{"id":1871,"date":"2018-05-29T14:47:05","date_gmt":"2018-05-29T14:47:05","guid":{"rendered":"https:\/\/kasperskycontenthub.com\/threatpost\/?p=132325"},"modified":"2018-05-29T14:47:05","modified_gmt":"2018-05-29T14:47:05","slug":"brazilian-banking-trojan-communicates-via-microsoft-sql-server","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/brazilian-banking-trojan-communicates-via-microsoft-sql-server\/","title":{"rendered":"Brazilian Banking Trojan Communicates Via Microsoft SQL Server"},"content":{"rendered":"<div class=\"media_block\"><\/div>\n<div><img decoding=\"async\" src=\"https:\/\/media.kasperskycontenthub.com\/wp-content\/uploads\/sites\/31\/2018\/05\/29095908\/trojan_card_payment_data.png\" class=\"ff-og-image-inserted\"\/><\/div>\n<p>Researchers have discovered a banking trojan making waves in Brazil with an array of tricks up its sleeve, including using an unusual command and control (C&amp;C) server and a full-screen social-engineering overlay form.<\/p>\n<p>Researchers at IBM X-Force research on Tuesday revealed that attackers are using the malware \u2013 dubbed MnuBot \u2013mainly in Brazil to perform illegal transactions on victims\u2019 open banking sessions.<\/p>\n<p>\u201cMnuBot\u2026 has the same capabilities as most RATs,\u201d Tomer Agayev, threat research team lead at IBM security,\u00a0told Threatpost.\u00a0\u201cIt allows the attacker to gain remote access to the infected machine, including\u00a0displaying\u00a0fake windows of various banks on the victim\u2019s\u00a0machine.\u201d<\/p>\n<p>The remote access trojan (RAT) is unique in that it constantly queries the Microsoft SQL Database server for\u00a0commands to be performed, giving attackers better dynamic configurations and anti-research capabilities.<\/p>\n<p>\u201cMost malware in the wild today use a C&amp;C server which is based on some form of a web server or an IRC channel,\u201d Agayev wrote in a <a href=\"https:\/\/securityintelligence.com\/new-banking-trojan-mnubot-discovered-by-ibm-x-force-research\/\">blog post<\/a>. \u201cIn contrast, the MnuBot malware uses Microsoft SQL Server database server to communicate with the sample and send commands to be executed on the infected machine.\u201d<\/p>\n<p>Once it has infected a system, MnuBot also uses a tricky social engineering method called a full-screen overlay form, which keeps the user waiting while the attacker commits the fraud.<\/p>\n<p>Overlay forms, similar to those used by many other malware families in the region, are used to prevent the victims from accessing their open banking session inside the browser. A pop-up appears, and meanwhile, in the background, the attacker takes control over the user endpoint and attempts to perform an illegal transaction via that open banking session.<\/p>\n<p>Agayev said that data about the scope of the malware campaign is not public: \u201cMnuBot was discovered during\u00a0active research of new Brazilian malwares,\u00a0and\u2026 we can\u2019t disclose any additional information about its methods,\u201d he told Threatpost.<\/p>\n<p><strong>Two-Stage Attack Flow<\/strong><\/p>\n<p>The majority of Brazilian malware infects systems\u00a0via malicious email, although X-Force is still examining the infection methods, Agayev told Threatpost. After this initial infection,\u00a0MnuBot is built from two base components making up a two-stage attack flow, said researchers.<\/p>\n<p>In its first stage, MnuBot looks for a file called Desk.txt within the AppData Roaming folder, which\u00a0places data from applications onto whatever machine the user happens to be logged in on. This enables MnuBot to\u00a0know which desktop is currently running; the malware then constantly checks for a window name that is similar to one of the bank names in its configuration.<\/p>\n<p>Once it discovers one, it will query the server for the second stage executable according to the bank name that was found. The subsequent downloaded executable (C:\\Users\\Public\\Neon.exe) contains the meat of the attack by providing the attacker with full control over the victim\u2019s machine, according to Agayev.<\/p>\n<p>This executable also gives attackers abilities like keylogging, taking screenshots of desktops, restarting the victim\u2019s machines, creating a form to overlay the bank\u2019s forms and stealing user data in the form.<\/p>\n<p><strong>C&amp;C Server<\/strong><\/p>\n<p>MnuBot connects to the Microsoft SQL Database server in order to fetch the initial configuration by using SQL server details \u2013 such as server address, port, username and a password \u2013 which are hardcoded inside the sample.<\/p>\n<p>Attackers can dynamically change MnuBot\u2019s malicious activity, and once the authors take down the server, it becomes almost impossible for a researcher to reverse engineer the malware sample behavior.<\/p>\n<p>\u201cIt is most likely that MnuBot authors wanted to try to evade regular AV detection, which is based on the malware traffic. To do so they tried to wrap their malicious network communication using seemingly innocent MS SQL traffic,\u201d said researchers.<\/p>\n<p>Some of MnuBot\u2019s tricks are typical traits of malware families in Brazil, researchers said.<\/p>\n<p>\u201cMnuBot is an excellent example of many malware families in the Brazilian region,\u201d said Agayev. \u201cIt holds many characteristics that are typical of other recently discovered malware strains. For example, the overlaying forms and the new desktop creation are well-known techniques that malware authors in the region use today.\u201d<\/p>\n<p>READ MORE <a href=\"https:\/\/threatpost.com\/brazilian-banking-trojan-communicates-via-microsoft-sql-server\/132325\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Researchers have discovered a banking trojan making waves in Brazil with an array of tricks up its sleeve, including using an unusual command and control (C&#38;C) server. READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":1872,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[3],"tags":[301,28,913,914,915,331,332,355,916,19],"class_list":["post-1871","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-threatpost","tag-banking-trojan","tag-malware","tag-microsoft-sql-server","tag-mnubot","tag-overlay-form","tag-rat","tag-remote-access-trojan","tag-social-engineering","tag-trojan","tag-vulnerabilities"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Brazilian Banking Trojan Communicates Via Microsoft SQL Server 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/brazilian-banking-trojan-communicates-via-microsoft-sql-server\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Brazilian Banking Trojan Communicates Via Microsoft SQL Server 