{"id":24642,"date":"2019-01-24T22:00:00","date_gmt":"2019-01-24T22:00:00","guid":{"rendered":"https:\/\/www.darkreading.com\/attacks-breaches\/cyberattackers-bait-financial-firms-with-google-cloud-platform\/d\/d-id\/1333729"},"modified":"2019-01-24T22:00:00","modified_gmt":"2019-01-24T22:00:00","slug":"cyberattackers-bait-financial-firms-with-google-cloud-platform","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/cyberattackers-bait-financial-firms-with-google-cloud-platform\/","title":{"rendered":"Cyberattackers Bait Financial Firms with Google Cloud Platform"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/twimgs.com\/nojitter\/darkreading\/dr-logo.jpg\" class=\"ff-og-image-inserted\"\/><\/div>\n<header>\n<\/header>\n<p><span class=\"strong black\">A new wave of attacks abuses the Google Cloud Platform URL redirection in PDF decoys, sending users to a malicious link.<\/span> <\/p>\n<p class=\"\">Researchers have spotted a trend in targeted themed attacks using the App Engine Google Cloud Platform (GCP) to deliver malware via PDF decoys. The threat has so far been detected across 42 organizations, mostly in the financial sector but also within governments worldwide.<\/p>\n<p>This attack is more convincing than traditional attacks because the URL hosting the malware redirects the host URL to Google App Engine, explain Netskope analysts in findings published today. Many decoys used were likely linked to threat actor group Cobalt Strike, they report.<\/p>\n<p>Netskope&#8217;s discovery was made earlier this year, when researchers saw common detections across 42 of its customers in the banking and finance industry. Further investigation showed detections were triggered by attachments in eml files; analysis revealed attacks were abusing Google App Engine on the GCP as bait to deliver malware to targets.<\/p>\n<p>&#8220;URL redirection mechanisms\/features are widely used and abused by threat actors to deceive victims into believing the malicious files are being delivered from a trusted source,&#8221; says Ashwin Vamshi, a Netskope security researcher and author of the report. &#8220;The usage of themed PDF decoys with enticing emails is a perfect choice since the payload seems to be originating from a trusted source, and popular PDF viewers enable users to easily whitelist domains.&#8221;<\/p>\n<p><strong>Sneak Attack, PDF Style<br \/><\/strong>PDF decoys typically arrive attached to emails designed to contain legitimate content and appear as though they&#8217;re coming from whitelisted sources. In this case, victims are tricked with a GoogleApp Engine URL, which is abused to redirect victims to malware. Because GCP is a trusted source among enterprise users, targets are unlikely to know they&#8217;re being duped.<\/p>\n<p>Most PDFs were created using Adobe Acrobat 18.0 and contain the malicious link. All decoys use HTTPS URLs to deliver the payload. Once they execute the PDF decoy and click the link, victims are logged out of Google App Engine and a response status code 302 is generated for URL redirection. Victims are taken to a landing page where a malicious file is downloaded onto their machines. In all cases, GCP App Engine validated the redirection and delivered the payload.<\/p>\n<p>The payload is a Microsoft Word document containing obfuscated macro code or PDF documents as the second-stage payload. When executed, it displays a message to victims prompting them to enable editing and content mode to view the file. If enabled, the macro is executed and downloads another stage payload, a tactic that makes attacks harder to analyze.<\/p>\n<p>PDF readers typically alert users when a document connects to a website with a &#8220;remember this action&#8221; pop-up, <a href=\"https:\/\/www.netskope.com\/blog\/targeted-attacks-abusing-google-cloud-platform-open-redirection\" target=\"_blank\">researchers say<\/a>. If users check the box, future URLs within the domain will connect without any prompt. Attackers can abuse this, launching several attacks without users seeing any kind of security warning after they approve redirection in their first notification.<\/p>\n<p>Admins may also have appengine.google.com whitelisted for legitimate reasons, another factor that makes it easier for adversaries to succeed with this type of attack.<\/p>\n<p><strong>Cobalt Strikes Again<br \/><\/strong>The Cobalt Strike threat group has a reputation for using various tactics, techniques, and procedures to target financial and banking firms using malware like Carbanak. It&#8217;s also known for using Cobalt Strike software, a white hat tool for conducting security assessments.<\/p>\n<p>The pattern continues in this series of attacks, which hit a range of financial and government targets across geographies. Victims included OmniPay (Asia), Metrobank Philippines, Travelex foreign exchange business, SKB Bank and RGS Bank in Russia, Bancosol, BancNet Online, India&#8217;s Ministry of External Affairs, Accuity, Bank of Alexandria, and Standard Bank, South Africa.<\/p>\n<p>&#8220;Based on the timeline of the emails sent to the potential targets, we expect the group to be actively carrying out attacks,&#8221; Vamshi says. The report notes that while emails were sent to targets from the threat actor, it&#8217;s possible the address may be spoofed with a forged sender.<\/p>\n<p>Netskope reported the abuse to Google on Jan. 10. Google responded by saying the open redirector exists by design. For those unfamiliar, open redirectors take users from a Google URL to another site chosen by whoever constructed the link. Since the attached URL in these malicious files is an unvalidated redirect, users are unknowingly taken to a malicious page.<\/p>\n<p>Users can recognize URL redirection abuse by hovering their mouse over hyperlinks before they click, Vamshi says. Organizations, especially financial institutions, should teach employees to recognize AWS, Azure, and GCP URLs so they can discern legitimate and malicious sites.<\/p>\n<p><strong>Related Content:<\/strong><\/p>\n<p><span class=\"italic\">Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance &amp; Technology, where she covered financial &#8230; <a href=\"https:\/\/www.darkreading.com\/author-bio.asp?author_id=837\">View Full Bio<\/a><\/span> <\/p>\n<p><span class=\"smaller strong red allcaps\">More Insights<\/span><\/p>\n<p> Read More <a href=\"https:\/\/www.darkreading.com\/attacks-breaches\/cyberattackers-bait-financial-firms-with-google-cloud-platform\/d\/d-id\/1333729?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>A new wave of attacks abuses the Google Cloud Platform URL redirection in PDF decoys, sending users to a malicious link. Read More <a href=\"https:\/\/www.darkreading.com\/attacks-breaches\/cyberattackers-bait-financial-firms-with-google-cloud-platform\/d\/d-id\/1333729?