 In this lecture, we have talked about advanced persistent trust, or APTs. We have started this lecture by giving the definition and goals of APTs. We have learned which are the differences between APTs and other type tags, and which are the steps in the life cycle of an APT. Then, we have focused on the initial compromise step and on the invasion techniques used by APTs not to be detected. Finally, we have given some highlights on mitigation. One of the most important steps in the APT life cycle is data exfiltration, that is the operation of extracting relevant information from the target network. In this lecture, we have discussed the data exfiltration stages and the most prominent data exfiltration methods, among which there are covered or hidden channels. We have done given two examples of covered channels, DNS tunneling and steganography. Finally, also in this case, we have made some observations about detection and mitigation. In the external material on Stuxnet, we have learned some characteristics about the Stuxnet's worm from a forensic point of view, and heard about the physical effects the malware had on the target infrastructure. Also, the talk has explained the anti-detection measure used by Stuxnets to remain hidden during its operation.