{"id":27995,"date":"2019-07-24T01:39:59","date_gmt":"2019-07-24T01:39:59","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/with-more-hints-dropped-online-on-how-to-exploit-bluekeep-youve-patched-that-windows-rdp-flaw-right\/"},"modified":"2019-07-24T01:39:59","modified_gmt":"2019-07-24T01:39:59","slug":"with-more-hints-dropped-online-on-how-to-exploit-bluekeep-youve-patched-that-windows-rdp-flaw-right","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/with-more-hints-dropped-online-on-how-to-exploit-bluekeep-youve-patched-that-windows-rdp-flaw-right\/","title":{"rendered":"With more hints dropped online on how to exploit BlueKeep, you’ve patched that Windows RDP flaw, right?"},"content":{"rendered":"

Vital clues on how to exploit the notorious Windows RDP bug, aka CVE-2019-0708 aka BlueKeep, and hijack vulnerable boxes, emerged online this week.<\/p>\n

The growing number of hints can be used by folks to develop working code that attacks Microsoft’s Remote Desktop Services software, on Windows XP through to Server 2008, and gains kernel-level code execution without any authentication or user interaction. You just need to be able to reach a vulnerable RDP server across the network or internet.<\/p>\n

Such an intrusion would give an attacker full control of a machine. So far, publicly available proof-of-concept exploit code mostly crashes vulnerable systems, rather than commandeer boxes. It’s feared that publicly shared, working, and reliable remote code-execution exploits, built from the aforementioned hints and tips, will be used to create a worm that can move from machine to machine, infecting them via BlueKeep as it goes, while stealing information or rolling out ransomware.<\/p>\n

Microsoft issued free patches<\/a> for BlueKeep in May, though not everyone has installed them.<\/p>\n

New details<\/span><\/h3>\n

Earlier this week, a researcher using the handle 0xeb_bp<\/a> created a GitHub repository<\/a> including a written in-depth analysis of the flaw, and incomplete proof-of-concept Python code that targets Windows XP.<\/p>\n

BlueKeep is a use-after-free() vulnerability in Remote Desktop Services’s kernel driver termdd.sys. There are more technical details here<\/a>, by the Zero Day Initiative, however the summary is: it is possible to open a connection to a vulnerable RDP server, open a channel called MS_T120\\x00<\/code> through this connection, send a payload of malicious code, and then terminate the connection. That will trigger the bug, and with the right voodoo, cause the smuggled code to execute.<\/p>\n

In order to do this, you need to pull off something rather tricky: spraying the Windows kernel’s heap memory pool with data just right to achieve code execution. While the concept of heap spraying is understood by exploit developers and security engineers, it hasn’t been publicly explained within the context of CVE-2019-0708 \u2013 until now.<\/p>\n

<\/p>\n

Rust in peace: Memory bugs in C and C++ code cause security issues so Microsoft is considering alternatives once again<\/h2>\n

READ MORE<\/span><\/a><\/div>\n

0xeb_bp’s PDF write-up in their GitHub repo details these vital steps, and how to overwrite the pool successfully. Although industry folks are aware of heap spraying, particularly in the context of browser exploitation, using the technique against the Windows kernel’s nonpaged pool of memory is non-trivial. For CVE-2019-0708, though, a walk-through on how to do just that is now public, and a video of it all working can be found here<\/a>.<\/p>\n

You may be relieved to hear the PDF deliberately omits certain details, such as the essential shellcode needed to commandeer a box. Also, it focuses on Windows XP, and the technique may not work on later editions of the operating system. However, along with exploitation tips detailed in a Chinese-language slide deck<\/a> that appeared online two days ago, the difficult parts of a viable working exploit are now public, paving the way for someone to finish off the work and share it.<\/p>\n

“The information here is already available within the Chinese hacker community,” 0xeb_bp pointed out.<\/p>\n

