An increasing number of threats have begun to leverage the Microsoft Graph API, usually to facilitate communications with command-and-control (C&C) infrastructure hosted on Microsoft cloud services.
The technique was most recently used in an attack against an organization in Ukraine, where a previously undocumented piece of malware used the Graph API to leverage Microsoft OneDrive for C&C purposes.
Read more…
Source: Symantec
Related:
- Misconfigurations in Microsoft Exchange open new doors to email spoofing attacks
September 1, 2024
A new report from the Acronis Threat Research Unit has uncovered a vulnerability in Microsoft Exchange Online settings that could enable email spoofing attacks. This issue primarily affects users with a hybrid configuration of on-premises Exchange and Exchange Online, and those utilizing third-party email security solutions. In July 2023, Microsoft introduced a major change in how ...
- Chennai bomb threat mails: Serious setback for police as Microsoft refuses to share vital information
August 30, 2024
Chennai cybercrime police has faced a serious setback in its investigations into the more than three dozen hoax bomb emails sent to schools, colleges, and the airport, ToI reported on August 30. Microsoft has refused to share crucial information regarding the mails, the report by ToI’s A Selvaraj said. These emails, the latest of which coincided ...
- Fake Canva home page leads to browser lock
August 29, 2024
In a previous blog post, Malwarebytes researchers showed how fraudsters were leveraging features from the very company (Microsoft) they were impersonating. Malwarebytes Labs continue this series with another clever trick abusing Canva, a popular online tool for graphic design. This time, the scammers registered an account on Canva to create a new design that, is in ...
- New Windows Cyber Attacks Confirmed – CISA Says Update By September 3
August 14, 2024
Microsoft has released the monthly round of Patch Tuesday security updates, with fixes for a total of 90 vulnerabilities across the Windows ecosystem. Of these, the Microsoft Security Response Center warns that five Windows vulnerabilities have confirmed and active cyber attacks against them already. So serious are these zero-day security issues that the U.S. Cybersecurity and ...
- Chinese cyber attack sparks alert over six year old MS vuln
August 5, 2024
The United States Cybersecurity and Infrastructure Security Agency (CISA) has added a Microsoft vulnerability dating back to 2018 to its Known Exploited Vulnerabilities (KEV) catalogue after evidence emerged that it is being used in an attack chain by the China-backed APT41 advanced persistent threat group. CVE-2018-0824 was first addressed by Microsoft in the May 2018 Patch ...
- Microsoft says cyber-attack triggered latest outage
July 30, 2024
A global outage affecting Microsoft products including email service Outlook and video game Minecraft has been resolved, the technology giant said in an update, external. The firm said preliminary investigations show the outage was caused by a cyber-attack and a failure to properly defend against it. Earlier, the company issued an apology for the incident, which ...