{"id":24778,"date":"2019-01-29T14:00:23","date_gmt":"2019-01-29T14:00:23","guid":{"rendered":"https:\/\/blog.trendmicro.com\/?p=542593"},"modified":"2019-01-29T14:00:23","modified_gmt":"2019-01-29T14:00:23","slug":"informing-your-security-posture-how-cybercriminals-blend-into-the-background","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/informing-your-security-posture-how-cybercriminals-blend-into-the-background\/","title":{"rendered":"Informing Your Security Posture: How Cybercriminals Blend into the Background"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" width=\"300\" height=\"200\" src=\"https:\/\/blog.trendmicro.com\/wp-content\/uploads\/2019\/01\/brafton4-300x200.jpg\" class=\"attachment-medium size-medium wp-post-image\" alt=\"\"\/><\/p>\n<p>Maintaining protection over an enterprise\u2019s critical data, systems and assets is a continual uphill battle. Not only are chances good that the business\u2019s digital footprint is growing through new applications, but hackers are also constantly bolstering their capabilities to silently breach platforms and maintain a presence under the radar of the IT team.<\/p>\n<p>In the past, hackers have utilized all types of tactics to cover their tracks and enable them to remain within legitimate systems and steal data for more extended periods of time. And, according to a new report from Trend Micro researchers, these tactics are only growing more sophisticated, advanced and dangerous.<\/p>\n<p>One of the best ways to improve the company\u2019s security posture is to inform proactive protection by learning about the enemy. Today, we\u2019re taking a look at the different techniques cybercriminals use to blend in and prevent detection. With this knowledge, IT teams can keep a more watchful eye out for the types of activity that can point to a malicious breach.<\/p>\n<h3><strong>How do hackers cover their tracks?<\/strong><\/h3>\n<p>Just as hunters work hard to remain hidden from their prey, so too do hackers do everything in their power to avoid detection by human users and network- and application-level security solutions.<\/p>\n<p>As Trend Micro researchers explained in the recent report, \u201c<a href=\"https:\/\/documents.trendmicro.com\/assets\/rpt\/rpt-mapping-the-future.pdf\">Mapping the Future: Dealing with Pervasive and Persistent Threats<\/a>,\u201d the practice of blending into legitimate traffic within enterprise systems will only become more prevalent and threatening.<\/p>\n<p>\u201cIn response to security vendor technologies, specifically the renewed interest in machine learning for cybersecurity, cybercriminals will use more malicious tactics to \u2018blend in,\u201d researchers noted in the report. \u201cNew ways of using normal computing objects for purposes other than their intended use or design \u2013 a practice known as \u2018living off the land\u2019 \u2013 will continue to be discovered, documented and shared.\u201d<\/p>\n<p>So far, researchers have observed the rising use of a few key strategies in the current threat landscape, including:<\/p>\n<table>\n<tbody readability=\"9.5\">\n<tr readability=\"19\">\n<td width=\"20px\"\/>\n<td>\n<ul>\n<li><strong>Masking activity with unconventional file extensions.<\/strong> Much of today\u2019s malicious code is no longer being delivered through the traditional executable file, as users have been trained to be suspicious of these types of programs. Now, hackers are packaging their malicious code in less recognizable formats, using extensions like .URL, .IQY, .PUB and .WIZ. This makes it easier for hackers to trick users into opening malicious files and launching a successful infection.<\/li>\n<li><strong>Minimal modification.<\/strong> Hackers quickly catch on to the types of activity that users and security programs classify as suspicious, including the modification of legitimate files to spur a breach an infection. In response, cybercriminals are scaling back on their modifications and only changing the bare minimum in order to leverage a legitimate file or system as a launch pad for their attack.<\/li>\n<li><strong>New activation methods.\u00a0<\/strong>In addition, cyberattakers are also switching up their malware activation strategies, using techniques like Mshta, Rundll32, Regasm, Regsvr32 and more.<\/li>\n<li><strong>Digitally signed malware.<\/strong>\u00a0As Trend Micro researchers noted in the report, digitally signed malware is already a pervasive approach used by hackers, and will only continue to pose a significant threat. This technique is highly effective. It enables hackers to make their well-hidden malware even more legitimate-appearing thanks to a digitally signed certificate that enables the bypass of security platforms.<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n<tr>\n<td height=\"10px\"\/>\n<td\/>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>\u201cHackers use <a href=\"https:\/\/thehackernews.com\/2017\/11\/malware-digital-certificate.html\">compromised code signing certificates<\/a> associated with trusted software vendors in order to sign their malicious code, reducing the possibility of their malware being detected on targeted enterprise networks and consumer devices,\u201d The Hacker News contributor Swati Khandelwal explained.<\/p>\n<h3><strong>Fileless malware<\/strong><\/h3>\n<p>In addition to the above-described tricky strategies, hackers are also increasing their use of fileless malware, which can improve hackers\u2019 chances of flying under the radar of traditional file scanning solutions. As noted in this Trend Micro Simply Security blog, fileless malware seeks to <a href=\"https:\/\/blog.trendmicro.com\/fileless-malware-a-hidden-threat\/\">take advantage of software or system vulnerabilities<\/a> while preventing attackers from catching the attention of users or raising security notifications.<\/p>\n<p>One example of this type of advanced threat exploits the PowerShell utility, or other Microsoft Word macros to execute a hidden command against the victim system. These commands can change depending on the hacker\u2019s goal or the length of time they\u2019re attempting to remain within the breached system.