Graph: Growing number of threats leveraging Microsoft API


An increasing number of threats have begun to leverage the Microsoft Graph API, usually to facilitate communications with command-and-control (C&C) infrastructure hosted on Microsoft cloud services.

The technique was most recently used in an attack against an organization in Ukraine, where a previously undocumented piece of malware used the Graph API to leverage Microsoft OneDrive for C&C purposes.

Read more…
Source: Symantec


Sign up for our Newsletter


Related:

  • Researcher Discloses New Zero-Day Affecting All Versions of Windows

    September 21, 2018

    A security researcher has publicly disclosed an unpatched zero-day vulnerability in all supported versions of Microsoft Windows operating system (including server editions) after the company failed to patch a responsibly disclosed bug within the 120-days deadline. Discovered by Lucas Leong of the Trend Micro Security Research team, the zero-day vulnerability resides in Microsoft Jet Database Engine that could ...

  • Microsoft Windows zero-day vulnerability disclosed through Twitter

    August 28, 2018

    Microsoft has quickly reacted to the disclosure of a previously unknown zero-day vulnerability in the Windows operating system. On Monday, Twitter user SandboxEscaper revealed the existence of the bug on the microblogging platform. As reported by the Register, the user said: “Here is the alpc bug as 0day. I don’t f**king care about life anymore. Neither do I ...

  • Microsoft Releases Patches for 60 Flaws – Two Under Active Attack

    August 14, 2018

    Get your update caps on. Just a few minutes ago Microsoft released its latest monthly Patch Tuesday update for August 2018, patching a total of 60 vulnerabilities, of which 19 are rated as critical. The updates patch flaws in Microsoft Windows, Edge Browser, Internet Explorer, Office, ChakraCore, .NET Framework, Exchange Server, Microsoft SQL Server and Visual Studio. Two ...

  • Microsoft Offers $100,000 Bounty for Finding Bugs in Its Identity Services

    July 17, 2018

    Microsoft today launched a new bug bounty program for bug hunters and researchers finding security vulnerabilities in its “identity services.” Hacking into networks and stealing data have become common and easier than ever but not all data holds the same business value or carries the same risk. Since new security today depends on the collaborative communication of ...

  • Researchers Warn of Microsoft Zero-Day RCE Bug

    June 1, 2018

    Researchers have discovered a medium-severity Windows vulnerability that enables remote attackers to execute arbitrary code – and Microsoft hasn’t issued a patch yet. The flaw, which was first discovered by Dmitri Kaslov of Telspace Systems, exists within the handling of error objects in JScript, according to a Tuesday advisory by Trend Micro’s Zero Day Initiative group. Read more… Source: ...

  • Microsoft, Google: We’ve found a fourth variant of Meltdown-Spectre CPU holes

    May 21, 2018

    A fourth variant of the data-leaking Meltdown-Spectre security flaws in modern processors has been found by Microsoft and Google researchers. These speculative-execution design blunders can be potentially exploited by malicious software running on a vulnerable device or computer, or a miscreant logged into the system, to slowly extract secrets, such as passwords, from protected kernel or application memory, ...