Risky Bulletin Sponsored: Sublime Security on Zoom attacks
7 snips
Mar 15, 2026 Alex Orleans, Head of Threat Intelligence at Sublime Security, breaks down email attacks abusing Zoom and other video-conferencing tools. He outlines live-meeting lures, fake updaters that steal credentials, and renamed installers that deliver malware. The conversation covers RMM tool misuse, calendar-trust exploitation, personalized social engineering, and how AI both powers attacks and aids detection.
AI Snips
Chapters
Transcript
Episode notes
Zoom Invites Exploit Routine Trust
- Attackers exploit routine trust in Zoom invites and calendar entries to bypass scrutiny.
- Phishers push links or calendar events that look like legitimate Zoom meetings so victims click without inspecting sender details.
RMM Tools Are The New Malware Vector
- Malware delivery via booby-trapped conferencing clients and repurposed legitimate binaries is increasing.
- Attackers often distribute RMM tools like Screen Connect or AnyDesk renamed or repurposed to evade detection.
Verify Unexpected Calendar Events Before Joining
- Train users to treat unsolicited calendar events and top-line familiar names with skepticism and verify via a separate channel.
- Encourage confirmation from the alleged sender before joining unexpected meetings or installing software.