.png)
CyberBrief Project
CyberBrief Project is an audio series that breaks down one creative cyber-attack technique in each episode.
Rather than covering routine threats, each episode focuses on clever methods that repurpose tools in unexpected ways.
Voiced by AI instructors, the series is designed to help listeners understand how attackers think, what they target, and how to spot threats with greater clarity.
This is valuable information for anyone in cybersecurity, especially defenders, and for anyone curious about how real-world cyberattacks start and unfold.
Episodes
12 episodes
The Invisible Intruder: Deconstructing LockBit
SummaryThis episode explores a LockBit ransomware campaign that relied on DLL sideloading and masquerading to operate undetected until the final encryption stage.The attackers gained access using legitimate re...
•
Season 1
•
Episode 11
•
10:40
.png)
The Billion-Dollar Phone Call
Summary:This episode breaks down the ShinyHunters social engineering campaign that breached Google, Adidas, Louis Vuitton, and more—without malware or exploits. The attackers used voice-based social engineering to trick employees ...
•
Season 1
•
Episode 10
•
8:55
.png)
EDR Killer - Ransomware’s First Strike
Episode Description – Technical Write-Up:Summary:This episode examines a stealthy pre-ransomware technique where attackers use a custom-built EDR killer paired with a malicious, kernel-level driver to disable endpoin...
•
Season 1
•
Episode 9
•
8:46
.png)
The QR Code You Never Ordered
Episode Description:In this episode of the CyberBrief Project, we examine a modern twist on the brushing scam — unsolicited packages containing only a printed QR code. This technique uses the physical postal system to bypass tradi...
•
Season 1
•
Episode 8
•
7:40
.png)
The Self-Healing Hack: Hiding in Plain Sight
Episode Description:This episode exposes how attackers hide inside WordPress’s must-use plugins to create a self-healing backdoor. We explain how a loader in the wp-content/mu-plugins folder fetches a remote payloa...
•
Season 1
•
Episode 7
•
6:37
.png)
Multi‑Layer Redirect Phishing Technique
In this episode, we break down a clever phishing technique that hides malicious links behind multiple layers of trusted redirects. By combining public link shorteners like Bitly with security services such as Proofpoint's lin...
•
Season 1
•
Episode 7
•
4:42
.png)
When IT Tools Become the Attack
In this episode, we explore a stealthy credential access campaign attributed to the Iranian-linked group MuddyWater, also known as TA450. The attack began with a phishing email that delivered a legitimate installer for the At...
•
Season 1
•
Episode 6
•
5:43
.png)
Hack the Sandbox: APT10 Turns Safety into Stealth
Summary:In this episode, we explore how the APT10 subgroup “MirrorFace” abused the Windows Sandbox feature to establish stealthy persistence. By enabling and configuring the sandbox remotely, they launched malware designed to run onl...
•
Season 1
•
Episode 5
•
4:22
.png)
When Pen-Testing Tools Turn Against You
In this episode of the CyberBrief Project, we break down Sneaky Strike — a large-scale campaign that turns a legitimate security tool into a weapon for mass account takeover. Using TeamFiltration, an open-source framework originally...
•
Season 1
•
Episode 4
•
5:59
.png)
Crypto Theft by Screen Reader
A new variant of the Coyote banking trojan is targeting not just banks but cryptocurrency exchanges, and it is doing it in a way few defenders expect. Instead of exploiting a vulnerability, it abuses a Windows accessibility feature ...
•
Season 1
•
Episode 3
•
4:49
.png)
When Malware Syncs to a Calendar App
In this breakdown, we explore how APT41, one of the most resourceful state-backed threat groups, used Google Calendar as a stealthy command-and-control channel. No exploits. No shady domains. Just encrypted commands hidden inside ca...
•
Season 1
•
Episode 2
•
5:52
.png)
How Scattered Spider Hijacks ESXi
In this episode, we explore a creative and highly effective ransomware technique used by Scattered Spider, one that doesn't rely on malware or exploits, but on deep knowledge of virtual infrastructure.The Disk-Swap attack on ESXi allows ...
•
Season 1
•
Episode 1
•
8:39
.png)