WannaCry breaker and noted security researcher Marcus Hutchins, who is awaiting sentencing<\/a> in the US for his role in developing banking malware, said<\/a> this extra info will make it easier for white and black hats to exploit BlueKeep. “They provided the code to actually do the actual pool spray,” the Brit said, adding we’re probably now a week away from someone completing a working public exploit.<\/p>\n

This should give admins who have yet to install Microsoft’s patches<\/a> that last bit of motivation they need to get the bug walled off once and for all. \u00ae<\/p>\n

Sponsored:<\/span> Balancing consumerization and corporate control<\/a><\/p>\n

READ MORE HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Someone just revealed the tricky kernel heap spray part Vital clues on how to exploit the notorious Windows RDP bug, aka CVE-2019-0708 aka BlueKeep, and hijack vulnerable boxes, emerged online this week.\u2026 READ MORE HERE…<\/p>\n","protected":false},"author":2,"featured_media":27996,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-27995","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-register"],"yoast_head":"\nWith more hints dropped online on how to exploit BlueKeep, you've patched that Windows RDP flaw, right? 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/with-more-hints-dropped-online-on-how-to-exploit-bluekeep-youve-patched-that-windows-rdp-flaw-right\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"With more hints dropped online on how to exploit BlueKeep, you've patched that Windows RDP flaw, right? 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/with-more-hints-dropped-online-on-how-to-exploit-bluekeep-youve-patched-that-windows-rdp-flaw-right\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2019-07-24T01:39:59+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/07\/with-more-hints-dropped-online-on-how-to-exploit-bluekeep-youve-patched-that-windows-rdp-flaw-right.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"174\" \/>\n\t<meta property=\"og:image:height\" content=\"115\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/with-more-hints-dropped-online-on-how-to-exploit-bluekeep-youve-patched-that-windows-rdp-flaw-right\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/with-more-hints-dropped-online-on-how-to-exploit-bluekeep-youve-patched-that-windows-rdp-flaw-right\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"With more hints dropped online on how to exploit BlueKeep, you’ve patched that Windows RDP flaw, right?\",\"datePublished\":\"2019-07-24T01:39:59+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/with-more-hints-dropped-online-on-how-to-exploit-bluekeep-youve-patched-that-windows-rdp-flaw-right\\\/\"},\"wordCount\":650,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/with-more-hints-dropped-online-on-how-to-exploit-bluekeep-youve-patched-that-windows-rdp-flaw-right\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/07\\\/with-more-hints-dropped-online-on-how-to-exploit-bluekeep-youve-patched-that-windows-rdp-flaw-right.jpg\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/with-more-hints-dropped-online-on-how-to-exploit-bluekeep-youve-patched-that-windows-rdp-flaw-right\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/with-more-hints-dropped-online-on-how-to-exploit-bluekeep-youve-patched-that-windows-rdp-flaw-right\\\/\",\"name\":\"With more hints dropped online on how to exploit BlueKeep, you've patched that Windows RDP flaw, right? 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/with-more-hints-dropped-online-on-how-to-exploit-bluekeep-youve-patched-that-windows-rdp-flaw-right\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/with-more-hints-dropped-online-on-how-to-exploit-bluekeep-youve-patched-that-windows-rdp-flaw-right\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/07\\\/with-more-hints-dropped-online-on-how-to-exploit-bluekeep-youve-patched-that-windows-rdp-flaw-right.jpg\",\"datePublished\":\"2019-07-24T01:39:59+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/with-more-hints-dropped-online-on-how-to-exploit-bluekeep-youve-patched-that-windows-rdp-flaw-right\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/with-more-hints-dropped-online-on-how-to-exploit-bluekeep-youve-patched-that-windows-rdp-flaw-right\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/with-more-hints-dropped-online-on-how-to-exploit-bluekeep-youve-patched-that-windows-rdp-flaw-right\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/07\\\/with-more-hints-dropped-online-on-how-to-exploit-bluekeep-youve-patched-that-windows-rdp-flaw-right.