{"id":26613,"date":"2019-04-08T11:52:35","date_gmt":"2019-04-08T11:52:35","guid":{"rendered":"http:\/\/419b9edc-a41f-4e82-90bd-816b24f3362b"},"modified":"2019-04-08T11:52:35","modified_gmt":"2019-04-08T11:52:35","slug":"cybercrime-group-fin6-evolves-from-pos-malware-to-ransomware","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/cybercrime-group-fin6-evolves-from-pos-malware-to-ransomware\/","title":{"rendered":"Cybercrime group FIN6 evolves from POS malware to ransomware"},"content":{"rendered":"

\"ransomware.jpg\"<\/span><\/a><\/p>\n

The RansomWare and Binary code, RansomWare Concept Security and Malware attack.<\/p>\n

Nawadoln, Getty Images\/iStockphoto<\/span><\/p>\n

\n
<\/span><\/div>\n<\/div>\n

A cybercrime group known primarily for hacking retailers and stealing payment card details from point-of-sale (POS) systems has changed tactics and is now also deploying ransomware on infected networks.<\/p>\n

The group –named FIN6– has a reputation in the cyber-security field for being one of the most advanced cyber-criminal groups around.<\/p>\n

Its activities were first documented in the spring of 2016, when FireEye published a first report<\/a> detailing its extensive hacks and advanced arsenal.<\/p>\n

At the time, the group had developed a versatile POS malware strain<\/a> named Trinity (aka FrameworkPOS). FIN6 would hack into the networks of major retailers, move laterally across their systems, and deploy Trinity on computers that handled POS data to extract payment card details that they would later upload on their own servers.<\/p>\n

The group would make money by selling these stolen payment card details on hacking forums, making millions of US dollars along the way.<\/p>\n

FIN: Deploying ransomware since July 2018<\/h3>\n

But according to a new report published on Friday, April 5, by FireEye, the group is now also deploying ransomware on some of the hacked networks –on those that don’t handle POS data.<\/p>\n

And the group hasn’t been dropping just any kind of ransomware. According to FireEye, since July 2018, the group has been deploying the Ryuk and LockerGoga ransomware strains.<\/p>\n

\n<\/section>\n

Both of these strains have been at the center of a wave of high-profile infections that have crippled government agencies and large companies from the private sector alike –with the most recent victim being Norsk Hydro<\/a>.<\/p>\n

According to previous reports from CrowdStrike<\/a>, FireEye<\/a>, Kryptos Logic<\/a>, McAfee<\/a>, IBM<\/a>, and Cybereason<\/a>, the group is believed to be operating out of Russia<\/a>, from where it rents the infrastructure of other groups (Emotet and TrickBot) to search for large companies that it would later infect with Trinity, Ryuk, or LockerGoga.<\/p>\n

\"Ryuk<\/span>

\"Ryuk<\/span><\/p>\n

<\/noscript><\/a> Image: Kryptos Logic<\/span><\/p>\n

\n
<\/span><\/div>\n<\/div>\n

Is FIN6 now a ransomware-first group?<\/h3>\n

In its most recent report on FIN6, FireEye spotted and highlighted this change in tactics –from Trinity to Ryuk\/LockerGoga.<\/p>\n

However, the company’s analysts couldn’t say for sure if this is now the group’s main modus operandi, or if this is just a side-activity carried out by some group members “independently of the group’s payment card breaches.”<\/p>\n

But regardless if FIN6 is now a ransomware-first group or not, companies and their cybersecurity departments need to pay close attention to this new development, read the recent FireEye report<\/a> detailing the group’s new operational tacticts, and improve their detection capabilities accordingly, as any sightings of some particular tools may also indicate the presence of this advanced threat actor on a company’s network.<\/p>\n

\n
\n

Third, focusing on detecting commonly used tools like Metasploit, Cobalt Strike, and Empire \u2014 and tactics like encoded PowerShell scripts or RDP logins with keylength:0 \u2014 is a must. You will scoop multiple actors this way. Super important when actors are trying new payloads.<\/p>\n

