{"id":38668,"date":"2020-12-10T20:17:32","date_gmt":"2020-12-10T20:17:32","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/malwareless-ransomware-campaign-operators-pwned-83k-victims-mysql-servers-250k-databases-up-for-sale\/"},"modified":"2020-12-10T20:17:32","modified_gmt":"2020-12-10T20:17:32","slug":"malwareless-ransomware-campaign-operators-pwned-83k-victims-mysql-servers-250k-databases-up-for-sale","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/malwareless-ransomware-campaign-operators-pwned-83k-victims-mysql-servers-250k-databases-up-for-sale\/","title":{"rendered":"‘Malwareless’ ransomware campaign operators pwned 83k victims’ MySQL servers, 250k databases up for sale"},"content":{"rendered":"

A \u201cmalwareless\u201d ransomware campaign delivered from UK IP addresses targeting weak security controls around internet-facing SQL servers successfully pwned 83,000 victims, according to Israeli infosec biz Guardicore.<\/p>\n

\u201cThe attack chain is extremely simple and exploits weak credentials on internet-facing MySQL servers\u201d said Guardicore\u2019s Ophir Harpaz in a technical advisory<\/a> today, estimating that there around five million MySQL servers accessible from the public internet.<\/p>\n

Once the database servers are compromised, the miscreants operating the campaign begin a so-called \u201cdouble extortion\u201d attack, threatening to publish data exfiltrated from the SQL silos unless victims pay a ransom, which also apparently will lead to the restoration of that data.<\/p>\n

Holding people’s files and records to ransom has become synonymous with application-level malware infections. What we have here is a reminder that crooks can scramble information from afar without having to run bad apps on employees’ workstations or host servers.<\/p>\n

Beginning in January, Guardicore observed the crime spree evolve over the course of the year through two different strains. \u201cIn the first, which lasted from January till the end of November, the attackers left a ransom note with their [Bitcoin] wallet address, the amount of Bitcoin to pay and an email address for technical support,\u201d wrote Harpaz, who said victims were typically given 10 days to stump up.<\/p>\n

\"schoolkids\"<\/p>\n

Forget Snow Day: Baltimore’s 115,000+ public school kids get Ransomware Day, must check Win PCs for infection<\/h2>\n

READ MORE<\/span><\/a><\/div>\n

Typical ransoms were around 0.03 Bitcoins, or about $500 at the time of writing.<\/p>\n

Around 1.2 Bitcoins (~$25,000) was deposited to wallet addresses mentioned in ransom notes seen by Guardicore\u2019s researchers, with a total of 250,000 breached databases being offered for sale. Over time the campaign stepped up, sharply increasing in October with the apparent release of a second version.<\/p>\n

\u201cThe [extortionists’] website is a good example of a double extortion mechanism \u2013 it contains all leaked databases for which ransom was not paid. The website lists 250k different databases from 83k MySQL servers, with 7TB of stolen data. Up till now, [Guardicore\u2019s sensor network] captured 29 incidents of this variant, originating from 7 different IP addresses,\u201d added Harpaz.<\/p>\n

Version 2\u2019s ransom note, planted inside compromised databases in an unscrambled column, read:<\/p>\n

