ITmedia

検出困難なマルウェア「BirdyClient」とは? MS Graph APIも悪用すること ...

この記事は会員限定です。会員登録すると全てご覧いただけます。 GBHackers on Securityは2024年5月3日(現地時間)、新たなマルウェア「BirdyClient」(あるいは「OneDriveBirdyClient」)が「Microsoft Graph API」を悪用してMicrosoftクラウドサービスを介したコマンド ...
Redmond Magazine

Keeping Up with the Microsoft Graph API: What's New and What's Coming

The Graph API has seen incredible growth in the past year, and especially since the Build 2018 conference. We catch up with the latest additions to Microsoft's cloud APIs and new features in the ...

This serious Microsoft Entra flaw could have let hackers infiltrate any user, so patch now

Security researchers have found a critical vulnerability in Microsoft Entra ID which could have allowed threat actors to gain Global Administrator access to virtually anyone’s tenant - without being ...
MSN による配信

One token to pwn them all: Entra ID bug could have granted access to every tenant

The tokens allowed full access to the Azure AD Graph API in any tenant. Any hope that a log might save the day was also ... The upshot of the flaw was a possible compromise for any service that uses ...