{"id":34278,"date":"2020-04-07T16:36:08","date_gmt":"2020-04-07T16:36:08","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/31099\/Hackers-Have-Been-Quietly-Targeting-Linux-Servers.html"},"modified":"2020-04-07T16:36:08","modified_gmt":"2020-04-07T16:36:08","slug":"hackers-have-been-quietly-targeting-linux-servers","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/hackers-have-been-quietly-targeting-linux-servers\/","title":{"rendered":"Hackers Have Been Quietly Targeting Linux Servers"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/zdnet1.cbsistatic.com\/hub\/i\/r\/2020\/02\/20\/47e3727c-9a83-45f5-86c8-417b742d4bf3\/thumbnail\/770x578\/e001702365e007109d70d0b85b727d01\/datacentermanistock-1060784838.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>Hacking campaigns linked to China have been exploiting vulnerabilities in Linux servers in an operation which successfully stayed under the radar for almost a decade.<\/p>\n<p><a href=\"https:\/\/blogs.blackberry.com\/en\/2020\/04\/decade-of-the-rats\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">Detailed by researchers at BlackBerry<\/a>, the operation, linked to the interests of the Chinese government, is conducting hacking and cyber espionage against a wide array of industries for the purposes of intellectual property theft and data collection.<\/p>\n<p>While the overall campaign is multi-platform, a newly uncovered part of it has been exploiting vulnerabilities in Linux since at least 2012 \u2013 and without the attackers having to update their offensive capabilities in that time.<\/p>\n<p>&#8220;It&#8217;s newly discovered, but it&#8217;s nowhere near new. A lot of these tool-sets go back to 2012 and 2013 which is a ridiculous amount of time for an adversary to be able to use the same set of tools,&#8221; Eric Cornelius, chief product architect at Blackberry told ZDNet.<\/p>\n<p>Linux is not typically a user-facing technology, so security companies tend to focus on it less, he explained. As a result, these hacking groups have zeroed in on that gap in security and leveraged it for their strategic advantage to steal intellectual property from targeted sectors for years without anyone noticing, he said.<\/p>\n<p>&#8220;It&#8217;s critical for these servers to be up all the time; so what better place to put a root kit or a pervasive active tool than on a machine that&#8217;s going to be turned on all time?,&#8221; said Cornelius.<\/p>\n<p>The attackers scan for Red Hat Enterprise, CentOS, and Ubuntu Linux environments across a wide range of industries, attempting to identify unpatched servers. From there it&#8217;s simply a case of establishing persistence on the network with <a href=\"https:\/\/www.zdnet.com\/article\/what-is-malware-everything-you-need-to-know-about-viruses-trojans-and-malicious-software\/\">malware<\/a>.<\/p>\n<section class=\"sharethrough-top\" data-component=\"medusaContentRecommendation\" data-medusa-content-recommendation-options=\"{&quot;promo&quot;:&quot;promo_zd_recommendation_sharethrough_top_in_article_desktop&quot;,&quot;spot&quot;:&quot;dfp-in-article&quot;}\">\n<\/section>\n<p>Not only can this provide the attackers the access they need to sensitive information and data, but with the infection on the servers themselves, they can create a persistent back door into the network which provides them with a way back in whenever they like \u2013 so long as the compromise isn&#8217;t uncovered.<\/p>\n<p><strong><strong>SEE:&nbsp;<\/strong><\/strong><a href=\"https:\/\/www.zdnet.com\/topic\/cybersecurity-lets-get-tactical\/\"><strong><strong>Cybersecurity: Let&#8217;s get tactical<\/strong><\/strong><\/a><strong>&nbsp;<\/strong>(ZDNet\/TechRepublic special feature) |&nbsp;<a href=\"https:\/\/www.techrepublic.com\/resource-library\/whitepapers\/cybersecurity-let-s-get-tactical-free-pdf\/?ftag=CMG-01-10aaa1b\" target=\"_blank\" rel=\"noopener noreferrer\" data-component=\"externalLink\"><strong><strong>Download the free PDF version<\/strong><\/strong><\/a><strong>&nbsp;<\/strong>(TechRepublic)&nbsp;<\/p>\n<p>And by compromising the servers, it&#8217;s much easier to exfiltrate data, as transfers of data out to command-and-control servers can be disguised as web traffic.<\/p>\n<p>The attackers are careful to do as little damage as possible to the networks so as to avoid detection \u2013 and therefore keep campaigns up and running for as long as possible, which might be years.<\/p>\n<p>&#8220;If they&#8217;d been <a href=\"https:\/\/www.zdnet.com\/article\/ransomware-an-executive-guide-to-one-of-the-biggest-menaces-on-the-web\/\">encrypting or ransoming these machines<\/a>, there would have been some response; but because they did no damage, there&#8217;s no reason for anyone to suspect anything was going on. It shows a high level of sophistication on behalf of the adversaries,&#8221; Cornelius explained.