{"id":24651,"date":"2019-01-25T00:31:21","date_gmt":"2019-01-25T00:31:21","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/youre-an-admin-youre-an-admin-youre-all-admins-thanks-to-this-microsoft-exchange-zero-day-and-exploit\/"},"modified":"2019-01-25T00:31:21","modified_gmt":"2019-01-25T00:31:21","slug":"youre-an-admin-youre-an-admin-youre-all-admins-thanks-to-this-microsoft-exchange-zero-day-and-exploit","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/youre-an-admin-youre-an-admin-youre-all-admins-thanks-to-this-microsoft-exchange-zero-day-and-exploit\/","title":{"rendered":"You’re an admin! You’re an admin! You’re all admins, thanks to this Microsoft Exchange zero-day and exploit"},"content":{"rendered":"

Microsoft Exchange appears to be currently vulnerable to a privilege escalation attack that allows any user with a mailbox to become a Domain Admin.<\/p>\n

On Thursday, Dirk-jan Mollema, a security researcher with Fox-IT in the Netherlands, published proof-of-concept code<\/a> and an explanation of the attack<\/a>, which involves the interplay of three separate issues.<\/p>\n

According to Mollema, the primary problem is that Exchange has high privileges by default in the Active Directory domain.<\/p>\n

“The Exchange Windows Permissions<\/code> group has WriteDacl<\/code> access on the Domain object in Active Directory, which enables any member of this group to modify the domain privileges, among which is the privilege to perform DCSync operations,” he explains in his post.<\/p>\n

This allows an attacker to synchronize the hashed passwords of the Active Directory users through a Domain Controller operation. Access to these hashed passwords allows the attacker to impersonate users and authenticate to any service using NTLM (a Microsoft authentication protocol) or Kerberos authentication within that domain.<\/p>\n

Mollema wasn’t immediately available to discuss his work due to time zone differences and the need to involve a media handler.<\/p>\n

The attack relies on two Python-based tools: privexchange.py<\/code> and ntlmrelayx.py<\/code>. It has been tested on Exchange 2013 (CU21) on Windows Server 2012 R2, relayed to (fully patched) Windows Server 2016 DC and Exchange 2016 (CU11) on Windows Server 2016, and relayed to a Server 2019 DC, again fully patched.<\/p>\n

Using NTLM, Mollema says it’s possible to transfer automatic Windows authentication, which occurs upon connection to the attacker’s machine, to other machines on the network.<\/p>\n

\"letters<\/p>\n

Welcome to 2019: Your Exchange server can be pwned by an email (and other bugs need fixing)<\/h2>\n

READ MORE<\/span><\/a><\/div>\n

How then to get Exchange to authenticate the attacker? Mollema points to a ZDI researcher who found a way<\/a> to obtain Exchange authentication using an arbitrary URL over HTTP through the Exchange PushSubscription<\/code> API using a reflection attack<\/a>.<\/p>\n

If this technique is instead used to perform a relay attack<\/a> against LDAP, taking advantage of Exchange’s high default privileges, it’s possible to for the attacker to obtain DCSync rights.<\/p>\n

Mollema describes several potential mitigations for the attack in his post. These include: reducing Exchange privileges on the Domain object; enabling LDAP signing and channel binding; blocking Exchange servers from connecting to arbitrary ports; enabling Extended Protection for Authentication on Exchange endpoints in IIS; removing the registry key that allows relaying; and enforcing SMB signing.<\/p>\n

In a statement emailed to The Register<\/em>, Microsoft avoided commenting on the specific vulnerability described by Mollema, but the wording of its coy, content-free reply suggests the company may issue a fix in February.<\/p>\n

\u201cMicrosoft has a strong commitment to security and a demonstrated track record of investigating and proactively updating impacted devices as soon as possible,” a Microsoft spokesperson said. “Our standard policy is to release security updates on Update Tuesday, the second Tuesday of each month.” \u00ae<\/p>\n

