"Send me a quick text"In this breakdown, we explore how APT41, one of the most resourceful state-backed threat groups, used Google Calendar as a stealthy command-and-control channel. No exploits. No shady domains. Just encrypted commands hidden inside calendar events. This technique didn't rely on technical novelty, but on quietly blending into trusted cloud services that most defenders don't monitor. If you're in cybersecurity, this one will challenge how you think about legitimate tools and what can be hiding in plain sight.|This technique is also in my YouTube channel: ⁠https://www.youtube.com/@CyberBriefProjectThanks for spending a few minutes on the CyberBrief Project. If you want to dive deeper or catch up on past episodes, head over to cyberbriefproject.buzzsprout.com. You can also find the podcast on YouTube at youtube.com/@CyberBriefProject — I’d love to see you there. And if you find these episodes valuable and want to support the project, you can do that here: buzzsprout.com/support Your support means a lot. See you in the next one, and thank you for listening.

Ver todos los episodios