<\/p>\n<p>However, over the course of the campaigns, the attackers managed to leave some evidence behind which allowed researchers to attribute the campaign to hackers working out of China with links to the Chinese government.<\/p>\n<p>Part of the reason this was possible according to BlackBerry because this team is made up of sub-contractors. While they were highly efficient, they sometimes lacked operational security.<\/p>\n<p>&#8220;Every time you deploy these tools, you betray some information and the teams behind this betrayed too much, they got a bit sloppy,&#8221; said Cornelius.<\/p>\n<p>&#8220;We were able to do a good amount of correlation between the toolset, naming conventions and technical artefacts and start to see the picture&#8221;.<\/p>\n<p>That&#8217;s led to BlackBerry linking this campaign to Winnti, a Chinese hacking operation across multiple groups <a href=\"https:\/\/www.zdnet.com\/article\/chinese-cyberspies-breached-teamviewer-in-2016\/\">which uses civilian contractors to aid the work of nation-state backed operations<\/a>.<\/p>\n<p>It&#8217;s highly likely that the campaign is still ongoing, still attempting to target unpatched or forgotten about Linux systems in addition to attacks against Windows. However, the simple way to avoid falling victim is to ensure that servers and operating systems <a href=\"https:\/\/www.zdnet.com\/article\/cybersecurity-how-to-get-your-software-patching-strategy-right-and-keep-the-hackers-at-bay\/\">are patched and up to date<\/a> so hackers can&#8217;t <a href=\"https:\/\/www.zdnet.com\/article\/these-are-the-top-ten-software-flaws-used-by-crooks-make-sure-youve-applied-the-patches\/\">exploit old vulnerabilities<\/a>.<\/p>\n<p>&#8220;These types of compromises are only prevented by good cyber hygiene, there&#8217;s no magic that can be done, there&#8217;s no silver bullet that an organisation can use to suddenly not be compromised,&#8221; said Cornelius.<\/p>\n<p>&#8220;What this shows that in order to be secure against these adversaries, you have to be secure across all fronts; Windows, mobile, Linux and Macs,&#8221; he said.<\/p>\n<p><strong>READ MORE ON CYBERSECURITY<\/strong><\/p>\n<p>READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/31099\/Hackers-Have-Been-Quietly-Targeting-Linux-Servers.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":34279,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[277],"tags":[5051],"class_list":["post-34278","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-blogs","tag-headlinehackerlinux"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Hackers Have Been Quietly Targeting Linux Servers 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/hackers-have-been-quietly-targeting-linux-servers\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Hackers Have Been Quietly Targeting Linux Servers 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/hackers-have-been-quietly-targeting-linux-servers\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2020-04-07T16:36:08+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/04\/hackers-have-been-quietly-targeting-linux-servers.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"770\" \/>\n\t<meta property=\"og:image:height\" content=\"578\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/hackers-have-been-quietly-targeting-linux-servers\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/hackers-have-been-quietly-targeting-linux-servers\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Hackers Have Been Quietly Targeting Linux Servers\",\"datePublished\":\"2020-04-07T16:36:08+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/hackers-have-been-quietly-targeting-linux-servers\/\"},\"wordCount\":730,\"publisher\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/hackers-have-been-quietly-targeting-linux-servers\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/04\/hackers-have-been-quietly-targeting-linux-servers.jpg\",\"keywords\":[\"headline,hacker,linux\"],\"articleSection\":[\"CyberSecurity Blogs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/hackers-have-been-quietly-targeting-linux-servers\/\",\"url\":\"https:\/\/www.threatshub.org\/blog\/hackers-have-been-quietly-targeting-linux-servers\/\",\"name\":\"Hackers Have Been Quietly Targeting Linux Servers 