Podcasts
Research Saturday
Ep 253
Research Saturday 10.8.22
Ep 253 | 10.8.22

Google Drive used for malware?

Show Notes
Transcript

Jen Miller-Osborn from Palo Alto Networks' Unit 42 joins Dave to discuss their work on the Cloaked Ursa group, with a recent report released called "Russian APT29 Hackers Use Online Storage Services, DropBox and Google Drive." The research shares insights into an active campaign from Russia’s Foreign Intelligence Service, that is leveraging the use of trusted, legitimate cloud services including Google Drive as a staging platform to deliver malware.

The research states that when these tactics are used, it is extremely difficult for organizations to detect the malicious activity in connection with the campaign. These tactics are used to collect victim information, evade detection, and deliver Cobalt Strike.

The research can be found here:

Research Saturday
Podcast Info
HOST(S):
Dave Bittner
Dave Bittner is a security podcast host and one of the founders at CyberWire. He's a creator, producer, videographer, actor, experimenter, and entrepreneur. He's had a long career in the worlds of television, journalism and media production, and is one of the pioneers of non-linear editing and digital storytelling.
Schedule: Saturdays
Creator: CyberWire, Inc.
Research Saturday
ADVERTISEMENT
Sponsored by NordLayer
Sponsored by NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. We help organizations of all sizes to fulfill scaling and integration challenges when building a modern secure remote access solution, within an ever-evolving SASE framework. Learn more.

Sponsored by Keeper Security
Sponsored by Keeper Security

Keeper is the top-rated cybersecurity platform for protecting organizations of all sizes from the most common password-related data breaches and cyberattacks. Learn more at Keeper Security.