Calendar Entries - T1636.001 (a9fa0d30-a8ff-45bf-922e-7720da0b7922)
Adversaries may utilize standard operating system APIs to gather calendar entry data. On Android, this can be accomplished using the Calendar Content Provider. On iOS, this can be accomplished using the EventKit framework.
If the device has been jailbroken or rooted, an adversary may be able to access Calendar Entries without the user’s knowledge or approval.
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Protected User Data - T1636 (11c2c2b7-1fd4-408f-bc2e-fe772ef9df5e) | Attack Pattern | Calendar Entries - T1636.001 (a9fa0d30-a8ff-45bf-922e-7720da0b7922) | Attack Pattern | 1 |