{"id":24748,"date":"2019-01-28T07:03:05","date_gmt":"2019-01-28T07:03:05","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/q-what-connects-the-global-financial-crisis-ursnif-malware-and-coldplays-viva-la-vida\/"},"modified":"2019-01-28T07:03:05","modified_gmt":"2019-01-28T07:03:05","slug":"q-what-connects-the-global-financial-crisis-ursnif-malware-and-coldplays-viva-la-vida","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/q-what-connects-the-global-financial-crisis-ursnif-malware-and-coldplays-viva-la-vida\/","title":{"rendered":"Q. What connects the global financial crisis, Ursnif malware, and Coldplay’s Viva la Vida?"},"content":{"rendered":"

A piece of banking malware that first debuted more than a decade ago is once again wreaking havoc.<\/p>\n

Known as Ursnif, the malware has been spotted in the wild by Cisco’s Talos security team, and is currently spreading in the wild via poisoned Word documents.<\/p>\n

The Talos bug-hunters say<\/a> the Ursnif infection has been active for months, infecting machines and then quietly logging activity and keystrokes in hope of catching users entering their banking credentials or other sensitive financial information.<\/p>\n

\"malware\"\/<\/p>\n

Cyber-crooks think small biz is easy prey. Here’s a simple checklist to avoid becoming an easy victim<\/h2>\n

READ MORE<\/span><\/a><\/div>\n

“The alert piqued our curiosity, so we began to dig a bit deeper and provide some recent IoCs related to this threat, which traditionally attempts to steal users’ banking login credentials and other login information,” Talos said in its summary of the finding.<\/p>\n

“Talos has covered Ursnif in the past, as it is one of the most popular malware that attackers have deployed recently.”<\/p>\n

This is the latest in a game of cat-and-mouse researchers have had with Ursnif criminals spanning back more than eleven years. When it was first reported<\/a> at the tail end of 2007, Ursnif was classified as a variation of Gozi, a family of banking malware developed for use by Russian cybercrime groups. At that time, Ursnif was being spread via poisoned PDF files.<\/p>\n

More than a decade later, Ursnif is back as a favored tool of financial cybercrime groups. The delivery method has remained largely the same too. The creators of this current build are embedding the attack code into a VBA macro command of a Word document and the recipient is instructed to enable macros to view the image if the function isn’t already turned on. Once they do it’s pwnage time!.<\/p>\n

The macro is mostly full of junk mathematical functions intended to hide the real payload, but includes the following code which creates a PowerShell command using the AlternativeText property of the Shapes object “j6h1cf.”.<\/p>\n

