{"id":15416,"date":"2018-10-10T21:21:00","date_gmt":"2018-10-10T21:21:00","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/who-needs-custom-malware-govt-backed-gallmaker-spy-crew-uses-off-the-shelf-wares\/"},"modified":"2018-10-10T21:21:00","modified_gmt":"2018-10-10T21:21:00","slug":"who-needs-custom-malware-govt-backed-gallmaker-spy-crew-uses-off-the-shelf-wares","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/who-needs-custom-malware-govt-backed-gallmaker-spy-crew-uses-off-the-shelf-wares\/","title":{"rendered":"Who needs custom malware? ‘Govt-backed’ Gallmaker spy crew uses off-the-shelf wares"},"content":{"rendered":"

A newly discovered spy gang is eschewing boutique attack tools to instead use publicly available exploits against unpatched systems.<\/p>\n

Known as Gallmaker, the cyber-espionage group is said to be targeting the embassies of an unnamed eastern European country and military defense installations in the Middle East. According to researchers at Symantec today, the crew has been operating since December of last year, relying entirely on code scraped from the public internet. We’re told the gang are “likely” to be backed by an unnamed government.<\/p>\n

“This group eschews custom malware and uses living off the land (LotL) tactics and publicly available hack tools to carry out activities that bear all the hallmarks of a cyber espionage campaign,” Symantec claimed<\/a>.<\/p>\n

“The most interesting aspect of Gallmaker\u2019s approach is that the group doesn\u2019t use malware in its operations. Rather, the attack activity we observed is carried out exclusively using LotL tactics and publicly available hack tools.”<\/p>\n

According to Symantec, the group feeds booby-trapped Microsoft Office documents to victims via email. These files, when opened, launch PowerShell scripts via Redmond’s much decried<\/a> Dynamic Data Exchange (DDE) protocol. These scripts then open up connections to a remote control server, and from there, the attackers hope to siphon data from the infected machines and, in some cases, delete files to cover their tracks.<\/p>\n

Note that these scripts exploit vulnerabilities in DDE that Microsoft patched in 2017 \u2013 so if you’re up to date with your software, or better, turned off DDE support, you’re all good for now. It’s possible that the code could run anyway, even if you’re patched, but only if a user or admin overrides the fix. In short, don’t enable DDE, and don’t allow users to reenable it.<\/p>\n

\"old\"\/<\/p>\n

Watch out for Microsoft Word DDE nasties: Now Freddie Mac menaced<\/h2>\n

READ MORE<\/span><\/a><\/div>\n

Because the group appears to be targeting a specific country’s embassies and a set of defense targets in the Middle East, Symantec believes the operation to be state-sponsored espionage.<\/p>\n

“Gallmaker\u2019s activity has been quite consistent since we started tracking it,” Symantec said.<\/p>\n

“The group has carried out attacks most months since December 2017. Its activity subsequently increased in the second quarter of 2018, with a particular spike in April 2018.”<\/p>\n

While the group is not using custom attack tools purpose built malware, researchers say that Gallmaker is in its own way a highly sophisticated operation.<\/p>\n

By relying on publicly available tools, the group makes itself harder to detect in the wild and difficult to distinguish from “regular” cybercrime activity or even legitimate data traffic. Symantec said it only caught on to the group after noticing the suspicious PowerShell commands used to communicate with the control servers.<\/p>\n

Researchers have been warning about the lowered barrier of entry for online espionage. Countries that were not thought to have the resources for sophisticated attacks have been able to repurpose<\/a> other countries’ tools or use public malware and leaked exploits for their own ends. \u00ae<\/p>\n

Sponsored:<\/span> Following Bottomline\u2019s journey to the Hybrid Cloud<\/a><\/p>\n

