{"id":34768,"date":"2020-05-03T17:46:00","date_gmt":"2020-05-03T17:46:00","guid":{"rendered":"http:\/\/8e38557e-917e-4894-b87a-2e3f3f5106a1"},"modified":"2020-05-03T17:46:00","modified_gmt":"2020-05-03T17:46:00","slug":"ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner\/","title":{"rendered":"Ghost blogging platform servers hacked and infected with crypto-miner"},"content":{"rendered":"<p><span class=\"img aspect-set\"><img decoding=\"async\" src=\"https:\/\/zdnet3.cbsistatic.com\/hub\/i\/2020\/05\/03\/9ab03b83-4cab-45d0-9b56-067a544c0ddb\/ghost-logo.png\" class alt=\"Ghost logo\"><\/span><span class=\"credit\">Image: Ghost<\/span><\/p>\n<p>A serious hacking campaign is currently underway, and tens of companies have been hacked already, ZDNet has learned from security researchers keeping an eye on the attacks.<\/p>\n<p>For the past 24 hours, hackers have been mass-scanning the internet for <a href=\"https:\/\/github.com\/saltstack\/salt\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">Salt<\/a>, a type of software used to manage and automate servers inside data centers, cloud server clusters, and enterprise networks.<\/p>\n<p>Attackers have been exploiting two recently-patched bugs to gain access to Salt servers and then deploy a cryptocurrency miner.<\/p>\n<h3>LineageOS hacked. Now Ghost.<\/h3>\n<p>Earlier today, ZDNet reported that <a href=\"https:\/\/www.zdnet.com\/article\/hackers-breach-lineageos-servers-via-unpatched-vulnerability\/\" target=\"_blank\" rel=\"noopener noreferrer\">hackers managed to breach the servers of LineageOS<\/a>, a mobile operating system.<\/p>\n<p>A second major hack surfaced a few hours later after our initial report. The second victim is Ghost, a Node.js-based blogging platform, built and advertised as a simpler alternative to WordPress.<\/p>\n<p><a href=\"https:\/\/status.ghost.org\/incidents\/tpn078sqk973\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">In a status page<\/a>, the Ghost developer team said they detected an intrusion into their backend infrastructure systems at around 1:30am UTC.<\/p>\n<p>Ghost devs said the hackers used <a href=\"https:\/\/www.zdnet.com\/article\/saltstack-salt-critical-bugs-allow-data-center-cloud-server-hijacking-as-root\/\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2020-11651 (an authentication bypass) and CVE-2020-11652 (a directory traversal)<\/a> to take control over its Salt master server.<\/p>\n<section class=\"sharethrough-top\" data-component=\"medusaContentRecommendation\" data-medusa-content-recommendation-options=\"{&quot;promo&quot;:&quot;promo_zd_recommendation_sharethrough_top_in_article_desktop&quot;,&quot;spot&quot;:&quot;dfp-in-article&quot;}\">\n<\/section>\n<p>The blogging company said that while hackers had access to the Ghost(Pro) sites and Ghost.org billing services, they didn&#8217;t steal any financial information or user credentials.<\/p>\n<p>Instead, Ghost said the hackers installed a cryptocurrency miner.<\/p>\n<p>&#8220;The mining attempt spiked CPUs and quickly overloaded most of our systems, which alerted us to the issue immediately,&#8221; Ghost developers said.<\/p>\n<p>Similar to LineageOS, Ghost devs took down all servers, patched systems, and redeployed everything online after a few hours.<\/p>\n<h3>Ransomware gangs expected to exploit bugs in the coming days<\/h3>\n<p>A security researcher who requested we not use his name for this report said the attacks were most likely carried out with an automated vulnerability scanner that detected outdated Salt installs, and then automatically exploited the two bugs to install the crypto-mining malware.<\/p>\n<p>&#8220;It is very possible that the threat actor behind these scans doesn&#8217;t even know the type of companies they&#8217;re breaching right now,&#8221; the researcher told ZDNet in a Twitter chat. &#8220;We&#8217;re seeing unpatched Salt servers at banks, web hosters, and Fortune 500 companies.&#8221;<\/p>\n<p>&#8220;Pretty soon ransomware gangs are going to start scanning for this bug, and we&#8217;re gonna see mayhem, with ransomware deployed at some huge targets.&#8221;<\/p>\n<p>Some of these intrusions are currently being reported <a href=\"https:\/\/github.com\/saltstack\/salt\/issues\/57057\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">on a GitHub thread<\/a>, with similar reports of an attacker planting a cryptocurrency miner on hacked Salt systems.<\/p>\n<p>Saltstack, the company behind the Salt software, <a href=\"https:\/\/docs.saltstack.com\/en\/latest\/topics\/releases\/3000.2.html\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">published patches<\/a> earlier this week to address the two vulnerabilities. Companies are advised to either patch the Salt servers or secure them behind a firewall. There are currently around 6,000 Salt servers exposed on the internet.<\/p>\n<p> READ MORE <a href=\"https:\/\/www.zdnet.com\/article\/ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner\/#ftag=RSSbaffb68\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Ghost platform got hacked via the same vulnerability that allowed hackers to breach LineageOS servers hours before.<br \/>\nREAD MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":34769,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[62],"tags":[],"class_list":["post-34768","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-zdnet-security"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Ghost blogging platform servers hacked and infected with crypto-miner 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Ghost blogging platform servers hacked and infected with crypto-miner 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2020-05-03T17:46:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/05\/ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner.png\" \/>\n\t<meta property=\"og:image:width\" content=\"770\" \/>\n\t<meta property=\"og:image:height\" content=\"380\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Ghost blogging platform servers hacked and infected with crypto-miner\",\"datePublished\":\"2020-05-03T17:46:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner\\\/\"},\"wordCount\":461,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/05\\\/ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner.png\",\"articleSection\":[\"ZDNet | Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner\\\/\",\"name\":\"Ghost blogging platform servers hacked and infected with crypto-miner 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/05\\\/ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner.png\",\"datePublished\":\"2020-05-03T17:46:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/05\\\/ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner.png\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/05\\\/ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner.png\",\"width\":770,\"height\":380},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Ghost blogging platform servers hacked and infected with crypto-miner\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Ghost blogging platform servers hacked and infected with crypto-miner 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner\/","og_locale":"en_US","og_type":"article","og_title":"Ghost blogging platform servers hacked and infected with crypto-miner 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2020-05-03T17:46:00+00:00","og_image":[{"width":770,"height":380,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/05\/ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner.png","type":"image\/png"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Ghost blogging platform servers hacked and infected with crypto-miner","datePublished":"2020-05-03T17:46:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner\/"},"wordCount":461,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/05\/ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner.png","articleSection":["ZDNet | Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner\/","url":"https:\/\/www.threatshub.org\/blog\/ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner\/","name":"Ghost blogging platform servers hacked and infected with crypto-miner 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/05\/ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner.png","datePublished":"2020-05-03T17:46:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/05\/ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner.png","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/05\/ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner.png","width":770,"height":380},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Ghost blogging platform servers hacked and infected with crypto-miner"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/34768","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=34768"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/34768\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/34769"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=34768"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=34768"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=34768"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}