{"id":12391,"date":"2018-09-11T13:54:57","date_gmt":"2018-09-11T13:54:57","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/british-airways-hack-infosec-experts-finger-third-party-scripts-on-payment-pages\/"},"modified":"2018-09-11T13:54:57","modified_gmt":"2018-09-11T13:54:57","slug":"british-airways-hack-infosec-experts-finger-third-party-scripts-on-payment-pages","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/british-airways-hack-infosec-experts-finger-third-party-scripts-on-payment-pages\/","title":{"rendered":"British Airways hack: Infosec experts finger third-party scripts on payment pages"},"content":{"rendered":"

Security experts are debating the cause of the British Airways mega-breach, with external scripts on its payment systems emerging as a prime suspect in the hack.<\/p>\n

BA has said little related to the cause of the breach, much less who might have carried it out. Security vendor RiskIQ has advanced the theory<\/a> that malicious code was planted on the airline\u2019s payments page, via a modified version of the Modernizr JavaScript library. To carry out the attack in this way, hackers would have had to modify JavaScript files without hobbling its core functionality.<\/p>\n

The added code then uploaded data to a server hosted on baways.com<\/a>, according to RiskIQ. \u201cThe infrastructure used in this attack was set up only with British Airways in mind and purposely targeted scripts that would blend in with normal payment processing to avoid detection,\u201d the firm said in a blog post. \u201cThe domain was hosted on 89.47.162.248 which is located in Romania and is, in fact, part of a VPS provider named Time4VPS based in Lithuania. The actors also loaded the server with an SSL certificate.\u201d<\/p>\n

The suspect code was loaded from BA\u2019s baggage claim information page, RiskIQ claimed.<\/p>\n

The info-stealing script on the web app was replicated on the mobile app. Based on the techniques and tactics employed in the hack, the security firm concluded it had been pulled off by a hacking crew called Magecart, which has been active since 2015 and was previously blamed for the recent Ticketmaster breach<\/a>. According to RiskIQ:<\/p>\n

\n

Magecart set up custom, targeted infrastructure to blend in with the British Airways website specifically and avoid detection for as long as possible. While we can never know how much reach the attackers had on the British Airways servers, the fact that they were able to modify a resource for the site tells us the access was substantial.<\/p>\n<\/blockquote>\n

\"BA<\/a><\/p>\n

Suspicious script tag supposedly added by Magecart on BA website. Pic: RisqIQ<\/em><\/p>\n<\/div>\n

\"BA<\/a><\/p>\n

That alleged BA attack script in detail. Pic: RisqIQ<\/em><\/p>\n<\/div>\n

The credit-card skimming group has previously specialised in messing with popular third-party scripts to gain access to hundreds of sites at one go. The BA hack was more targeted but nonetheless bore the hallmarks of the group, according to RiskIQ.<\/p>\n

\n

Payment pages: Stick to the script<\/h3>\n

The issue provoked a debate among security experts about running external scripts on a payment page and whether this risked PCI non-compliance.<\/p>\n

Brian Honan, an infosec consultant who founded and led Ireland’s first CSIRT, said:<\/p>\n

\u201cIf the third party scripts were responsible via iFrames then there are certain controls that should be in place from a PCI DSS perspective. I cannot tell whether those controls were in place or not as I do not have access to the BA site to do so. So in summary, yes you can use iFrames and third party scripts under PCI DSS but you need to secure them according to the guidelines from PCI DSS.\u201d<\/p>\n

Professor Alan Woodward of Surrey University pointed out that third-party scripts were central to the recent Ticketmaster breach<\/a>. He urged developers to stay away from the practice.<\/p>\n

\u201cIt is problematic. Or rather it might be. If any of the suppliers from those seven domains were compromised then their files could have been modified to include scripts that grab credit card data as it is input.\u201d<\/p>\n

\u201cThat\u2019s why PCI says that compliance should be dependent upon using only that software necessary on the payment processing page,\u201d Woodward added.<\/p>\n<\/div>\n

El Reg<\/em> offered BA a chance to respond to RiskIQ\u2019s analysis – which involved an analysis of contemporaneously collected scans of scripts on BA\u2019s website over time. BA declined. \u201cAs this is a criminal investigation, we are unable to comment on speculation,\u201d a spokesman said.<\/p>\n

BA’s payment page still loads content from seven external domains. Marcus Greenwood, chief exec of cloud-based automation firm UBIO, argued these various analytic, customer service and testing tools ought to be kept well away from payment pages.<\/p>\n

“Crucially there is also no ‘iframe’ isolation of the payment card fields,” he said in a blog post<\/a> exploring whether the airline could still be vulnerable to attack. “This is bad because it is trivial for any JavaScript file loaded to steal the card details and post to another third-party domain” he said, noting the site hosted third party scripts, including from external domains that the company itself owns, on the payment page.<\/p>\n

BA last week admitted<\/a> that personal and payment card info for 380,000 customers had been swiped from its site between 21 August and 5 September. The airline said on Friday that an unnamed security partner detected the breach, which has already been resolved.<\/p>\n

Security researcher Mustafa Al-Bassam said<\/a> BA had switched around the third-party JavaScript code loaded onto its website in response to a privacy complaint he’d initiated. These changes \u2013 only applied in the month running up to the breach \u2013 related to running third-party ads and trackers (including LinkedIn, Twitter and DoubleClick) on a booking page.<\/p>\n

Al-Bassam complained that prior to the changes it wasn’t possible to buy tickets from BA without temporarily disabling ad-blockers or making a specific exception for the airline\u2019s site.<\/p>\n

Greenwood alleged that even after these changes and post-breach remediation, BA’s site was insecure (as of Friday, 7 September).<\/p>\n

