An increasing number of threats have begun to leverage the Microsoft Graph API, usually to facilitate communications with command-and-control (C&C) infrastructure hosted on Microsoft cloud services.
The technique was most recently used in an attack against an organization in Ukraine, where a previously undocumented piece of malware used the Graph API to leverage Microsoft OneDrive for C&C purposes.
Read more…
Source: Symantec
Related:
- Dridex Campaigns Hitting Millions of Recipients Using Unpatched Microsoft Zero-Day
April 10, 2017
This weekend saw multiple reports of a new zero-day vulnerability that affected all versions of Microsoft Word. Today, Proofpoint researchers observed the document exploit being used in a large email campaign distributing the Dridex banking Trojan. This campaign was sent to millions of recipients across numerous organizations primarily in Australia. This represents a significant level of ...
- Credit card details and passwords of MILLIONS of users have been leaked online by Microsoft’s Docs.com
March 28, 2017
Credit card details, passwords and social security numbers are just some of the highly sensitive documents leaked by an online sharing site. Computer security researchers have revealed that Microsoft’s Docs.com is automatically sharing data – which users believed they were distributing privately among colleagues – with the public. Anyone using the site’s search engine can access this ...