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/brazilian-banking-trojan-communicates-via-microsoft-sql-server\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2018-05-29T14:47:05+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/brazilian-banking-trojan-communicates-via-microsoft-sql-server.png\" \/>\n\t<meta property=\"og:image:width\" content=\"680\" \/>\n\t<meta property=\"og:image:height\" content=\"400\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/brazilian-banking-trojan-communicates-via-microsoft-sql-server\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/brazilian-banking-trojan-communicates-via-microsoft-sql-server\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Brazilian Banking Trojan Communicates Via Microsoft SQL Server\",\"datePublished\":\"2018-05-29T14:47:05+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/brazilian-banking-trojan-communicates-via-microsoft-sql-server\\\/\"},\"wordCount\":696,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/brazilian-banking-trojan-communicates-via-microsoft-sql-server\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/05\\\/brazilian-banking-trojan-communicates-via-microsoft-sql-server.png\",\"keywords\":[\"banking trojan\",\"Malware\",\"Microsoft SQL Server\",\"MnuBot\",\"Overlay Form\",\"RAT\",\"remote access Trojan\",\"Social Engineering\",\"Trojan\",\"Vulnerabilities\"],\"articleSection\":[\"Threatpost\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/brazilian-banking-trojan-communicates-via-microsoft-sql-server\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/brazilian-banking-trojan-communicates-via-microsoft-sql-server\\\/\",\"name\":\"Brazilian Banking Trojan Communicates Via Microsoft SQL Server 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/brazilian-banking-trojan-communicates-via-microsoft-sql-server\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/brazilian-banking-trojan-communicates-via-microsoft-sql-server\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/05\\\/brazilian-banking-trojan-communicates-via-microsoft-sql-server.png\",\"datePublished\":\"2018-05-29T14:47:05+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/brazilian-banking-trojan-communicates-via-microsoft-sql-server\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/brazilian-banking-trojan-communicates-via-microsoft-sql-server\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/brazilian-banking-trojan-communicates-via-microsoft-sql-server\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/05\\\/brazilian-banking-trojan-communicates-via-microsoft-sql-server.png\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/05\\\/brazilian-banking-trojan-communicates-via-microsoft-sql-server.png\",\"width\":680,\"height\":400},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/brazilian-banking-trojan-communicates-via-microsoft-sql-server\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"banking trojan\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/banking-trojan\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Brazilian Banking Trojan Communicates Via Microsoft SQL Server\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Brazilian Banking Trojan Communicates Via Microsoft SQL Server 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/brazilian-banking-trojan-communicates-via-microsoft-sql-server\/","og_locale":"en_US","og_type":"article","og_title":"Brazilian Banking Trojan Communicates Via Microsoft SQL Server 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/brazilian-banking-trojan-communicates-via-microsoft-sql-server\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2018-05-29T14:47:05+00:00","og_image":[{"width":680,"height":400,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/brazilian-banking-trojan-communicates-via-microsoft-sql-server.png","type":"image\/png"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/brazilian-banking-trojan-communicates-via-microsoft-sql-server\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/brazilian-banking-trojan-communicates-via-microsoft-sql-server\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Brazilian Banking Trojan Communicates Via Microsoft SQL Server","datePublished":"2018-05-29T14:47:05+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/brazilian-banking-trojan-communicates-via-microsoft-sql-server\/"},"wordCount":696,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/brazilian-banking-trojan-communicates-via-microsoft-sql-server\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/brazilian-banking-trojan-communicates-via-microsoft-sql-server.png","keywords":["banking trojan","Malware","Microsoft SQL Server","MnuBot","Overlay Form","RAT","remote access Trojan","Social Engineering","Trojan","Vulnerabilities"],"articleSection":["Threatpost"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/brazilian-banking-trojan-communicates-via-microsoft-sql-server\/","url":"https:\/\/www.threatshub.org\/blog\/brazilian-banking-trojan-communicates-via-microsoft-sql-server\/","name":"Brazilian Banking Trojan Communicates Via Microsoft SQL Server 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/brazilian-banking-trojan-communicates-via-microsoft-sql-server\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/brazilian-banking-trojan-communicates-via-microsoft-sql-server\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/brazilian-banking-trojan-communicates-via-microsoft-sql-server.png","datePublished":"2018-05-29T14:47:05+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/brazilian-banking-trojan-communicates-via-microsoft-sql-server\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/brazilian-banking-trojan-communicates-via-microsoft-sql-server\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/brazilian-banking-trojan-communicates-via-microsoft-sql-server\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/brazilian-banking-trojan-communicates-via-microsoft-sql-server.png","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/brazilian-banking-trojan-communicates-via-microsoft-sql-server.png","width":680,"height":400},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/brazilian-banking-trojan-communicates-via-microsoft-sql-server\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"banking trojan","item":"https:\/\/www.threatshub.org\/blog\/tag\/banking-trojan\/"},{"@type":"ListItem","position":3,"name":"Brazilian Banking Trojan Communicates Via Microsoft SQL Server"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/1871","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=1871"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/1871\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/1872"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=1871"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=1871"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=1871"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}