\nInteraction@.Shell RTrim(LTrim(Shapes(\"j6h1cf\").AlternativeText)), 84 * 2 + -168\n<\/pre>\n
Once executed the PowerShell command contacts a command and control server and downloads Ursnif into the AppData directory. But it doesn’t run immediately – that would be too obvious – but uses a series of generated PowerShell commands to unpack the malware, create a malicious DLL, allocate memory for it to function and then fire up the full malware application itself.<\/p>\n
The latest iterations of the malware also opts for HTTPS connections to its command and control servers, does much of the dirty work of collecting the data in TEMP files and transmits the harvested keystrokes and data as archived .cab format files.<\/p>\n
These tactics all make Ursnif tough to spot for most security tools. As ever, disable macros as a standard and only enable them on a case-by-case basis once you are sure of the document’s provenance. \u00ae<\/p>\n
READ MORE HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"
A. Bad things from 2008 we can’t seem to shake A piece of banking malware that first debuted more than a decade ago is once again wreaking havoc.\u2026 READ MORE HERE…<\/p>\n","protected":false},"author":2,"featured_media":24749,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-24748","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-register"],"yoast_head":"\nQ. What connects the global financial crisis, Ursnif malware, and Coldplay's Viva la Vida? 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/q-what-connects-the-global-financial-crisis-ursnif-malware-and-coldplays-viva-la-vida\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Q. What connects the global financial crisis, Ursnif malware, and Coldplay's Viva la Vida? 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/q-what-connects-the-global-financial-crisis-ursnif-malware-and-coldplays-viva-la-vida\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2019-01-28T07:03:05+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/01\/q-what-connects-the-global-financial-crisis-ursnif-malware-and-coldplays-viva-la-vida.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"174\" \/>\n\t<meta property=\"og:image:height\" content=\"115\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/q-what-connects-the-global-financial-crisis-ursnif-malware-and-coldplays-viva-la-vida\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/q-what-connects-the-global-financial-crisis-ursnif-malware-and-coldplays-viva-la-vida\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Q. What connects the global financial crisis, Ursnif malware, and Coldplay’s Viva la Vida?\",\"datePublished\":\"2019-01-28T07:03:05+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/q-what-connects-the-global-financial-crisis-ursnif-malware-and-coldplays-viva-la-vida\\\/\"},\"wordCount\":493,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/q-what-connects-the-global-financial-crisis-ursnif-malware-and-coldplays-viva-la-vida\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/01\\\/q-what-connects-the-global-financial-crisis-ursnif-malware-and-coldplays-viva-la-vida.jpg\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/q-what-connects-the-global-financial-crisis-ursnif-malware-and-coldplays-viva-la-vida\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/q-what-connects-the-global-financial-crisis-ursnif-malware-and-coldplays-viva-la-vida\\\/\",\"name\":\"Q. What connects the global financial crisis, Ursnif malware, and Coldplay's Viva la Vida? 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/q-what-connects-the-global-financial-crisis-ursnif-malware-and-coldplays-viva-la-vida\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/q-what-connects-the-global-financial-crisis-ursnif-malware-and-coldplays-viva-la-vida\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/01\\\/q-what-connects-the-global-financial-crisis-ursnif-malware-and-coldplays-viva-la-vida.jpg\",\"datePublished\":\"2019-01-28T07:03:05+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/q-what-connects-the-global-financial-crisis-ursnif-malware-and-coldplays-viva-la-vida\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/q-what-connects-the-global-financial-crisis-ursnif-malware-and-coldplays-viva-la-vida\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/q-what-connects-the-global-financial-crisis-ursnif-malware-and-coldplays-viva-la-vida\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/01\\\/q-what-connects-the-global-financial-crisis-ursnif-malware-and-coldplays-viva-la-vida.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/01\\\/q-what-connects-the-global-financial-crisis-ursnif-malware-and-coldplays-viva-la-vida.jpg\",\"width\":174,\"height\":115},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/q-what-connects-the-global-financial-crisis-ursnif-malware-and-coldplays-viva-la-vida\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Q. What connects the global financial crisis, Ursnif malware, and Coldplay’s Viva la Vida?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Q. What connects the global financial crisis, Ursnif malware, and Coldplay's Viva la Vida? 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/q-what-connects-the-global-financial-crisis-ursnif-malware-and-coldplays-viva-la-vida\/","og_locale":"en_US","og_type":"article","og_title":"Q. What connects the global financial crisis, Ursnif malware, and Coldplay's Viva la Vida? 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/q-what-connects-the-global-financial-crisis-ursnif-malware-and-coldplays-viva-la-vida\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2019-01-28T07:03:05+00:00","og_image":[{"width":174,"height":115,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/01\/q-what-connects-the-global-financial-crisis-ursnif-malware-and-coldplays-viva-la-vida.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/q-what-connects-the-global-financial-crisis-ursnif-malware-and-coldplays-viva-la-vida\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/q-what-connects-the-global-financial-crisis-ursnif-malware-and-coldplays-viva-la-vida\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Q. What connects the global financial crisis, Ursnif malware, and Coldplay’s Viva la Vida?","datePublished":"2019-01-28T07:03:05+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/q-what-connects-the-global-financial-crisis-ursnif-malware-and-coldplays-viva-la-vida\/"},"wordCount":493,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/q-what-connects-the-global-financial-crisis-ursnif-malware-and-coldplays-viva-la-vida\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/01\/q-what-connects-the-global-financial-crisis-ursnif-malware-and-coldplays-viva-la-vida.jpg","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/q-what-connects-the-global-financial-crisis-ursnif-malware-and-coldplays-viva-la-vida\/","url":"https:\/\/www.threatshub.org\/blog\/q-what-connects-the-global-financial-crisis-ursnif-malware-and-coldplays-viva-la-vida\/","name":"Q. What connects the global financial crisis, Ursnif malware, and Coldplay's Viva la Vida? 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/q-what-connects-the-global-financial-crisis-ursnif-malware-and-coldplays-viva-la-vida\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/q-what-connects-the-global-financial-crisis-ursnif-malware-and-coldplays-viva-la-vida\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/01\/q-what-connects-the-global-financial-crisis-ursnif-malware-and-coldplays-viva-la-vida.jpg","datePublished":"2019-01-28T07:03:05+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/q-what-connects-the-global-financial-crisis-ursnif-malware-and-coldplays-viva-la-vida\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/q-what-connects-the-global-financial-crisis-ursnif-malware-and-coldplays-viva-la-vida\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/q-what-connects-the-global-financial-crisis-ursnif-malware-and-coldplays-viva-la-vida\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/01\/q-what-connects-the-global-financial-crisis-ursnif-malware-and-coldplays-viva-la-vida.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/01\/q-what-connects-the-global-financial-crisis-ursnif-malware-and-coldplays-viva-la-vida.jpg","width":174,"height":115},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/q-what-connects-the-global-financial-crisis-ursnif-malware-and-coldplays-viva-la-vida\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Q. What connects the global financial crisis, Ursnif malware, and Coldplay’s Viva la Vida?"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/24748","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=24748"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/24748\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/24749"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=24748"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=24748"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=24748"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}