{"id":29154,"date":"2019-09-17T14:27:16","date_gmt":"2019-09-17T14:27:16","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/30502\/Attackers-Pose-As-Business-Executives-To-Secure-Security-Certificates.html"},"modified":"2019-09-17T14:27:16","modified_gmt":"2019-09-17T14:27:16","slug":"attackers-pose-as-business-executives-to-secure-security-certificates","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/attackers-pose-as-business-executives-to-secure-security-certificates\/","title":{"rendered":"Attackers Pose As Business Executives To Secure Security Certificates"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/zdnet4.cbsistatic.com\/hub\/i\/r\/2019\/09\/17\/c93a8c75-848b-4c7f-9360-284089fa96b1\/thumbnail\/770x578\/3a69d9f675434795624a98e5ac940bf5\/screenshot-2019-09-17-at-10-37-56.png\" class=\"ff-og-image-inserted\"><\/div>\n<p>Security certificates are intended to elicit trust in users for the deployment of software, but as with so many other safeguards, threat actors can find a way to abuse the mechanism for their own ends.&nbsp;<\/p>\n<p>Traditional antivirus software usually relies on signature-based databases to detect whether or not software downloaded or executed on a machine contains a malicious secret. However, if signed off by a legitimate authority, malicious software may be able to circumvent detection.&nbsp;<\/p>\n<p>The same process applies to websites, too. Security certificates present a website&#8217;s credentials, including its ability to secure and encrypt data going between a client and browser, and these certificates and are issued by a Certificate Authority (CA).<\/p>\n<p>Certificates also come with an expiry date and have to be renewed relatively frequently.&nbsp;<\/p>\n<p>For cyberattackers, security certificates can be valuable in spreading malware and hoodwinking potential victims into visiting malicious domains that, for all intents and purposes, appear trustworthy.&nbsp;<\/p>\n<p>Code-signing certificates perform basic identity checks, whereas extended validation code signing certificates are more rigorously tested. The second certificate option, as it requires extensive vetting, is usually more expensive for developers to adopt. &nbsp;<\/p>\n<p>Certificates can give threat actors the ability to masquerade as trusted parties. There have been past cases of certificates becoming compromised and stolen, or CAs being banned outright for reasons including the sale of <a href=\"https:\/\/www.zdnet.com\/article\/google-bans-darkmatter-certificates-from-chrome-and-android\/\" target=\"_blank\" rel=\"noopener noreferrer\">surveillance tools<\/a> or <a href=\"https:\/\/www.zdnet.com\/article\/apple-google-and-mozilla-block-kazakhstans-https-intercepting-certificate\/\" target=\"_blank\" rel=\"noopener noreferrer\">direct user spying<\/a>, and now, researchers have found cyberattackers pretending to be legitimate business executives to purchase certificates online.&nbsp;<\/p>\n<section class=\"sharethrough-top\" data-component=\"medusaContentRecommendation\" data-medusa-content-recommendation-options=\"{&quot;promo&quot;:&quot;promo_ZD_recommendation_sharethrough_top_in_article_desktop&quot;,&quot;spot&quot;:&quot;dfp-in-article&quot;}\">\n<\/section>\n<p><strong>See also:&nbsp;<\/strong><a href=\"https:\/\/www.zdnet.com\/article\/drone-attack-slices-saudi-arabia-oil-production-in-half\/\" target=\"_blank\" rel=\"noopener noreferrer\">Drones attack Saudi Arabia oil production plants, slice output in half<\/a><\/p>\n<p>According to Tomislav Pericin, co-founder of ReversingLabs, the theft of certificates and identities can sometimes become &#8220;intertwined&#8221; in the trade of illicit security certificates.<\/p>\n<p>In a <a href=\"https:\/\/blog.reversinglabs.com\/blog\/digital-certificates-impersonated-executives-as-certificate-identity-fronts\" target=\"_blank\" rel=\"noopener noreferrer\">case recently tracked<\/a> by the cybersecurity firm, a threat actor, or group, is currently impersonating business executives in order to purchase and then later sell certificates in underground forums for malware deployment.&nbsp;<\/p>\n<p>The cyberattacker first performs reconnaissance to select suitable, viable targets. In one example, the fraudster scraped information from a UK business executive&#8217;s LinkedIn page and then registered a domain name related to their company.<\/p>\n<p>Once this infrastructure was in place, the attacker ordered a code-signing certificate, which requires less vetting &#8212; and, therefore, all of the information required to see the purchase through has already been generated.&nbsp;<\/p>\n<p><strong>CNET:&nbsp;<\/strong><a href=\"https:\/\/www.cnet.com\/news\/lastpass-fixed-a-major-exploit\/?ftag=CMG-01-10aaa1b\" target=\"_blank\" rel=\"noopener noreferrer\">LastPass fixes a major exploit<\/a><\/p>\n<p>In order to validate their stolen identity, the firm&#8217;s legal existence is checked under government or trusted third-party databases, the website domain is checked via email, and then for business validation, a simple, automated callback process is usually in play.&nbsp;<\/p>\n<p>The attacker has now successfully impersonated a business and has a code-signing certificate in their possession and available for sale. This particular certificate, based on fraud, has now been used to sign off on OpenSUpdater adware and has been used to sign 22 executables in total, many of which are malicious.&nbsp;<\/p>\n<p><strong>TechRepublic:&nbsp;<\/strong><a href=\"https:\/\/www.techrepublic.com\/article\/cybercriminals-shop-for-admin-access-to-healthcare-portals\/?ftag=CMG-01-10aaa1b\" target=\"_blank\" rel=\"noopener noreferrer\">Cybercriminals shop for admin access to healthcare portals<\/a><\/p>\n<p>ReversingLabs believes the cyberattacker, or threat group, has used the same tactic on at least a dozen companies. To make matters worse, fraudulent extended validation certificates have also been connected to the same entity, which may suggest that the profit margins are worth the reconnaissance and infrastructure setup required to pass hefty ID checks.&nbsp;<\/p>\n<p>&#8220;Certificate authority hopping is another tactic employed by this threat actor,&#8221; Pericin says. &#8220;Using the same impersonated identity, the actor tries to buy as many certificates from as many certificate authorities as possible. These typically get issued in quick succession, as the attackers want to get the best return on their infrastructure investment.&#8221;<\/p>\n<h3>Previous and related coverage<\/h3>\n<hr>\n<p><strong>Have a tip?<\/strong> Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0<\/p>\n<hr>\n<p>READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/30502\/Attackers-Pose-As-Business-Executives-To-Secure-Security-Certificates.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":29155,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[7820],"class_list":["post-29154","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-packet-storm","tag-headlinecybercrimefraudcryptography"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v28.