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/07\\\/with-more-hints-dropped-online-on-how-to-exploit-bluekeep-youve-patched-that-windows-rdp-flaw-right.jpg\",\"width\":174,\"height\":115},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/with-more-hints-dropped-online-on-how-to-exploit-bluekeep-youve-patched-that-windows-rdp-flaw-right\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"With more hints dropped online on how to exploit BlueKeep, you’ve patched that Windows RDP flaw, right?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"With more hints dropped online on how to exploit BlueKeep, you've patched that Windows RDP flaw, right? 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/with-more-hints-dropped-online-on-how-to-exploit-bluekeep-youve-patched-that-windows-rdp-flaw-right\/","og_locale":"en_US","og_type":"article","og_title":"With more hints dropped online on how to exploit BlueKeep, you've patched that Windows RDP flaw, right? 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/with-more-hints-dropped-online-on-how-to-exploit-bluekeep-youve-patched-that-windows-rdp-flaw-right\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2019-07-24T01:39:59+00:00","og_image":[{"width":174,"height":115,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/07\/with-more-hints-dropped-online-on-how-to-exploit-bluekeep-youve-patched-that-windows-rdp-flaw-right.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/with-more-hints-dropped-online-on-how-to-exploit-bluekeep-youve-patched-that-windows-rdp-flaw-right\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/with-more-hints-dropped-online-on-how-to-exploit-bluekeep-youve-patched-that-windows-rdp-flaw-right\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"With more hints dropped online on how to exploit BlueKeep, you’ve patched that Windows RDP flaw, right?","datePublished":"2019-07-24T01:39:59+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/with-more-hints-dropped-online-on-how-to-exploit-bluekeep-youve-patched-that-windows-rdp-flaw-right\/"},"wordCount":650,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/with-more-hints-dropped-online-on-how-to-exploit-bluekeep-youve-patched-that-windows-rdp-flaw-right\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/07\/with-more-hints-dropped-online-on-how-to-exploit-bluekeep-youve-patched-that-windows-rdp-flaw-right.jpg","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/with-more-hints-dropped-online-on-how-to-exploit-bluekeep-youve-patched-that-windows-rdp-flaw-right\/","url":"https:\/\/www.threatshub.org\/blog\/with-more-hints-dropped-online-on-how-to-exploit-bluekeep-youve-patched-that-windows-rdp-flaw-right\/","name":"With more hints dropped online on how to exploit BlueKeep, you've patched that Windows RDP flaw, right? 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/with-more-hints-dropped-online-on-how-to-exploit-bluekeep-youve-patched-that-windows-rdp-flaw-right\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/with-more-hints-dropped-online-on-how-to-exploit-bluekeep-youve-patched-that-windows-rdp-flaw-right\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/07\/with-more-hints-dropped-online-on-how-to-exploit-bluekeep-youve-patched-that-windows-rdp-flaw-right.jpg","datePublished":"2019-07-24T01:39:59+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/with-more-hints-dropped-online-on-how-to-exploit-bluekeep-youve-patched-that-windows-rdp-flaw-right\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/with-more-hints-dropped-online-on-how-to-exploit-bluekeep-youve-patched-that-windows-rdp-flaw-right\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/with-more-hints-dropped-online-on-how-to-exploit-bluekeep-youve-patched-that-windows-rdp-flaw-right\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/07\/with-more-hints-dropped-online-on-how-to-exploit-bluekeep-youve-patched-that-windows-rdp-flaw-right.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/07\/with-more-hints-dropped-online-on-how-to-exploit-bluekeep-youve-patched-that-windows-rdp-flaw-right.jpg","width":174,"height":115},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/with-more-hints-dropped-online-on-how-to-exploit-bluekeep-youve-patched-that-windows-rdp-flaw-right\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"With more hints dropped online on how to exploit BlueKeep, you’ve patched that Windows RDP flaw, right?"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/27995","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=27995"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/27995\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/27996"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=27995"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=27995"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=27995"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}