\u2014 PaulM (@pmelson) April 5, 2019<\/a><\/p><\/blockquote>\n<\/div>\n

Related malware and cybercrime coverage:<\/h3>\n

READ MORE HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

FireEye: FIN6 group is now deploying the Ryuk and LockerGoga ransomware strains on the networks of hacked companies from where it cannot steal POS data.
\nREAD MORE HERE…<\/p>\n","protected":false},"author":2,"featured_media":26614,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[62],"tags":[],"class_list":["post-26613","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-zdnet-security"],"yoast_head":"\nCybercrime group FIN6 evolves from POS malware to ransomware 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/cybercrime-group-fin6-evolves-from-pos-malware-to-ransomware\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Cybercrime group FIN6 evolves from POS malware to ransomware 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/cybercrime-group-fin6-evolves-from-pos-malware-to-ransomware\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2019-04-08T11:52:35+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/04\/cybercrime-group-fin6-evolves-from-pos-malware-to-ransomware.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1000\" \/>\n\t<meta property=\"og:image:height\" content=\"667\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybercrime-group-fin6-evolves-from-pos-malware-to-ransomware\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybercrime-group-fin6-evolves-from-pos-malware-to-ransomware\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Cybercrime group FIN6 evolves from POS malware to ransomware\",\"datePublished\":\"2019-04-08T11:52:35+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybercrime-group-fin6-evolves-from-pos-malware-to-ransomware\\\/\"},\"wordCount\":513,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybercrime-group-fin6-evolves-from-pos-malware-to-ransomware\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/04\\\/cybercrime-group-fin6-evolves-from-pos-malware-to-ransomware.jpg\",\"articleSection\":[\"ZDNet | Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybercrime-group-fin6-evolves-from-pos-malware-to-ransomware\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybercrime-group-fin6-evolves-from-pos-malware-to-ransomware\\\/\",\"name\":\"Cybercrime group FIN6 evolves from POS malware to ransomware 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybercrime-group-fin6-evolves-from-pos-malware-to-ransomware\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybercrime-group-fin6-evolves-from-pos-malware-to-ransomware\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/04\\\/cybercrime-group-fin6-evolves-from-pos-malware-to-ransomware.jpg\",\"datePublished\":\"2019-04-08T11:52:35+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybercrime-group-fin6-evolves-from-pos-malware-to-ransomware\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybercrime-group-fin6-evolves-from-pos-malware-to-ransomware\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybercrime-group-fin6-evolves-from-pos-malware-to-ransomware\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/04\\\/cybercrime-group-fin6-evolves-from-pos-malware-to-ransomware.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/04\\\/cybercrime-group-fin6-evolves-from-pos-malware-to-ransomware.jpg\",\"width\":1000,\"height\":667},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybercrime-group-fin6-evolves-from-pos-malware-to-ransomware\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Cybercrime group FIN6 evolves from POS malware to ransomware\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Cybercrime group FIN6 evolves from POS malware to ransomware 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/cybercrime-group-fin6-evolves-from-pos-malware-to-ransomware\/","og_locale":"en_US","og_type":"article","og_title":"Cybercrime group FIN6 evolves from POS malware to ransomware 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/cybercrime-group-fin6-evolves-from-pos-malware-to-ransomware\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2019-04-08T11:52:35+00:00","og_image":[{"width":1000,"height":667,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/04\/cybercrime-group-fin6-evolves-from-pos-malware-to-ransomware.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/cybercrime-group-fin6-evolves-from-pos-malware-to-ransomware\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/cybercrime-group-fin6-evolves-from-pos-malware-to-ransomware\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Cybercrime group FIN6 evolves from POS malware to ransomware","datePublished":"2019-04-08T11:52:35+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/cybercrime-group-fin6-evolves-from-pos-malware-to-ransomware\/"},"wordCount":513,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/cybercrime-group-fin6-evolves-from-pos-malware-to-ransomware\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/04\/cybercrime-group-fin6-evolves-from-pos-malware-to-ransomware.jpg","articleSection":["ZDNet | Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/cybercrime-group-fin6-evolves-from-pos-malware-to-ransomware\/","url":"https:\/\/www.threatshub.org\/blog\/cybercrime-group-fin6-evolves-from-pos-malware-to-ransomware\/","name":"Cybercrime group FIN6 evolves from POS malware to ransomware 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/cybercrime-group-fin6-evolves-from-pos-malware-to-ransomware\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/cybercrime-group-fin6-evolves-from-pos-malware-to-ransomware\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/04\/cybercrime-group-fin6-evolves-from-pos-malware-to-ransomware.jpg","datePublished":"2019-04-08T11:52:35+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/cybercrime-group-fin6-evolves-from-pos-malware-to-ransomware\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/cybercrime-group-fin6-evolves-from-pos-malware-to-ransomware\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/cybercrime-group-fin6-evolves-from-pos-malware-to-ransomware\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/04\/cybercrime-group-fin6-evolves-from-pos-malware-to-ransomware.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/04\/cybercrime-group-fin6-evolves-from-pos-malware-to-ransomware.jpg","width":1000,"height":667},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/cybercrime-group-fin6-evolves-from-pos-malware-to-ransomware\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Cybercrime group FIN6 evolves from POS malware to ransomware"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/26613","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=26613"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/26613\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/26614"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=26613"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=26613"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=26613"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}