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Attackers Pose As Business Executives To Secure Security Certificates 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/attackers-pose-as-business-executives-to-secure-security-certificates\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Attackers Pose As Business Executives To Secure Security Certificates 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/attackers-pose-as-business-executives-to-secure-security-certificates\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2019-09-17T14:27:16+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/09\/attackers-pose-as-business-executives-to-secure-security-certificates.png\" \/>\n\t<meta property=\"og:image:width\" content=\"770\" \/>\n\t<meta property=\"og:image:height\" content=\"578\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attackers-pose-as-business-executives-to-secure-security-certificates\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attackers-pose-as-business-executives-to-secure-security-certificates\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Attackers Pose As Business Executives To Secure Security Certificates\",\"datePublished\":\"2019-09-17T14:27:16+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attackers-pose-as-business-executives-to-secure-security-certificates\\\/\"},\"wordCount\":641,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attackers-pose-as-business-executives-to-secure-security-certificates\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/09\\\/attackers-pose-as-business-executives-to-secure-security-certificates.png\",\"keywords\":[\"headline,cybercrime,fraud,cryptography\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attackers-pose-as-business-executives-to-secure-security-certificates\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attackers-pose-as-business-executives-to-secure-security-certificates\\\/\",\"name\":\"Attackers Pose As Business Executives To Secure Security Certificates 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attackers-pose-as-business-executives-to-secure-security-certificates\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attackers-pose-as-business-executives-to-secure-security-certificates\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/09\\\/attackers-pose-as-business-executives-to-secure-security-certificates.png\",\"datePublished\":\"2019-09-17T14:27:16+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attackers-pose-as-business-executives-to-secure-security-certificates\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attackers-pose-as-business-executives-to-secure-security-certificates\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attackers-pose-as-business-executives-to-secure-security-certificates\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/09\\\/attackers-pose-as-business-executives-to-secure-security-certificates.png\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/09\\\/attackers-pose-as-business-executives-to-secure-security-certificates.png\",\"width\":770,\"height\":578},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attackers-pose-as-business-executives-to-secure-security-certificates\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,cybercrime,fraud,cryptography\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinecybercrimefraudcryptography\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Attackers Pose As Business Executives To Secure Security Certificates\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Attackers Pose As Business Executives To Secure Security Certificates 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/attackers-pose-as-business-executives-to-secure-security-certificates\/","og_locale":"en_US","og_type":"article","og_title":"Attackers Pose As Business Executives To Secure Security Certificates 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/attackers-pose-as-business-executives-to-secure-security-certificates\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2019-09-17T14:27:16+00:00","og_image":[{"width":770,"height":578,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/09\/attackers-pose-as-business-executives-to-secure-security-certificates.png","type":"image\/png"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/attackers-pose-as-business-executives-to-secure-security-certificates\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/attackers-pose-as-business-executives-to-secure-security-certificates\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Attackers Pose As Business Executives To Secure Security Certificates","datePublished":"2019-09-17T14:27:16+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/attackers-pose-as-business-executives-to-secure-security-certificates\/"},"wordCount":641,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/attackers-pose-as-business-executives-to-secure-security-certificates\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/09\/attackers-pose-as-business-executives-to-secure-security-certificates.png","keywords":["headline,cybercrime,fraud,cryptography"],"articleSection":["Packet Storm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/attackers-pose-as-business-executives-to-secure-security-certificates\/","url":"https:\/\/www.threatshub.org\/blog\/attackers-pose-as-business-executives-to-secure-security-certificates\/","name":"Attackers Pose As Business Executives To Secure Security Certificates 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/attackers-pose-as-business-executives-to-secure-security-certificates\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/attackers-pose-as-business-executives-to-secure-security-certificates\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/09\/attackers-pose-as-business-executives-to-secure-security-certificates.png","datePublished":"2019-09-17T14:27:16+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/attackers-pose-as-business-executives-to-secure-security-certificates\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/attackers-pose-as-business-executives-to-secure-security-certificates\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/attackers-pose-as-business-executives-to-secure-security-certificates\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/09\/attackers-pose-as-business-executives-to-secure-security-certificates.png","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/09\/attackers-pose-as-business-executives-to-secure-security-certificates.png","width":770,"height":578},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/attackers-pose-as-business-executives-to-secure-security-certificates\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,cybercrime,fraud,cryptography","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinecybercrimefraudcryptography\/"},{"@type":"ListItem","position":3,"name":"Attackers Pose As Business Executives To Secure Security Certificates"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/29154","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=29154"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/29154\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/29155"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=29154"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=29154"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=29154"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}