Webinar: Enabling a 360° View of Your Likely Threats & Security Posture - Watch On-demand Webinar Now!

Outlining a new SiestaGraph backdoor

Threat Advisories

Outlining a new SiestaGraph backdoor

Threat Level
Attack Report

For a detailed threat advisory, download the pdf file here


The Foreign Affairs Office of an Association of Southeast Asian Nations (ASEAN) member is targeted by multiple threat actors who are coordinating active campaigns via a vulnerable Microsoft Exchange server. Upon establishing access, the victim’s emails are exported. The attack chain begins with the execution of “SiestaGraph,” which is named for the long sleep timer and the way the backdoor leverages the Microsoft Graph API for command and control.

Sign up to receive our Weekly Threat Digest