Graph: Growing number of threats leveraging Microsoft API

216.73.216.6

Graph: Growing number of threats leveraging Microsoft API

· Published 03/05/2024 09:05 · Modified 03/05/2024 09:47

Essential information

Published: 03/05/2024 09:05
Modified: 03/05/2024 09:47
Tags: 2024-05-03 birdyclient bluelight bs2005 espionage graphican graphite graphon ketrican onedrivebirdyclient siestagraph
Related entities: 10 observables, 6 techniques (mitre), 7 malware

Description

An increasing number of cyber threats have adopted the use of the Microsoft Graph API to facilitate covert communications with command-and-control infrastructure hosted on Microsoft cloud services. This technique helps attackers blend in with legitimate traffic to cloud platforms and obtain infrastructure at low cost.

External references

https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/graph-api-threats
https://otx.alienvault.com/pulse/6634a8d8731e63a10976c584

Graph: Growing number of threats leveraging Microsoft API

Essential information

Description

Related entities

Observables (10)

Techniques (MITRE) (6)

Malware (7)

External references