<ul><li>Chinese state-sponsored hackers known as APT41 have been using Google Calendar in their recent attacks to serve as part of the C2 infrastructure.</li><li>Google’s Threat Intelligence Group dismantled the setup abusing Google Calendar and made changes to prevent future attacks.</li><li>The attack, called ToughProgress, involves phishing emails with malicious .ZIP archives, fake PDFs, and fake JPGs that hide malware.</li><li>To tackle the threat, Google developed custom detection signatures, identified affected companies, and took down associated Workspace accounts and calendar entries.</li></ul>

Chinese hackers use Google Calendar in stealthy new attack

Discover more