<\/p>\n<p>\u201cCurrent security solutions detect an intrusion [using] a signature based on the malware file\u2019s characteristics,\u201d Trend Micro researchers explained. \u201cHowever, because fileless malware doesn\u2019t have a payload file to infect a system, security applications don\u2019t know what to look for.\u201d<\/p>\n<p>This makes fileless malware samples particularly dangerous and especially difficult \u2013 but not impossible \u2013 to detect.<\/p>\n<h3><strong>Hidden tunnels<\/strong><\/h3>\n<p>In a report for The Wall Street Journal, contributor Adam Janofsky described the rising use of so-called \u201c<a href=\"https:\/\/www.wsj.com\/articles\/how-hackers-use-hidden-tunnels-to-steal-data-and-avoid-detection-1529543603?ns=prod\/accounts-wsj\">hidden tunnels<\/a>,\u201d which allow hackers to ride the coattails of legitimate business application traffic and protocols to make off with stolen data. Currently, this threat presents the most risk for financial organizations, where hackers can utilize tunnels to sneak past access control protections and intrusion detection solutions. However, the use of hidden tunnels can pose a threat to businesses in any industry.<\/p>\n<p>\u201cThese tunnels work by blending in with legitimate applications that connect a company\u2019s network to outside systems, such as third-party analytics tools, cloud-based financial applications and stock ticker feeds,\u201d Janofsky wrote.<\/p>\n<p>Once hackers enter a system, they can then steal considerable amounts of sensitive data and intellectual property, using additional tactics to cover their tracks. As opposed to stealing large files, hackers will break information down into smaller chunks that are less likely to set off alarms within an enterprise\u2019s security solutions.<\/p>\n<p>According to a report from Ventra Networks Inc., there are more hidden tunnels than one might expect. Researchers found that within the financial sector alone, approximately 23 tunnels, disguised through encryption, exist for every 10,000 devices.\u00a0In other industries, there are only about 11 tunnels for every 10,000 devices.<\/p>\n<h3><strong>Avoiding detection to ramp up data theft and damage<\/strong><\/h3>\n<p>One of the biggest motivations for avoiding detection using these types of cybercriminal tactics is to support a longer and more drawn-out data breach. As Janofsky explained, such was the case with the Equifax Inc. breach \u2013 hackers purposely avoided using specific tools and tactics which would draw the attention of internal security stakeholders and protection programs. This enabled attackers to remain within the company\u2019s systems for over four months.<\/p>\n<p>Hackers\u2019 ability to cover their tracks poses a significant threat to organizations in every industry. The ideal response to this level of threat environment is to work proactively, become aware and educated about the strategies hackers leverage, and look to guard against these activities specifically.<\/p>\n<p>To find out more about informing your security posture with the latest security strategies, connect with the experts at Trend Micro today.<\/p>\n<p> Read More <a href=\"https:\/\/blog.trendmicro.com\/informing-your-security-posture-how-cybercriminals-blend-into-the-background\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Maintaining protection over an enterprise&#8217;s critical data, systems and assets is a continual uphill battle. Not only are chances good that the business&#8217;s digital footprint is growing through new applications, but hackers are also constantly bolstering their capabilities to silently breach platforms and maintain a presence under the radar of the IT team. In the&#8230;<br \/>\nThe post Informing Your Security Posture: How Cybercriminals Blend into the Background appeared first on . Read More HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":24779,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[61],"tags":[5310,311,1147,5643,2996,307],"class_list":["post-24778","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-trendmicro","tag-advanced-persistent-threats","tag-current-news","tag-cybercriminals","tag-digitally-signed-malware","tag-fileless-malware","tag-security"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Informing Your Security Posture: How Cybercriminals Blend into the Background 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/informing-your-security-posture-how-cybercriminals-blend-into-the-background\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Informing Your Security Posture: How Cybercriminals Blend into the Background 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/informing-your-security-posture-how-cybercriminals-blend-into-the-background\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2019-01-29T14:00:23+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/01\/informing-your-security-posture-how-cybercriminals-blend-into-the-background.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"300\" \/>\n\t<meta property=\"og:image:height\" content=\"200\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/informing-your-security-posture-how-cybercriminals-blend-into-the-background\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/informing-your-security-posture-how-cybercriminals-blend-into-the-background\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Informing Your Security Posture: How Cybercriminals Blend into the Background\",\"datePublished\":\"2019-01-29T14:00:23+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/informing-your-security-posture-how-cybercriminals-blend-into-the-background\\\/\"},\"wordCount\":1123,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/informing-your-security-posture-how-cybercriminals-blend-into-the-background\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/01\\\/informing-your-security-posture-how-cybercriminals-blend-into-the-background.jpg\",\"keywords\":[\"advanced persistent threats\",\"Current News\",\"cybercriminals\",\"digitally signed malware\",\"fileless