{"id":35173,"date":"2020-05-26T14:28:31","date_gmt":"2020-05-26T14:28:31","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/31237\/Turla-Hacker-Group-Steals-AV-Logs-To-See-If-Its-Malware-Was-Detected.html"},"modified":"2020-05-26T14:28:31","modified_gmt":"2020-05-26T14:28:31","slug":"turla-hacker-group-steals-av-logs-to-see-if-its-malware-was-detected","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/turla-hacker-group-steals-av-logs-to-see-if-its-malware-was-detected\/","title":{"rendered":"Turla Hacker Group Steals AV Logs To See If Its Malware Was Detected"},"content":{"rendered":"

\"Turla\"<\/span><\/p>\n

\n

Special feature<\/span><\/h3>\n
\"Cyberwar<\/span><\/a><\/div>\n

Cyberwar and the Future of Cybersecurity<\/a><\/p>\n

Today’s security threats have expanded in scope and seriousness. There can now be millions — or even billions — of dollars at risk when information security isn’t handled properly.<\/p>\n

Read More<\/a><\/p>\n<\/div>\n

Security researchers from ESET have discovered new attacks carried out by Turla<\/a>, one of Russia’s most advanced state-sponsored hacking groups.<\/p>\n

The new attacks have taken place in January 2020. ESET researchers say the attacks targeted three high-profile entities, such as a national parliament in the Caucasus and two Ministries of Foreign Affairs in Eastern Europe. Targets could not be identified by name due to national security reasons.<\/p>\n

These intrusions represent the latest entries in a long list of victims, most of which include diplomatic and military entities. This list started in the mid-2000s with the Pentagon and has continued throughout the years with targets in Europe, the Middle East, Asia, and Africa.<\/p>\n

The January 2020 attacks, however, stood out due to the deployment of an updated version of the ComRAT malware, which ESET says contained some pretty clever new features.<\/p>\n

Turla now steals antivirus logs<\/h3>\n

The ComRAT malware<\/a>, also known as Agent.BTZ, is one of Turla’s oldest weapons, and the one they used to siphon data from the Pentagon’s network in 2008<\/a>.<\/p>\n

The tool has seen several updates across the years, with new versions discovered in 2014<\/a> and 2017<\/a>, respectively.<\/p>\n

\"comrat-timeline.png\"<\/span>

\"comrat-timeline.png\"<\/span><\/p>\n

<\/noscript> Image: ESET<\/span><\/p>\n

The latest version, known as ComRAT v4, was first seen in 2017, however, in a report published today, ESET says they’ve spotted a variation of ComRAT v4 that includes two new features, such as the ability to exfiltrate antivirus logs and the ability to control the malware using a Gmail inbox.<\/p>\n

\n<\/section>\n

The first of these features is the malware’s ability to collect antivirus logs from an infected host and upload it to one of its command and control servers.<\/p>\n

The exact motives of a hacker group will always remain unclear, but Matthieu Faou, the ESET researcher who analyzed the malware, told ZDNet<\/em> that Turla operators might be collecting antivirus logs to “allow them to better understand if and which one of their malware sample was detected.”<\/p>\n

The belief is that if Turla operators see a detection, they can then tweak their malware and avoid future detections on other systems, where they can then operate undetected.<\/p>\n

Faou says that malware that steals logs is common, but it’s always hard for incident responders to detect the behavior.<\/p>\n

“The thing is that it is generally hard to determine what files were exfiltrated by the attackers,” Faou told us. “But for relatively advanced groups, it is not uncommon to try to understand if they are detected or if they leave traces behind them or not.”<\/p>\n

Turla’s ComRAT uses Gmail as a C&C server<\/h3>\n

But this wasn’t the only major change in the latest ComRAT malware version. Faou says that the malware now includes not one, but two command-and-control mechanisms.<\/p>\n

The first is the classic method of contacting a remote server via HTTP and retrieving instructions to execute on infected hosts.<\/p>\n

The second, and the new one, is the use of Gmail’s web interface. Faou says that the latest ComRAT v4 takes over one of the victim’s browsers, loads a predefined cookie file, and then initiates a session to the Gmail web dashboard.<\/p>\n

Here, the malware reads recent emails in the inbox, from where it downloads file attachments, and then reads the instructions contained within the file.<\/p>\n

The idea is that whenever Turla operators want to issue new commands to ComRAT instances running on infected hosts, the hackers merely have to send an email to the Gmail address. All data collected following the execution of instructions sent this way is sent back to the Gmail inbox, and redirected back to Turla operators.<\/p>\n

\"comrat-gmail.png\"<\/span>

\"comrat-gmail.png\"<\/span><\/p>\n

<\/noscript> Image: ESET<\/span><\/p>\n

ESET says that despite the new features, Turla operators continue to use ComRAT as they did before, which is primarily as a second-stage payload on already infected hosts. Here, ComRAT is used to search the filesystem for specific files, and then exfiltrate the data to a remote point, usually a cloud file sharing account on OneDrive or 4shared.<\/p>\n

Additional details on the new ComRAT malware are available in ESET’s report, here<\/a>.<\/p>\n

Two weeks ago, Kaspersky also published a report on some older Turla malware that received a nifty update. Researchers said they spotted a new version of the COMpfun malware, which Turla operators could control using a novel and never-before-seen system that relied on HTTP status codes<\/a>.<\/p>\n

\"Turla<\/span>

\"Turla<\/span><\/p>\n

<\/noscript> Image: ESET<\/span> READ MORE HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

