{"id":1055,"date":"2018-05-21T21:44:51","date_gmt":"2018-05-21T21:44:51","guid":{"rendered":"https:\/\/kasperskycontenthub.com\/threatpost\/?p=132161"},"modified":"2018-05-21T21:44:51","modified_gmt":"2018-05-21T21:44:51","slug":"malicious-php-script-infects-2400-websites-in-the-past-week","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/malicious-php-script-infects-2400-websites-in-the-past-week\/","title":{"rendered":"Malicious PHP Script Infects 2,400 Websites in the Past Week"},"content":{"rendered":"<div class=\"media_block\"><\/div>\n<p>A botnet dubbed Brain Food is giving webmasters indigestion with related attacks that push bogus diet pills and IQ-boosting pills via web pages hosted on legitimate sites. So far, spammers have been successful, thanks to\u00a0an effective Hypertext Preprocessor (PHP) script (also called Brain Food) that has adroitly avoided detection on websites hosting the pitches.<\/p>\n<p>Over the past four months, researchers at Proofpoint said they have tracked 5,000 Brain Food compromised websites. In a <a href=\"https:\/\/www.proofpoint.com\/us\/threat-insight\/post\/brain-food-botnet-gives-website-operators-heartburn\">post outlining its research Friday<\/a>, Proofpoint said 2,400 of those compromised sites have been active over the past seven days pushing dubious pills under the false premise\u00a0the product claims made were originally on television shows Shark Tank and on identified as Entertainment Today.<\/p>\n<p>\u201cWhile this botnet is small compared to other spam sending infrastructure, the size of this botnet is sufficient to provide the operators with easily reconfigured redirects,\u201d wrote Kevin Epstein, VP Threat Operations, at Proofpoint in an email interview with Threatpost.<\/p>\n<p>Domain registrar and hosting firm GoDaddy has been disproportionately impacted by the Brain Food script, accounting for 40 percent of the 5,000 compromised sites. That\u2019s followed by hosting firms DreamHost, UnitedLayer and CyrusOne.<\/p>\n<p>\u201cAn individual website may contain multiple copies of the PHP script. We have observed this script installed on websites using different content management systems including WordPress and Joomla,\u201d researchers wrote.<\/p>\n<p>Spam attacks hit inboxes in the form of stripped down email messages typically with no subject and basic greeting (see below).<\/p>\n<p><a href=\"https:\/\/media.kasperskycontenthub.com\/wp-content\/uploads\/sites\/31\/2018\/05\/21172418\/Brain-Food-Spam-Example.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-132162 size-large\" src=\"https:\/\/media.kasperskycontenthub.com\/wp-content\/uploads\/sites\/31\/2018\/05\/21172418\/Brain-Food-Spam-Example-1024x322.png\" alt=\"\" width=\"1024\" height=\"322\"\/><\/a><\/p>\n<p>The body of the message contained a URL shortener link using Google\u2019s goog.gl and bit.ly. Spammers had been blocked by Google\u2019s URL shortener service when Google stopped allowing anonymous users from creating goo.gl links. \u201cBy the end of April, the spammer appears to have found a means of\u00a0 circumventing the Google restrictions,\u201d wrote researchers.<\/p>\n<p>Recipients who click on the link are redirected to the compromised website that hosts the diet or intelligence-boosting pill pitch.<\/p>\n<p><strong>Brain Food: Malicious PHP Script<\/strong><\/p>\n<p>The script itself employs several layers of defense to evade detection by researchers and search engine crawlers. \u201cThe code is polymorphic and obfuscated with multiple layers of base64 encoding,\u201d they said. \u201cA version recently uploaded to a malware repository was not flagged by any antivirus engine.\u201d<\/p>\n<p>When a site is infected with the malicious Brain Food PHP code and crawled, the script redirects to the correct page. Next, it staggers for five seconds and \u201credirects to the root of the compromised domain, delays and returns nothing, or redirects to the UNICEF website,\u201d researchers said.<\/p>\n<p>\u201cThe attackers want victims to get redirected. But it wants search engines, analysts and sandboxes to get redirected to an innocuous site \u2013 whether it be the root of the compromised domain or the UNICEF website. The built-in delays are enough for many automated analysis systems to time out without detecting a potentially malicious redirect,\u201d Epstein said.<\/p>\n<p>Criminals maintain control over the landing pages and keep stats on the campaigns from C2 servers prostodomen1[.]com and thptlienson[.]com.<\/p>\n<p>Even more worrisome, is a backdoor in the Brain Food code that allows \u201cremote execution of shell code on web servers which are configured to allow the PHP \u2018system\u2019 command,\u201d researchers wrote.<\/p>\n<p>Epstein told Threatpost, the backdoor feature is not currently being utilized. \u201cMany web hosts do not allow access to the PHP system command. Exact potential impact depends on backend configurations and security settings,\u201d he said.<\/p>\n<p>READ MORE <a href=\"https:\/\/threatpost.com\/malicious-php-script-infects-2400-websites-in-the-past-week\/132161\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>A botnet called Brain Food is pushing diet pills via infected WordPress and Joomla websites. READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":1056,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[3],"tags":[662,663,664,211,665,666,667,28,668,669,69],"class_list":["post-1055","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-threatpost","tag-brain-food","tag-cyrusone","tag-dreamhost","tag-featured","tag-godaddy","tag-hypertext-preprocessor","tag-malicious-php-script","tag-malware","tag-unicef","tag-unitedlayer","tag-web-security"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Malicious PHP Script Infects 2,400 Websites in the Past Week 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/malicious-php-script-infects-2400-websites-in-the-past-week\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Malicious PHP Script Infects 2,400 Websites in the Past Week 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/malicious-php-script-infects-2400-websites-in-the-past-week\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2018-05-21T21:44:51+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/malicious-php-script-infects-2400-websites-in-the-past-week.