malware\",\"Security\"],\"articleSection\":[\"TrendMicro\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/informing-your-security-posture-how-cybercriminals-blend-into-the-background\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/informing-your-security-posture-how-cybercriminals-blend-into-the-background\\\/\",\"name\":\"Informing Your Security Posture: How Cybercriminals Blend into the Background 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/informing-your-security-posture-how-cybercriminals-blend-into-the-background\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/informing-your-security-posture-how-cybercriminals-blend-into-the-background\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/01\\\/informing-your-security-posture-how-cybercriminals-blend-into-the-background.jpg\",\"datePublished\":\"2019-01-29T14:00:23+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/informing-your-security-posture-how-cybercriminals-blend-into-the-background\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/informing-your-security-posture-how-cybercriminals-blend-into-the-background\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/informing-your-security-posture-how-cybercriminals-blend-into-the-background\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/01\\\/informing-your-security-posture-how-cybercriminals-blend-into-the-background.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/01\\\/informing-your-security-posture-how-cybercriminals-blend-into-the-background.jpg\",\"width\":300,\"height\":200},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/informing-your-security-posture-how-cybercriminals-blend-into-the-background\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"advanced persistent threats\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/advanced-persistent-threats\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Informing Your Security Posture: How Cybercriminals Blend into the Background\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Informing Your Security Posture: How Cybercriminals Blend into the Background 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/informing-your-security-posture-how-cybercriminals-blend-into-the-background\/","og_locale":"en_US","og_type":"article","og_title":"Informing Your Security Posture: How Cybercriminals Blend into the Background 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/informing-your-security-posture-how-cybercriminals-blend-into-the-background\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2019-01-29T14:00:23+00:00","og_image":[{"width":300,"height":200,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/01\/informing-your-security-posture-how-cybercriminals-blend-into-the-background.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/informing-your-security-posture-how-cybercriminals-blend-into-the-background\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/informing-your-security-posture-how-cybercriminals-blend-into-the-background\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Informing Your Security Posture: How Cybercriminals Blend into the Background","datePublished":"2019-01-29T14:00:23+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/informing-your-security-posture-how-cybercriminals-blend-into-the-background\/"},"wordCount":1123,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/informing-your-security-posture-how-cybercriminals-blend-into-the-background\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/01\/informing-your-security-posture-how-cybercriminals-blend-into-the-background.jpg","keywords":["advanced persistent threats","Current News","cybercriminals","digitally signed malware","fileless malware","Security"],"articleSection":["TrendMicro"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/informing-your-security-posture-how-cybercriminals-blend-into-the-background\/","url":"https:\/\/www.threatshub.org\/blog\/informing-your-security-posture-how-cybercriminals-blend-into-the-background\/","name":"Informing Your Security Posture: How Cybercriminals Blend into the Background 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/informing-your-security-posture-how-cybercriminals-blend-into-the-background\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/informing-your-security-posture-how-cybercriminals-blend-into-the-background\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/01\/informing-your-security-posture-how-cybercriminals-blend-into-the-background.jpg","datePublished":"2019-01-29T14:00:23+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/informing-your-security-posture-how-cybercriminals-blend-into-the-background\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/informing-your-security-posture-how-cybercriminals-blend-into-the-background\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/informing-your-security-posture-how-cybercriminals-blend-into-the-background\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/01\/informing-your-security-posture-how-cybercriminals-blend-into-the-background.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/01\/informing-your-security-posture-how-cybercriminals-blend-into-the-background.jpg","width":300,"height":200},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/informing-your-security-posture-how-cybercriminals-blend-into-the-background\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"advanced persistent threats","item":"https:\/\/www.threatshub.org\/blog\/tag\/advanced-persistent-threats\/"},{"@type":"ListItem","position":3,"name":"Informing Your Security Posture: How Cybercriminals Blend into the Background"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/24778","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=24778"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/24778\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/24779"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=24778"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=24778"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=24778"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}