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/hackers-have-been-quietly-targeting-linux-servers\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/hackers-have-been-quietly-targeting-linux-servers\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/04\/hackers-have-been-quietly-targeting-linux-servers.jpg\",\"datePublished\":\"2020-04-07T16:36:08+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/hackers-have-been-quietly-targeting-linux-servers\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.threatshub.org\/blog\/hackers-have-been-quietly-targeting-linux-servers\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/hackers-have-been-quietly-targeting-linux-servers\/#primaryimage\",\"url\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/04\/hackers-have-been-quietly-targeting-linux-servers.jpg\",\"contentUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/04\/hackers-have-been-quietly-targeting-linux-servers.jpg\",\"width\":770,\"height\":578},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/hackers-have-been-quietly-targeting-linux-servers\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.threatshub.org\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,linux\",\"item\":\"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackerlinux\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Hackers Have Been Quietly Targeting Linux Servers\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#website\",\"url\":\"https:\/\/www.threatshub.org\/blog\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\/\/www.threatshub.org\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Hackers Have Been Quietly Targeting Linux Servers 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/hackers-have-been-quietly-targeting-linux-servers\/","og_locale":"en_US","og_type":"article","og_title":"Hackers Have Been Quietly Targeting Linux Servers 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/hackers-have-been-quietly-targeting-linux-servers\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2020-04-07T16:36:08+00:00","og_image":[{"width":770,"height":578,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/04\/hackers-have-been-quietly-targeting-linux-servers.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/hackers-have-been-quietly-targeting-linux-servers\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/hackers-have-been-quietly-targeting-linux-servers\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Hackers Have Been Quietly Targeting Linux Servers","datePublished":"2020-04-07T16:36:08+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/hackers-have-been-quietly-targeting-linux-servers\/"},"wordCount":730,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/hackers-have-been-quietly-targeting-linux-servers\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/04\/hackers-have-been-quietly-targeting-linux-servers.jpg","keywords":["headline,hacker,linux"],"articleSection":["CyberSecurity Blogs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/hackers-have-been-quietly-targeting-linux-servers\/","url":"https:\/\/www.threatshub.org\/blog\/hackers-have-been-quietly-targeting-linux-servers\/","name":"Hackers Have Been Quietly Targeting Linux Servers 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/hackers-have-been-quietly-targeting-linux-servers\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/hackers-have-been-quietly-targeting-linux-servers\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/04\/hackers-have-been-quietly-targeting-linux-servers.jpg","datePublished":"2020-04-07T16:36:08+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/hackers-have-been-quietly-targeting-linux-servers\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/hackers-have-been-quietly-targeting-linux-servers\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/hackers-have-been-quietly-targeting-linux-servers\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/04\/hackers-have-been-quietly-targeting-linux-servers.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/04\/hackers-have-been-quietly-targeting-linux-servers.jpg","width":770,"height":578},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/hackers-have-been-quietly-targeting-linux-servers\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,linux","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackerlinux\/"},{"@type":"ListItem","position":3,"name":"Hackers Have Been Quietly Targeting Linux Servers"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/34278","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=34278"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/34278\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/34279"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=34278"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=34278"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=34278"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}