Graph: Growing number of threats leveraging Microsoft API


An increasing number of threats have begun to leverage the Microsoft Graph API, usually to facilitate communications with command-and-control (C&C) infrastructure hosted on Microsoft cloud services.

The technique was most recently used in an attack against an organization in Ukraine, where a previously undocumented piece of malware used the Graph API to leverage Microsoft OneDrive for C&C purposes.

Read more…
Source: Symantec


Sign up for our Newsletter


Related:

  • Microsoft to Remove SMBv1 Protocol in Next Windows 10 Version (RedStone 3)

    June 20, 2017

    The Server Message Block version 1 (SMBv1) — a 30-year-old file sharing protocol which came to light last month after the devastating WannaCry outbreak — will be removed from the upcoming Windows 10 (1709) Redstone 3 Update. The SMBv1 is one of the internet’s most ancient networking protocols that allows the operating systems and applications to ...

  • Microsoft Issues Updates for 96 Vulnerabilities You Need to Patch this Month

    June 14, 2017

    As part of June’s Patch Tuesday, Microsoft has released security patches for a total of 96 security vulnerabilities across its products, including fixes for two vulnerabilities being actively exploited in the wild. This month’s patch release also includes emergency patches for unsupported versions of Windows platform the company no longer officially supports to fix three Windows ...

  • Microsoft To Buy Cybersecurity Firm Hexadite

    June 9, 2017

    Microsoft Corp. Thursday said it has signed an agreement to acquire U.S.- Israeli Cybersecurity startup Hexadite, which will add new tools and services to Microsoft’s enterprise security offerings. The financial terms were not disclosed, while the price reportedly would be around $100 million. Hexadite, headquartered in Boston with its research and development center in Israel, provides ...

  • Microsoft reportedly buys Israeli cybersecurity firm Hexadite

    May 24, 2017

    U.S. computing giant Microsoft is said to have acquired Israeli cybersecurity startup Hexadite for $100 million, the Hebrew language website Calcalist reported on Wednesday. The deal, if confirmed, would be the latest in a string of Microsoft acquisitions of Israeli software companies, many in the field of cybersecurity. Hexadite founded in Tel Aviv in 2014 and now ...

  • WannaCry: A new era of cyber security

    May 20, 2017

    When the “WannaCry” virus hit computers in at least 150 countries around the world, some called it the beginning of a new era – an era in which hackers have become experts at finding weak spots in our online security. There was also a kind of dawning realisation of how vulnerable organisations all over the globe ...

  • The government slashed NHS IT security contract despite warnings it would leave systems vulnerable to cyberattack

    May 13, 2017

    The UK government were repeatedly warned that NHS IT isystems were running on outdated operating systems that were vulnerable to attack, yet failed to ensure they were protected. Freedom of Information requests last sumer revealed that trusts across the country were still using Windows XP, despite a government contract with Microsoft to update protections for the system having ...