Graph API - Cybersec Sentinel

Graph API

A collection of 2 posts

Malware Distribution Through Trusted Microsoft Graph API Channels

Malware Distribution Through Trusted Microsoft Graph API Channels

Threat Group: Various Advanced Persistent Threats (APTs) Threat Type: Malware Distribution, Data Exfiltration, Command-and-Control (C2) Exploited Vulnerabilities: Microsoft Graph API Abuse Malware Used: Havoc, FINALDRAFT, BirdyClient, Bluelight, Graphite, Graphican, SiestaGraph Threat Score: High (8.7/10) – Exploitation of trusted Microsoft services, advanced obfuscation, widespread potential data breaches. Last Threat Observation:

FINALDRAFT Malware Abuses Microsoft Services Stay One Step Ahead

FINALDRAFT Malware Abuses Microsoft Services Stay One Step Ahead

Threat Group: REF7707 Threat Type: Remote Access Trojan (RAT) Exploited Vulnerabilities: Abuse of Microsoft Graph API, Credential Theft via NTLM Hashes Malware Used: FINALDRAFT, PATHLOADER Threat Score: High (8.5/10) – Due to its advanced evasion techniques, use of legitimate cloud-based services for C2 communication, and its ability to compromise