READ MORE HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Easily swapped hashed passwords gives Domain Admin rights via API call. Fix may land next month Microsoft Exchange appears to be currently vulnerable to a privilege escalation attack that allows any user with a mailbox to become a Domain Admin.\u2026 READ MORE HERE…<\/p>\n","protected":false},"author":2,"featured_media":24652,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-24651","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-register"],"yoast_head":"\nYou're an admin! You're an admin! You're all admins, thanks to this Microsoft Exchange zero-day and exploit 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/youre-an-admin-youre-an-admin-youre-all-admins-thanks-to-this-microsoft-exchange-zero-day-and-exploit\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"You're an admin! You're an admin! You're all admins, thanks to this Microsoft Exchange zero-day and exploit 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/youre-an-admin-youre-an-admin-youre-all-admins-thanks-to-this-microsoft-exchange-zero-day-and-exploit\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2019-01-25T00:31:21+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/01\/youre-an-admin-youre-an-admin-youre-all-admins-thanks-to-this-microsoft-exchange-zero-day-and-exploit.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"174\" \/>\n\t<meta property=\"og:image:height\" content=\"115\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/youre-an-admin-youre-an-admin-youre-all-admins-thanks-to-this-microsoft-exchange-zero-day-and-exploit\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/youre-an-admin-youre-an-admin-youre-all-admins-thanks-to-this-microsoft-exchange-zero-day-and-exploit\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"You’re an admin! You’re an admin! You’re all admins, thanks to this Microsoft Exchange zero-day and exploit\",\"datePublished\":\"2019-01-25T00:31:21+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/youre-an-admin-youre-an-admin-youre-all-admins-thanks-to-this-microsoft-exchange-zero-day-and-exploit\\\/\"},\"wordCount\":489,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/youre-an-admin-youre-an-admin-youre-all-admins-thanks-to-this-microsoft-exchange-zero-day-and-exploit\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/01\\\/youre-an-admin-youre-an-admin-youre-all-admins-thanks-to-this-microsoft-exchange-zero-day-and-exploit.jpg\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/youre-an-admin-youre-an-admin-youre-all-admins-thanks-to-this-microsoft-exchange-zero-day-and-exploit\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/youre-an-admin-youre-an-admin-youre-all-admins-thanks-to-this-microsoft-exchange-zero-day-and-exploit\\\/\",\"name\":\"You're an admin! You're an admin! You're all admins, thanks to this Microsoft Exchange zero-day and exploit 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/youre-an-admin-youre-an-admin-youre-all-admins-thanks-to-this-microsoft-exchange-zero-day-and-exploit\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/youre-an-admin-youre-an-admin-youre-all-admins-thanks-to-this-microsoft-exchange-zero-day-and-exploit\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/01\\\/youre-an-admin-youre-an-admin-youre-all-admins-thanks-to-this-microsoft-exchange-zero-day-and-exploit.jpg\",\"datePublished\":\"2019-01-25T00:31:21+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/youre-an-admin-youre-an-admin-youre-all-admins-thanks-to-this-microsoft-exchange-zero-day-and-exploit\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/youre-an-admin-youre-an-admin-youre-all-admins-thanks-to-this-microsoft-exchange-zero-day-and-exploit\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/youre-an-admin-youre-an-admin-youre-all-admins-thanks-to-this-microsoft-exchange-zero-day-and-exploit\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/01\\\/youre-an-admin-youre-an-admin-youre-all-admins-thanks-to-this-microsoft-exchange-zero-day-and-exploit.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/01\\\/youre-an-admin-youre-an-admin-youre-all-admins-thanks-to-this-microsoft-exchange-zero-day-and-exploit.jpg\",\"width\":174,\"height\":115},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/youre-an-admin-youre-an-admin-youre-all-admins-thanks-to-this-microsoft-exchange-zero-day-and-exploit\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"You’re an admin! You’re an admin! You’re all admins, thanks to this Microsoft Exchange zero-day and exploit\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"You're an admin! You're an admin! You're all admins, thanks to this Microsoft Exchange zero-day and exploit 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/youre-an-admin-youre-an-admin-youre-all-admins-thanks-to-this-microsoft-exchange-zero-day-and-exploit\/","og_locale":"en_US","og_type":"article","og_title":"You're an admin! You're an admin! You're all admins, thanks to this Microsoft Exchange zero-day and exploit 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/youre-an-admin-youre-an-admin-youre-all-admins-thanks-to-this-microsoft-exchange-zero-day-and-exploit\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2019-01-25T00:31:21+00:00","og_image":[{"width":174,"height":115,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/01\/youre-an-admin-youre-an-admin-youre-all-admins-thanks-to-this-microsoft-exchange-zero-day-and-exploit.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/youre-an-admin-youre-an-admin-youre-all-admins-thanks-to-this-microsoft-exchange-zero-day-and-exploit\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/youre-an-admin-youre-an-admin-youre-all-admins-thanks-to-this-microsoft-exchange-zero-day-and-exploit\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"You’re an admin! You’re an admin! You’re all admins, thanks to this Microsoft Exchange zero-day and exploit","datePublished":"2019-01-25T00:31:21+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/youre-an-admin-youre-an-admin-youre-all-admins-thanks-to-this-microsoft-exchange-zero-day-and-exploit\/"},"wordCount":489,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/youre-an-admin-youre-an-admin-youre-all-admins-thanks-to-this-microsoft-exchange-zero-day-and-exploit\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/01\/youre-an-admin-youre-an-admin-youre-all-admins-thanks-to-this-microsoft-exchange-zero-day-and-exploit.jpg","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/youre-an-admin-youre-an-admin-youre-all-admins-thanks-to-this-microsoft-exchange-zero-day-and-exploit\/","url":"https:\/\/www.threatshub.org\/blog\/youre-an-admin-youre-an-admin-youre-all-admins-thanks-to-this-microsoft-exchange-zero-day-and-exploit\/","name":"You're an admin! You're an admin! You're all admins, thanks to this Microsoft Exchange zero-day and exploit 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/youre-an-admin-youre-an-admin-youre-all-admins-thanks-to-this-microsoft-exchange-zero-day-and-exploit\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/youre-an-admin-youre-an-admin-youre-all-admins-thanks-to-this-microsoft-exchange-zero-day-and-exploit\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/01\/youre-an-admin-youre-an-admin-youre-all-admins-thanks-to-this-microsoft-exchange-zero-day-and-exploit.jpg","datePublished":"2019-01-25T00:31:21+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/youre-an-admin-youre-an-admin-youre-all-admins-thanks-to-this-microsoft-exchange-zero-day-and-exploit\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/youre-an-admin-youre-an-admin-youre-all-admins-thanks-to-this-microsoft-exchange-zero-day-and-exploit\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/youre-an-admin-youre-an-admin-youre-all-admins-thanks-to-this-microsoft-exchange-zero-day-and-exploit\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/01\/youre-an-admin-youre-an-admin-youre-all-admins-thanks-to-this-microsoft-exchange-zero-day-and-exploit.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/01\/youre-an-admin-youre-an-admin-youre-all-admins-thanks-to-this-microsoft-exchange-zero-day-and-exploit.jpg","width":174,"height":115},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/youre-an-admin-youre-an-admin-youre-all-admins-thanks-to-this-microsoft-exchange-zero-day-and-exploit\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"You’re an admin! You’re an admin! You’re all admins, thanks to this Microsoft Exchange zero-day and exploit"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/24651","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=24651"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/24651\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/24652"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=24651"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=24651"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=24651"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}