El Reg<\/em> put this to BA alongside a renewed request to comment on the cause of the breach. We’re yet to hear back but will update this story if we hear more. \u00ae<\/p>\n

Sponsored:<\/span> Following Bottomline\u2019s journey to the Hybrid Cloud<\/a><\/p>\n

READ MORE HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Airline yet to reveal breach’s cause Security experts are debating the cause of the British Airways mega-breach, with external scripts on its payment systems emerging as a prime suspect in the hack.\u2026 READ MORE HERE…<\/p>\n","protected":false},"author":2,"featured_media":12392,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-12391","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-register"],"yoast_head":"\nBritish Airways hack: Infosec experts finger third-party scripts on payment pages 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/british-airways-hack-infosec-experts-finger-third-party-scripts-on-payment-pages\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"British Airways hack: Infosec experts finger third-party scripts on payment pages 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/british-airways-hack-infosec-experts-finger-third-party-scripts-on-payment-pages\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2018-09-11T13:54:57+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/09\/british-airways-hack-infosec-experts-finger-third-party-scripts-on-payment-pages.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"648\" \/>\n\t<meta property=\"og:image:height\" content=\"395\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/british-airways-hack-infosec-experts-finger-third-party-scripts-on-payment-pages\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/british-airways-hack-infosec-experts-finger-third-party-scripts-on-payment-pages\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"British Airways hack: Infosec experts finger third-party scripts on payment pages\",\"datePublished\":\"2018-09-11T13:54:57+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/british-airways-hack-infosec-experts-finger-third-party-scripts-on-payment-pages\\\/\"},\"wordCount\":932,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/british-airways-hack-infosec-experts-finger-third-party-scripts-on-payment-pages\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/09\\\/british-airways-hack-infosec-experts-finger-third-party-scripts-on-payment-pages.jpg\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/british-airways-hack-infosec-experts-finger-third-party-scripts-on-payment-pages\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/british-airways-hack-infosec-experts-finger-third-party-scripts-on-payment-pages\\\/\",\"name\":\"British Airways hack: Infosec experts finger third-party scripts on payment pages 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/british-airways-hack-infosec-experts-finger-third-party-scripts-on-payment-pages\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/british-airways-hack-infosec-experts-finger-third-party-scripts-on-payment-pages\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/09\\\/british-airways-hack-infosec-experts-finger-third-party-scripts-on-payment-pages.jpg\",\"datePublished\":\"2018-09-11T13:54:57+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/british-airways-hack-infosec-experts-finger-third-party-scripts-on-payment-pages\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/british-airways-hack-infosec-experts-finger-third-party-scripts-on-payment-pages\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/british-airways-hack-infosec-experts-finger-third-party-scripts-on-payment-pages\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/09\\\/british-airways-hack-infosec-experts-finger-third-party-scripts-on-payment-pages.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/09\\\/british-airways-hack-infosec-experts-finger-third-party-scripts-on-payment-pages.jpg\",\"width\":648,\"height\":395},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/british-airways-hack-infosec-experts-finger-third-party-scripts-on-payment-pages\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"British Airways hack: Infosec experts finger third-party scripts on payment pages\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"British Airways hack: Infosec experts finger third-party scripts on payment pages 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/british-airways-hack-infosec-experts-finger-third-party-scripts-on-payment-pages\/","og_locale":"en_US","og_type":"article","og_title":"British Airways hack: Infosec experts finger third-party scripts on payment pages 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/british-airways-hack-infosec-experts-finger-third-party-scripts-on-payment-pages\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2018-09-11T13:54:57+00:00","og_image":[{"width":648,"height":395,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/09\/british-airways-hack-infosec-experts-finger-third-party-scripts-on-payment-pages.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/british-airways-hack-infosec-experts-finger-third-party-scripts-on-payment-pages\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/british-airways-hack-infosec-experts-finger-third-party-scripts-on-payment-pages\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"British Airways hack: Infosec experts finger third-party scripts on payment pages","datePublished":"2018-09-11T13:54:57+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/british-airways-hack-infosec-experts-finger-third-party-scripts-on-payment-pages\/"},"wordCount":932,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/british-airways-hack-infosec-experts-finger-third-party-scripts-on-payment-pages\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/09\/british-airways-hack-infosec-experts-finger-third-party-scripts-on-payment-pages.jpg","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/british-airways-hack-infosec-experts-finger-third-party-scripts-on-payment-pages\/","url":"https:\/\/www.threatshub.org\/blog\/british-airways-hack-infosec-experts-finger-third-party-scripts-on-payment-pages\/","name":"British Airways hack: Infosec experts finger third-party scripts on payment pages 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/british-airways-hack-infosec-experts-finger-third-party-scripts-on-payment-pages\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/british-airways-hack-infosec-experts-finger-third-party-scripts-on-payment-pages\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/09\/british-airways-hack-infosec-experts-finger-third-party-scripts-on-payment-pages.jpg","datePublished":"2018-09-11T13:54:57+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/british-airways-hack-infosec-experts-finger-third-party-scripts-on-payment-pages\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/british-airways-hack-infosec-experts-finger-third-party-scripts-on-payment-pages\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/british-airways-hack-infosec-experts-finger-third-party-scripts-on-payment-pages\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/09\/british-airways-hack-infosec-experts-finger-third-party-scripts-on-payment-pages.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/09\/british-airways-hack-infosec-experts-finger-third-party-scripts-on-payment-pages.jpg","width":648,"height":395},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/british-airways-hack-infosec-experts-finger-third-party-scripts-on-payment-pages\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"British Airways hack: Infosec experts finger third-party scripts on payment pages"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/12391","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=12391"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/12391\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/12392"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=12391"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=12391"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=12391"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}