\nINSERT INTO `WARNING` (`id`, `warning`, `website`, `token`) VALUES (1, \u2018To recover your lost databases and avoid leaking it: visit http[.]\/\/hn4wg4o6s5nc7763.onion and enter your unique token ffc7e276a3c7ef27 and pay the required amount of Bitcoin to get it back. Databases that we have: . Your databases are downloaded and backed up on our servers. If we dont receive your payment in the next 9 Days, we will sell your database to the highest bidder or use them otherwise. To access this site you have use the tor browser https:\/\/www.torproject.org\/projects\/torbrowser.html\u2019, \u2018http:\/\/hn4wg4o6s5nc7763.onion\u2019, \u2018ffc7e276a3c7ef27\u2019);\n<\/pre>\n
Hailing the attack\u2019s simplicity and the fact that it is seemingly automated and transient, Harpaz concluded: \u201cThere are no binary payloads involved in the attack chain, making the attack \u2018malwareless\u2019. Only a simple script which breaks in the database, steals information, and leaves a message.\u201d<\/p>\n
Internet-facing MySQL databases used by WordPress are pretty common. Contained in those databases are username and login information for the site they power, which could prove troublesome if users \u2013 not just site admins but also article authors and comment posters \u2013 recycle their credential pairs elsewhere.<\/p>\n
\u201cDouble extortion\u201d was last in the news when footie super-club Manchester United was struck<\/a> by ransomware last month. The technique isn\u2019t new but the handy name for it is relatively so. \u00ae<\/p>\n
 READ MORE HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"
$500 a pop, $25k ‘earned’ and not much of a trace left, says Guardicore A \u201cmalwareless\u201d ransomware campaign delivered from UK IP addresses targeting weak security controls around internet-facing SQL servers successfully pwned 83,000 victims, according to Israeli infosec biz Guardicore.\u2026 READ MORE HERE…<\/p>\n","protected":false},"author":2,"featured_media":38669,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-38668","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-register"],"yoast_head":"\n'Malwareless' ransomware campaign operators pwned 83k victims' MySQL servers, 250k databases up for sale 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/malwareless-ransomware-campaign-operators-pwned-83k-victims-mysql-servers-250k-databases-up-for-sale\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"'Malwareless' ransomware campaign operators pwned 83k victims' MySQL servers, 250k databases up for sale 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/malwareless-ransomware-campaign-operators-pwned-83k-victims-mysql-servers-250k-databases-up-for-sale\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2020-12-10T20:17:32+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/12\/malwareless-ransomware-campaign-operators-pwned-83k-victims-mysql-servers-250k-databases-up-for-sale.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"174\" \/>\n\t<meta property=\"og:image:height\" content=\"115\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/malwareless-ransomware-campaign-operators-pwned-83k-victims-mysql-servers-250k-databases-up-for-sale\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/malwareless-ransomware-campaign-operators-pwned-83k-victims-mysql-servers-250k-databases-up-for-sale\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"‘Malwareless’ ransomware campaign operators pwned 83k victims’ MySQL servers, 250k databases up for sale\",\"datePublished\":\"2020-12-10T20:17:32+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/malwareless-ransomware-campaign-operators-pwned-83k-victims-mysql-servers-250k-databases-up-for-sale\/\"},\"wordCount\":498,\"publisher\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/malwareless-ransomware-campaign-operators-pwned-83k-victims-mysql-servers-250k-databases-up-for-sale\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/12\/malwareless-ransomware-campaign-operators-pwned-83k-victims-mysql-servers-250k-databases-up-for-sale.jpg\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/malwareless-ransomware-campaign-operators-pwned-83k-victims-mysql-servers-250k-databases-up-for-sale\/\",\"url\":\"https:\/\/www.threatshub.org\/blog\/malwareless-ransomware-campaign-operators-pwned-83k-victims-mysql-servers-250k-databases-up-for-sale\/\",\"name\":\"'Malwareless' ransomware campaign operators pwned 83k victims' MySQL servers, 250k databases up for sale 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/malwareless-ransomware-campaign-operators-pwned-83k-victims-mysql-servers-250k-databases-up-for-sale\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/malwareless-ransomware-campaign-operators-pwned-83k-victims-mysql-servers-250k-databases-up-for-sale\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/12\/malwareless-ransomware-campaign-operators-pwned-83k-victims-mysql-servers-250k-databases-up-for-sale.jpg\",\"datePublished\":\"2020-12-10T20:17:32+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/malwareless-ransomware-campaign-operators-pwned-83k-victims-mysql-servers-250k-databases-up-for-sale\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.threatshub.org\/blog\/malwareless-ransomware-campaign-operators-pwned-83k-victims-mysql-servers-250k-databases-up-for-sale\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/malwareless-ransomware-campaign-operators-pwned-83k-victims-mysql-servers-250k-databases-up-for-sale\/#primaryimage\",\"url\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/12\/malwareless-ransomware-campaign-operators-pwned-83k-victims-mysql-servers-250k-databases-up-for-sale.jpg\",\"contentUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/12\/malwareless-ransomware-campaign-operators-pwned-83k-victims-mysql-servers-250k-databases-up-for-sale.jpg\",\"width\":174,\"height\":115},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/malwareless-ransomware-campaign-operators-pwned-83k-victims-mysql-servers-250k-databases-up-for-sale\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.threatshub.org\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"‘Malwareless’ ransomware campaign operators pwned 83k victims’ MySQL servers, 250k databases up for sale\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#website\",\"url\":\"https:\/\/www.threatshub.org\/blog\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\/\/www.threatshub.org\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"'Malwareless' ransomware campaign operators pwned 83k victims' MySQL servers, 250k databases up for sale 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/malwareless-ransomware-campaign-operators-pwned-83k-victims-mysql-servers-250k-databases-up-for-sale\/","og_locale":"en_US","og_type":"article","og_title":"'Malwareless' ransomware campaign operators pwned 83k victims' MySQL servers, 250k databases up for sale 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/malwareless-ransomware-campaign-operators-pwned-83k-victims-mysql-servers-250k-databases-up-for-sale\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2020-12-10T20:17:32+00:00","og_image":[{"width":174,"height":115,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/12\/malwareless-ransomware-campaign-operators-pwned-83k-victims-mysql-servers-250k-databases-up-for-sale.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/malwareless-ransomware-campaign-operators-pwned-83k-victims-mysql-servers-250k-databases-up-for-sale\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/malwareless-ransomware-campaign-operators-pwned-83k-victims-mysql-servers-250k-databases-up-for-sale\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"‘Malwareless’ ransomware campaign operators pwned 83k victims’ MySQL servers, 250k databases up for sale","datePublished":"2020-12-10T20:17:32+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/malwareless-ransomware-campaign-operators-pwned-83k-victims-mysql-servers-250k-databases-up-for-sale\/"},"wordCount":498,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/malwareless-ransomware-campaign-operators-pwned-83k-victims-mysql-servers-250k-databases-up-for-sale\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/12\/malwareless-ransomware-campaign-operators-pwned-83k-victims-mysql-servers-250k-databases-up-for-sale.jpg","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/malwareless-ransomware-campaign-operators-pwned-83k-victims-mysql-servers-250k-databases-up-for-sale\/","url":"https:\/\/www.threatshub.org\/blog\/malwareless-ransomware-campaign-operators-pwned-83k-victims-mysql-servers-250k-databases-up-for-sale\/","name":"'Malwareless' ransomware campaign operators pwned 83k victims' MySQL servers, 250k databases up for sale 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/malwareless-ransomware-campaign-operators-pwned-83k-victims-mysql-servers-250k-databases-up-for-sale\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/malwareless-ransomware-campaign-operators-pwned-83k-victims-mysql-servers-250k-databases-up-for-sale\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/12\/malwareless-ransomware-campaign-operators-pwned-83k-victims-mysql-servers-250k-databases-up-for-sale.jpg","datePublished":"2020-12-10T20:17:32+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/malwareless-ransomware-campaign-operators-pwned-83k-victims-mysql-servers-250k-databases-up-for-sale\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/malwareless-ransomware-campaign-operators-pwned-83k-victims-mysql-servers-250k-databases-up-for-sale\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/malwareless-ransomware-campaign-operators-pwned-83k-victims-mysql-servers-250k-databases-up-for-sale\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/12\/malwareless-ransomware-campaign-operators-pwned-83k-victims-mysql-servers-250k-databases-up-for-sale.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/12\/malwareless-ransomware-campaign-operators-pwned-83k-victims-mysql-servers-250k-databases-up-for-sale.jpg","width":174,"height":115},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/malwareless-ransomware-campaign-operators-pwned-83k-victims-mysql-servers-250k-databases-up-for-sale\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"‘Malwareless’ ransomware campaign operators pwned 83k victims’ MySQL servers, 250k databases up for sale"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/38668","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=38668"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/38668\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/38669"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=38668"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=38668"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=38668"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}