Threat actors have been increasingly weaponizing Microsoft Graph API for malicious purposes with the aim of evading detection.
This is done to “facilitate communications with command-and-control (C&C) infrastructure hosted on Microsoft cloud services,” the Symantec Threat Hunter Team, part of Broadcom, said in a report shared with The Hacker News.
Source link
Hackers Increasingly Abusing Microsoft Graph API for Stealthy Malware Communications
Related Posts
Wherever There’s Ransomware, There’s Service Account Compromise. Are You Protected?
Until just a couple of years ago, only a handful of IAM pros knew what service accounts are. In the last years, these silent Non-Human-Identities (NHI) accounts have become one…
First Israel’s Exploding Pagers Maimed and Killed. Now Comes the Paranoia
“They don’t trust their smartphones, so they reach back to these more archaic devices, and those blow up. What’s next?” says Schneier. “Everything becomes less efficient, because they can’t communicate…