READ MORE HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Likely state hackers make do with ‘living off the land’ and going after tardy Office patchers A newly discovered spy gang is eschewing boutique attack tools to instead use publicly available exploits against unpatched systems.\u2026 READ MORE HERE…<\/p>\n","protected":false},"author":2,"featured_media":15417,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-15416","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-register"],"yoast_head":"\nWho needs custom malware? 'Govt-backed' Gallmaker spy crew uses off-the-shelf wares 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/who-needs-custom-malware-govt-backed-gallmaker-spy-crew-uses-off-the-shelf-wares\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Who needs custom malware? 'Govt-backed' Gallmaker spy crew uses off-the-shelf wares 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/who-needs-custom-malware-govt-backed-gallmaker-spy-crew-uses-off-the-shelf-wares\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2018-10-10T21:21:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/10\/who-needs-custom-malware-govt-backed-gallmaker-spy-crew-uses-off-the-shelf-wares.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"174\" \/>\n\t<meta property=\"og:image:height\" content=\"115\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/who-needs-custom-malware-govt-backed-gallmaker-spy-crew-uses-off-the-shelf-wares\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/who-needs-custom-malware-govt-backed-gallmaker-spy-crew-uses-off-the-shelf-wares\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Who needs custom malware? ‘Govt-backed’ Gallmaker spy crew uses off-the-shelf wares\",\"datePublished\":\"2018-10-10T21:21:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/who-needs-custom-malware-govt-backed-gallmaker-spy-crew-uses-off-the-shelf-wares\\\/\"},\"wordCount\":518,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/who-needs-custom-malware-govt-backed-gallmaker-spy-crew-uses-off-the-shelf-wares\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/10\\\/who-needs-custom-malware-govt-backed-gallmaker-spy-crew-uses-off-the-shelf-wares.jpg\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/who-needs-custom-malware-govt-backed-gallmaker-spy-crew-uses-off-the-shelf-wares\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/who-needs-custom-malware-govt-backed-gallmaker-spy-crew-uses-off-the-shelf-wares\\\/\",\"name\":\"Who needs custom malware? 'Govt-backed' Gallmaker spy crew uses off-the-shelf wares 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/who-needs-custom-malware-govt-backed-gallmaker-spy-crew-uses-off-the-shelf-wares\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/who-needs-custom-malware-govt-backed-gallmaker-spy-crew-uses-off-the-shelf-wares\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/10\\\/who-needs-custom-malware-govt-backed-gallmaker-spy-crew-uses-off-the-shelf-wares.jpg\",\"datePublished\":\"2018-10-10T21:21:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/who-needs-custom-malware-govt-backed-gallmaker-spy-crew-uses-off-the-shelf-wares\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/who-needs-custom-malware-govt-backed-gallmaker-spy-crew-uses-off-the-shelf-wares\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/who-needs-custom-malware-govt-backed-gallmaker-spy-crew-uses-off-the-shelf-wares\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/10\\\/who-needs-custom-malware-govt-backed-gallmaker-spy-crew-uses-off-the-shelf-wares.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/10\\\/who-needs-custom-malware-govt-backed-gallmaker-spy-crew-uses-off-the-shelf-wares.jpg\",\"width\":174,\"height\":115},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/who-needs-custom-malware-govt-backed-gallmaker-spy-crew-uses-off-the-shelf-wares\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Who needs custom malware? ‘Govt-backed’ Gallmaker spy crew uses off-the-shelf wares\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Who needs custom malware? 'Govt-backed' Gallmaker spy crew uses off-the-shelf wares 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/who-needs-custom-malware-govt-backed-gallmaker-spy-crew-uses-off-the-shelf-wares\/","og_locale":"en_US","og_type":"article","og_title":"Who needs custom malware? 'Govt-backed' Gallmaker spy crew uses off-the-shelf wares 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/who-needs-custom-malware-govt-backed-gallmaker-spy-crew-uses-off-the-shelf-wares\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2018-10-10T21:21:00+00:00","og_image":[{"width":174,"height":115,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/10\/who-needs-custom-malware-govt-backed-gallmaker-spy-crew-uses-off-the-shelf-wares.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/who-needs-custom-malware-govt-backed-gallmaker-spy-crew-uses-off-the-shelf-wares\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/who-needs-custom-malware-govt-backed-gallmaker-spy-crew-uses-off-the-shelf-wares\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Who needs custom malware? ‘Govt-backed’ Gallmaker spy crew uses off-the-shelf wares","datePublished":"2018-10-10T21:21:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/who-needs-custom-malware-govt-backed-gallmaker-spy-crew-uses-off-the-shelf-wares\/"},"wordCount":518,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/who-needs-custom-malware-govt-backed-gallmaker-spy-crew-uses-off-the-shelf-wares\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/10\/who-needs-custom-malware-govt-backed-gallmaker-spy-crew-uses-off-the-shelf-wares.jpg","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/who-needs-custom-malware-govt-backed-gallmaker-spy-crew-uses-off-the-shelf-wares\/","url":"https:\/\/www.threatshub.org\/blog\/who-needs-custom-malware-govt-backed-gallmaker-spy-crew-uses-off-the-shelf-wares\/","name":"Who needs custom malware? 'Govt-backed' Gallmaker spy crew uses off-the-shelf wares 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/who-needs-custom-malware-govt-backed-gallmaker-spy-crew-uses-off-the-shelf-wares\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/who-needs-custom-malware-govt-backed-gallmaker-spy-crew-uses-off-the-shelf-wares\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/10\/who-needs-custom-malware-govt-backed-gallmaker-spy-crew-uses-off-the-shelf-wares.jpg","datePublished":"2018-10-10T21:21:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/who-needs-custom-malware-govt-backed-gallmaker-spy-crew-uses-off-the-shelf-wares\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/who-needs-custom-malware-govt-backed-gallmaker-spy-crew-uses-off-the-shelf-wares\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/who-needs-custom-malware-govt-backed-gallmaker-spy-crew-uses-off-the-shelf-wares\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/10\/who-needs-custom-malware-govt-backed-gallmaker-spy-crew-uses-off-the-shelf-wares.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/10\/who-needs-custom-malware-govt-backed-gallmaker-spy-crew-uses-off-the-shelf-wares.jpg","width":174,"height":115},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/who-needs-custom-malware-govt-backed-gallmaker-spy-crew-uses-off-the-shelf-wares\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Who needs custom malware? ‘Govt-backed’ Gallmaker spy crew uses off-the-shelf wares"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/15416","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=15416"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/15416\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/15417"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=15416"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=15416"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=15416"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}