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"322\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/malicious-php-script-infects-2400-websites-in-the-past-week\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/malicious-php-script-infects-2400-websites-in-the-past-week\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Malicious PHP Script Infects 2,400 Websites in the Past Week\",\"datePublished\":\"2018-05-21T21:44:51+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/malicious-php-script-infects-2400-websites-in-the-past-week\\\/\"},\"wordCount\":573,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/malicious-php-script-infects-2400-websites-in-the-past-week\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/05\\\/malicious-php-script-infects-2400-websites-in-the-past-week.png\",\"keywords\":[\"Brain Food\",\"CyrusOne\",\"Dreamhost\",\"Featured\",\"GoDaddy\",\"Hypertext Preprocessor\",\"Malicious PHP Script\",\"Malware\",\"UNICEF\",\"UnitedLayer\",\"Web Security\"],\"articleSection\":[\"Threatpost\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/malicious-php-script-infects-2400-websites-in-the-past-week\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/malicious-php-script-infects-2400-websites-in-the-past-week\\\/\",\"name\":\"Malicious PHP Script Infects 2,400 Websites in the Past Week 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/malicious-php-script-infects-2400-websites-in-the-past-week\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/malicious-php-script-infects-2400-websites-in-the-past-week\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/05\\\/malicious-php-script-infects-2400-websites-in-the-past-week.png\",\"datePublished\":\"2018-05-21T21:44:51+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/malicious-php-script-infects-2400-websites-in-the-past-week\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/malicious-php-script-infects-2400-websites-in-the-past-week\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/malicious-php-script-infects-2400-websites-in-the-past-week\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/05\\\/malicious-php-script-infects-2400-websites-in-the-past-week.png\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/05\\\/malicious-php-script-infects-2400-websites-in-the-past-week.png\",\"width\":1024,\"height\":322},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/malicious-php-script-infects-2400-websites-in-the-past-week\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Brain Food\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/brain-food\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Malicious PHP Script Infects 2,400 Websites in the Past Week\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Malicious PHP Script Infects 2,400 Websites in the Past Week 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/malicious-php-script-infects-2400-websites-in-the-past-week\/","og_locale":"en_US","og_type":"article","og_title":"Malicious PHP Script Infects 2,400 Websites in the Past Week 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/malicious-php-script-infects-2400-websites-in-the-past-week\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2018-05-21T21:44:51+00:00","og_image":[{"width":1024,"height":322,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/malicious-php-script-infects-2400-websites-in-the-past-week.png","type":"image\/png"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/malicious-php-script-infects-2400-websites-in-the-past-week\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/malicious-php-script-infects-2400-websites-in-the-past-week\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Malicious PHP Script Infects 2,400 Websites in the Past Week","datePublished":"2018-05-21T21:44:51+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/malicious-php-script-infects-2400-websites-in-the-past-week\/"},"wordCount":573,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/malicious-php-script-infects-2400-websites-in-the-past-week\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/malicious-php-script-infects-2400-websites-in-the-past-week.png","keywords":["Brain Food","CyrusOne","Dreamhost","Featured","GoDaddy","Hypertext Preprocessor","Malicious PHP Script","Malware","UNICEF","UnitedLayer","Web Security"],"articleSection":["Threatpost"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/malicious-php-script-infects-2400-websites-in-the-past-week\/","url":"https:\/\/www.threatshub.org\/blog\/malicious-php-script-infects-2400-websites-in-the-past-week\/","name":"Malicious PHP Script Infects 2,400 Websites in the Past Week 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/malicious-php-script-infects-2400-websites-in-the-past-week\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/malicious-php-script-infects-2400-websites-in-the-past-week\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/malicious-php-script-infects-2400-websites-in-the-past-week.png","datePublished":"2018-05-21T21:44:51+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/malicious-php-script-infects-2400-websites-in-the-past-week\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/malicious-php-script-infects-2400-websites-in-the-past-week\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/malicious-php-script-infects-2400-websites-in-the-past-week\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/malicious-php-script-infects-2400-websites-in-the-past-week.png","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/malicious-php-script-infects-2400-websites-in-the-past-week.png","width":1024,"height":322},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/malicious-php-script-infects-2400-websites-in-the-past-week\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Brain Food","item":"https:\/\/www.threatshub.org\/blog\/tag\/brain-food\/"},{"@type":"ListItem","position":3,"name":"Malicious PHP Script Infects 2,400 Websites in the Past Week"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/1055","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=1055"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/1055\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/1056"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=1055"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=1055"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=1055"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}