READ MORE HERE…<\/p>\n","protected":false},"author":2,"featured_media":35174,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[277],"tags":[8671],"class_list":["post-35173","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-blogs","tag-headlinehackermalwarespyware"],"yoast_head":"\nTurla Hacker Group Steals AV Logs To See If Its Malware Was Detected 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/turla-hacker-group-steals-av-logs-to-see-if-its-malware-was-detected\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Turla Hacker Group Steals AV Logs To See If Its Malware Was Detected 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/turla-hacker-group-steals-av-logs-to-see-if-its-malware-was-detected\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2020-05-26T14:28:31+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/05\/turla-hacker-group-steals-av-logs-to-see-if-its-malware-was-detected.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1000\" \/>\n\t<meta property=\"og:image:height\" content=\"500\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/turla-hacker-group-steals-av-logs-to-see-if-its-malware-was-detected\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/turla-hacker-group-steals-av-logs-to-see-if-its-malware-was-detected\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Turla Hacker Group Steals AV Logs To See If Its Malware Was Detected\",\"datePublished\":\"2020-05-26T14:28:31+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/turla-hacker-group-steals-av-logs-to-see-if-its-malware-was-detected\\\/\"},\"wordCount\":776,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/turla-hacker-group-steals-av-logs-to-see-if-its-malware-was-detected\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/05\\\/turla-hacker-group-steals-av-logs-to-see-if-its-malware-was-detected.jpg\",\"keywords\":[\"headline,hacker,malware,spyware\"],\"articleSection\":[\"CyberSecurity Blogs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/turla-hacker-group-steals-av-logs-to-see-if-its-malware-was-detected\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/turla-hacker-group-steals-av-logs-to-see-if-its-malware-was-detected\\\/\",\"name\":\"Turla Hacker Group Steals AV Logs To See If Its Malware Was Detected 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/turla-hacker-group-steals-av-logs-to-see-if-its-malware-was-detected\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/turla-hacker-group-steals-av-logs-to-see-if-its-malware-was-detected\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/05\\\/turla-hacker-group-steals-av-logs-to-see-if-its-malware-was-detected.jpg\",\"datePublished\":\"2020-05-26T14:28:31+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/turla-hacker-group-steals-av-logs-to-see-if-its-malware-was-detected\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/turla-hacker-group-steals-av-logs-to-see-if-its-malware-was-detected\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/turla-hacker-group-steals-av-logs-to-see-if-its-malware-was-detected\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/05\\\/turla-hacker-group-steals-av-logs-to-see-if-its-malware-was-detected.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/05\\\/turla-hacker-group-steals-av-logs-to-see-if-its-malware-was-detected.jpg\",\"width\":1000,\"height\":500},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/turla-hacker-group-steals-av-logs-to-see-if-its-malware-was-detected\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,malware,spyware\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackermalwarespyware\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Turla Hacker Group Steals AV Logs To See If Its Malware Was Detected\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Turla Hacker Group Steals AV Logs To See If Its Malware Was Detected 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/turla-hacker-group-steals-av-logs-to-see-if-its-malware-was-detected\/","og_locale":"en_US","og_type":"article","og_title":"Turla Hacker Group Steals AV Logs To See If Its Malware Was Detected 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/turla-hacker-group-steals-av-logs-to-see-if-its-malware-was-detected\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2020-05-26T14:28:31+00:00","og_image":[{"width":1000,"height":500,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/05\/turla-hacker-group-steals-av-logs-to-see-if-its-malware-was-detected.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/turla-hacker-group-steals-av-logs-to-see-if-its-malware-was-detected\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/turla-hacker-group-steals-av-logs-to-see-if-its-malware-was-detected\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Turla Hacker Group Steals AV Logs To See If Its Malware Was Detected","datePublished":"2020-05-26T14:28:31+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/turla-hacker-group-steals-av-logs-to-see-if-its-malware-was-detected\/"},"wordCount":776,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/turla-hacker-group-steals-av-logs-to-see-if-its-malware-was-detected\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/05\/turla-hacker-group-steals-av-logs-to-see-if-its-malware-was-detected.jpg","keywords":["headline,hacker,malware,spyware"],"articleSection":["CyberSecurity Blogs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/turla-hacker-group-steals-av-logs-to-see-if-its-malware-was-detected\/","url":"https:\/\/www.threatshub.org\/blog\/turla-hacker-group-steals-av-logs-to-see-if-its-malware-was-detected\/","name":"Turla Hacker Group Steals AV Logs To See If Its Malware Was Detected 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/turla-hacker-group-steals-av-logs-to-see-if-its-malware-was-detected\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/turla-hacker-group-steals-av-logs-to-see-if-its-malware-was-detected\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/05\/turla-hacker-group-steals-av-logs-to-see-if-its-malware-was-detected.jpg","datePublished":"2020-05-26T14:28:31+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/turla-hacker-group-steals-av-logs-to-see-if-its-malware-was-detected\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/turla-hacker-group-steals-av-logs-to-see-if-its-malware-was-detected\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/turla-hacker-group-steals-av-logs-to-see-if-its-malware-was-detected\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/05\/turla-hacker-group-steals-av-logs-to-see-if-its-malware-was-detected.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/05\/turla-hacker-group-steals-av-logs-to-see-if-its-malware-was-detected.jpg","width":1000,"height":500},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/turla-hacker-group-steals-av-logs-to-see-if-its-malware-was-detected\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,malware,spyware","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackermalwarespyware\/"},{"@type":"ListItem","position":3,"name":"Turla Hacker Group Steals AV Logs To See If Its Malware Was Detected"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/35173","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=35173"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/35173\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/35174"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=35173"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=35173"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=35173"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}