Dick O'Brien from Symantec Threat Hunter team is discussing their research on “Graph: Growing number of threats leveraging Microsoft API.” The team observed an increasing number of threats that have begun to leverage the Microsoft Graph API, usually to facilitate communications with command-and-control (C&C) infrastructure hosted on Microsoft cloud services.
The research states "the technique was most recently used in an attack against an organization in Ukraine, where a previously undocumented piece of malware used the Graph API to leverage Microsoft OneDrive for C&C purposes."
The research can be found here:
Leading the charge in cybercrime take downs.
A dark web take down.
14 million customers and stolen data.
Oren Koren: Crossing music and cybersecurity. [Career Notes]
Shedding light on fighting Ursa. [Research Saturday]
Remapping privacy.
Taking down the storm.
The United Kingdom's catastrophic ransomware attack.
An internet blackout.
China sets sights on US critical infrastructure.
Encore: Tracy Maleeff: Ask more people to dance. [Analyst] [Career Notes]
AWS in Orbit: Monitoring critical road infrastructure at scale with Alteia and the World Bank. [T-Minus AWS in Orbit]
On the hunt for popping up kernel drives. [Research Saturday]
Russia here, Russia there, Russia everywhere.
New vulnerability packs a punch.
Push notifications pushing surveillance.
Sleeper malware denied at Sellafield nuclear site.
Iran behind attacks on PLCs.
Bernard Brantley: Tomorrow is a new day. [CISO] [Career Notes]
Exploits and vulnerabilities. [Research Saturday]
Create your
podcast in
minutes
It is Free
The WAN Show
The 404 Media Podcast
Cyber Security Headlines
Babbage from The Economist
Cybersecurity Today