#nationstateespionage

Microsoft Graph API Emerges as a Top Attacker Tool to Plot Data Theft

by

May 2, 2024 at 06:08AM Nation-state espionage is increasingly using Microsoft’s services for their command-and-control needs, finding it more economical and effective than maintaining their own infrastructure. For example, Symantec discovered “BirdyClient,” a malware leveraging Microsoft Graph to operate through OneDrive. Multiple groups, including APT37 and Cozy Bear, have used this technique, requiring organizations to … Read more

Russians invade Microsoft’s exec mail while China jabs at VMware vCenter Server

by

January 19, 2024 at 07:15PM Chinese cyberspies have been exploiting a VMware security vulnerability, CVE-2023-34048, allowing them to hijack vulnerable servers. Meanwhile, a Moscow-backed group breached a small percentage of Microsoft corporate email accounts. Additionally, CISA issued an emergency directive to mitigate Ivanti Connect Secure zero-days, likely targeted by Chinese nation-state attackers. Persistent concerns exist … Read more