The double-edged sword of cyber espionage. [Research Saturday]

Dick O'Brien from Symantec Threat Hunter team is discussing their research on “Graph: Growing number of threats leveraging Microsoft API.” The team observed an increasing number of threats that have begun to leverage the Microsoft Graph API, usually to facilitate communications with command-and-control (C&C) infrastructure hosted on Microsoft cloud services.
The research states "the technique was most recently used in an attack against an organization in Ukraine, where a previously undocumented piece of malware used the Graph API to leverage …

amp api cloud cloud services command command-and-control (c&amp communications control cyber cyber espionage espionage graph hunter infrastructure microsoft microsoft cloud microsoft graph api research services symantec team threat threats