Dick O'Brien from Symantec Threat Hunter team is discussing their research on “Graph: Growing number of threats leveraging Microsoft API.” The team observed an increasing number of threats that have begun to leverage the Microsoft Graph API, usually to facilitate communications with command-and-control (C&C) infrastructure hosted on Microsoft cloud services.
The research states "the technique was most recently used in an attack against an organization in Ukraine, where a previously undocumented piece of malware used the Graph API to leverage Microsoft OneDrive for C&C purposes."
The research can be found here:
Stealth, command, exfiltrate: The three-headed cyber dragon of Crimson Palace.
A ticking clock to exploitation.
Ann Johnson: Trying to make the world safer. [Business Development] [Career Notes]
The playbook for outpacing China. [Research Saturday]
Blizzard warning: Russia’s GRU unleashes new cyber saboteurs.
U.S. rains on Russia’s fake news parade.
From secure to clone-tastic.
Brazil nixes Twitter’s successor.
AWS in Orbit: Building Opportunity with Axiom Space. [AWS in Orbit]
Tom Gorup: Fail fast and fail forward. [Operations]
The impact of CISO Circles and cultivating a security culture.
Pop goes the developer. [Research Saturday]
High stakes for high tech: California's AI safety regulations take center stage.
Crime, compliance, and controversy.
From screen share to spyware.
Cyber revolt or just digital ruckus?
From secret chats to public spats.
Ellen Sundra: Actions speak louder than words. [Engineering] [Career Notes]
Quantum-proof and ready: NIST unveils the future of encryption. [Special Edition]
MaaS infrastructure exposed. [Research Saturday]
Create your
podcast in
minutes
It is Free
Cyber Security Headlines
The WAN Show
Babbage from The Economist
Software Engineering Daily
Cybersecurity Today