to a calendar directly from emails received by Gmail. This provides a unique situation for phishing attempts as most users haven't been trained to watch their calendar events for social engineering attempts. In this episode Beau Bullock (@dafthack) and Michael Felch (@ustayready) show how to inject events into a targets calendar using MailSniper bypassing some security controls that Google has in place.

Links: Blog Post: https://www.blackhillsinfosec.com/google-calendar-event-injection-mailsniper/

… continue reading

14 episode

#Tech #Hacking #Security #Securityhowto #Securitypodcast #Securitytraining #Technicalsegment #Tech News #News #Security Weekly

Artwork

Google Event Injection - Tradecraft Security Weekly 20

Tradecraft Security Weekly (Audio)

29 subscribers

published 7y ago

Bagikan

MP3•Beranda episode

Konten disediakan oleh Security Weekly. Semua konten podcast termasuk episode, grafik, dan deskripsi podcast diunggah dan disediakan langsung oleh Security Weekly atau mitra platform podcast mereka. Jika Anda yakin seseorang menggunakan karya berhak cipta Anda tanpa izin, Anda dapat mengikuti proses yang diuraikan di sini https://id.player.fm/legal.

Google provides the ability to automatically add events to a calendar directly from emails received by Gmail. This provides a unique situation for phishing attempts as most users haven't been trained to watch their calendar events for social engineering attempts. In this episode Beau Bullock (@dafthack) and Michael Felch (@ustayready) show how to inject events into a targets calendar using MailSniper bypassing some security controls that Google has in place.

Links: Blog Post: https://www.blackhillsinfosec.com/google-calendar-event-injection-mailsniper/

… continue reading

14 episode

#Tech #Hacking #Security #Securityhowto #Securitypodcast #Securitytraining #Technicalsegment #Tech News #News #Security Weekly

Όλα τα επεισόδια

×

Selamat datang di Player FM!

Player FM memindai web untuk mencari podcast berkualitas tinggi untuk Anda nikmati saat ini. Ini adalah aplikasi podcast terbaik dan bekerja untuk Android, iPhone, dan web. Daftar untuk menyinkronkan langganan di seluruh perangkat.

Dengarkan 500+ topik