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple\">HERE<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[151],"tags":[],"class_list":["post-24642","post","type-post","status-publish","format-standard","hentry","category-darkreading-ti"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Cyberattackers Bait Financial Firms with Google Cloud Platform 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/cyberattackers-bait-financial-firms-with-google-cloud-platform\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Cyberattackers Bait Financial Firms with Google Cloud Platform 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/cyberattackers-bait-financial-firms-with-google-cloud-platform\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2019-01-24T22:00:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/twimgs.com\/nojitter\/darkreading\/dr-logo.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cyberattackers-bait-financial-firms-with-google-cloud-platform\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cyberattackers-bait-financial-firms-with-google-cloud-platform\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Cyberattackers Bait Financial Firms with Google Cloud Platform\",\"datePublished\":\"2019-01-24T22:00:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cyberattackers-bait-financial-firms-with-google-cloud-platform\\\/\"},\"wordCount\":817,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cyberattackers-bait-financial-firms-with-google-cloud-platform\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/twimgs.com\\\/nojitter\\\/darkreading\\\/dr-logo.jpg\",\"articleSection\":[\"DarkReading |TI\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cyberattackers-bait-financial-firms-with-google-cloud-platform\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cyberattackers-bait-financial-firms-with-google-cloud-platform\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cyberattackers-bait-financial-firms-with-google-cloud-platform\\\/\",\"name\":\"Cyberattackers Bait Financial Firms with Google Cloud Platform 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cyberattackers-bait-financial-firms-with-google-cloud-platform\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cyberattackers-bait-financial-firms-with-google-cloud-platform\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/twimgs.com\\\/nojitter\\\/darkreading\\\/dr-logo.jpg\",\"datePublished\":\"2019-01-24T22:00:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cyberattackers-bait-financial-firms-with-google-cloud-platform\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cyberattackers-bait-financial-firms-with-google-cloud-platform\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cyberattackers-bait-financial-firms-with-google-cloud-platform\\\/#primaryimage\",\"url\":\"https:\\\/\\\/twimgs.com\\\/nojitter\\\/darkreading\\\/dr-logo.jpg\",\"contentUrl\":\"https:\\\/\\\/twimgs.com\\\/nojitter\\\/darkreading\\\/dr-logo.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cyberattackers-bait-financial-firms-with-google-cloud-platform\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Cyberattackers Bait Financial Firms with Google Cloud Platform\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Cyberattackers Bait Financial Firms with Google Cloud Platform 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/cyberattackers-bait-financial-firms-with-google-cloud-platform\/","og_locale":"en_US","og_type":"article","og_title":"Cyberattackers Bait Financial Firms with Google Cloud Platform 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/cyberattackers-bait-financial-firms-with-google-cloud-platform\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2019-01-24T22:00:00+00:00","og_image":[{"url":"https:\/\/twimgs.com\/nojitter\/darkreading\/dr-logo.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/cyberattackers-bait-financial-firms-with-google-cloud-platform\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/cyberattackers-bait-financial-firms-with-google-cloud-platform\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Cyberattackers Bait Financial Firms with Google Cloud Platform","datePublished":"2019-01-24T22:00:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/cyberattackers-bait-financial-firms-with-google-cloud-platform\/"},"wordCount":817,"commentCount":0,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/cyberattackers-bait-financial-firms-with-google-cloud-platform\/#primaryimage"},"thumbnailUrl":"https:\/\/twimgs.com\/nojitter\/darkreading\/dr-logo.jpg","articleSection":["DarkReading |TI"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.threatshub.org\/blog\/cyberattackers-bait-financial-firms-with-google-cloud-platform\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/cyberattackers-bait-financial-firms-with-google-cloud-platform\/","url":"https:\/\/www.threatshub.org\/blog\/cyberattackers-bait-financial-firms-with-google-cloud-platform\/","name":"Cyberattackers Bait Financial Firms with Google Cloud Platform 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/cyberattackers-bait-financial-firms-with-google-cloud-platform\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/cyberattackers-bait-financial-firms-with-google-cloud-platform\/#primaryimage"},"thumbnailUrl":"https:\/\/twimgs.com\/nojitter\/darkreading\/dr-logo.jpg","datePublished":"2019-01-24T22:00:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/cyberattackers-bait-financial-firms-with-google-cloud-platform\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/cyberattackers-bait-financial-firms-with-google-cloud-platform\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/cyberattackers-bait-financial-firms-with-google-cloud-platform\/#primaryimage","url":"https:\/\/twimgs.com\/nojitter\/darkreading\/dr-logo.jpg","contentUrl":"https:\/\/twimgs.com\/nojitter\/darkreading\/dr-logo.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/cyberattackers-bait-financial-firms-with-google-cloud-platform\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Cyberattackers Bait Financial Firms with Google Cloud Platform"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/24642","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=24642"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/24642\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=24642"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=24642"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=24642"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}