{"id":40922,"date":"2021-05-17T21:27:00","date_gmt":"2021-05-17T21:27:00","guid":{"rendered":"https:\/\/www.darkreading.com\/vulnerabilities---threats\/47--of-criminals-buying-exploits-target-microsoft-products\/d\/d-id\/1341037"},"modified":"2021-05-17T21:27:00","modified_gmt":"2021-05-17T21:27:00","slug":"47-of-criminals-buying-exploits-target-microsoft-products","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/47-of-criminals-buying-exploits-target-microsoft-products\/","title":{"rendered":"47% of Criminals Buying Exploits Target Microsoft Products"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/img.deusm.com\/darkreading\/dr_staff_125x125.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<header><\/header>\n<p><span class=\"strong black\">Researchers examine English- and Russian-language underground exploits to track how exploits are advertised and sold.<\/span><\/p>\n<p class>RSA CONFERENCE 2021&nbsp;\u2013 Microsoft products accounted for 47% of the CVEs that cybercriminals request across underground forums, according to&nbsp;researchers who conducted a yearlong study into the exploit market.<\/p>\n<p>The research spanned more than 600 English and Russian language forums, said Mayra Rosario Fuentes, senior threat researcher at Trend Micro, who presented some of the findings in her RSA Conference talk &#8220;Tales from the Underground: The Vulnerability Weaponization Lifecycle.&#8221; Researchers sought to learn which exploits were sold and requested, the types of sellers and buyers involved in transactions, and how their findings compared with their detection systems&#8217;.<\/p>\n<p>Researchers scoured advertisements for the sales of exploits from January 2019 through December 2020. They learned Microsoft&#8217;s tools and services made up 47% of all requested CVEs on underground forums. Internet-connected products made up only 5%, &#8220;but with increased bandwidth of connected devices with the new 5G entering the market, IoT devices will become more vulnerable to cyberattack,&#8221; noted Fuentes in her talk.<\/p>\n<p>More than half (52%) of exploits requested were less than two years old. Buyers were willing to pay an average of $2,000 (USD) for requested exploits; however, some offered up to $10,000 for zero-day exploits targeting Microsoft products.<\/p>\n<p>Fuentes shared some examples of these exploit requests. One forum post requested help regarding an exploit for CVE-2019-1151, a Microsoft Graphics remote code execution (RCE) vulnerability that exists when the Windows font library improperly handles specially crafted embedded fonts. Another offered $2,000 for help in exploiting an RCE flaw in the Apache Web server.<\/p>\n<p>When researching forum posts advertising exploits, researchers found 61% targeted Microsoft products. The highest percentage (31%) were for Microsoft Office, 15% were for Microsoft Windows, 10% were for Internet Explorer, and 5% were for Microsoft Remote Desktop Protocol. Fuentes noted exploits for Office and Adobe were most common in English language forums.&nbsp;&nbsp;<\/p>\n<p>A comparison of cybercriminals&#8217; wish lists and sold exploits revealed parallels between the two categories, Fuentes pointed out.<\/p>\n<p>&#8220;We noticed what was requested was very similar to what the market was offering,&#8221; she said. &#8220;Cybercriminals may have seen the requested items from users before deciding what items to offer on the market.&#8221;<\/p>\n<p>Microsoft Word and Excel exploits &#8220;dominated&#8221; in both categories, Fuentes continued, digging into the broader Office category. Word and Excel made up 46% of exploits on criminals&#8217; wish lists and 52% of exploits advertised on underground forums.<\/p>\n<p><strong>The Life Cycle of Underground Exploits<\/strong><br \/>Fuentes discussed how exploits are developed and sold, starting from the beginning. An exploit may first be developed by an attacker, who sells it and it&#8217;s then used in the wild. From there, it is usually disclosed publicly and patched by the vendor. This may end the exploit&#8217;s life cycle, or it will continue to be offered for sale on Dark Web forums.<\/p>\n<p>There are multiple types of sellers, she noted. An experienced seller with at least five years of experience might sell a couple of zero-day or one-day exploits per year with prices ranging from $10,000 to $500,000. Some sellers are disgruntled with bug bounty programs due to long response times or payouts lower than expected \u2013 Fuentes noted most people were happy with bug bounty experiences, but those who weren&#8217;t may sell exploits on underground forums.<\/p>\n<p>Other &#8220;bounty sellers&#8221; may have cashed in on the maximum amount of bounty submissions for the year, or they may offer to buy exploits they can use to cash in on bug bounty programs. There are some who find exploits that other people developed and sell them as their own.<\/p>\n<p>Some sellers advertise &#8220;exploit builder&#8221; subscription services ranging from $60 for one month, to $120 for three months, to $200 for six months. The packages include a range of different types of exploits, along with &#8220;free updates&#8221; and &#8220;full support&#8221; for criminal buyers, she noted.<\/p>\n<p>While zero-days may fetch a higher price, many exploits sold on the underground targeted older systems. Researchers found 22% of exploits sold were more than three years old, and 48% of those requested were older than three years. The oldest vulnerability discovered was from 1999, Fuentes said, adding the average time to patch an Internet-facing system is 71 days.<\/p>\n<p>Older vulnerabilities requested included CVE-2014-0133 in Red Hat and CVE-2015-6639 in Qualcomm. Those sold included Microsoft CVE-2017-11882, a 17-year-old memory corruption issue in Microsoft Office, along with Office vulnerability CVE-2012-0158 and CVE-2016-5195, a Linux kernel vulnerability dubbed Dirty Cow that sold for $3,000 on the underground, she said.<\/p>\n<p>&#8220;The longevity of a valuable exploit is longer than most expect,&#8221; Fuentes said. &#8220;Patching yesterday&#8217;s vulnerability can be just as important as today&#8217;s critical one.&#8221;<\/p>\n<p>Trend Micro will release a report with the full findings in a few weeks, she noted.<\/p>\n<p><span class=\"italic\">Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance &amp; Technology, where she covered financial &#8230; <a href=\"https:\/\/www.darkreading.com\/author-bio.asp?author_id=837\">View Full Bio<\/a><\/span><\/p>\n<p><strong>Recommended Reading:<\/strong><\/p>\n<p><span class=\"smaller strong red allcaps\">More Insights<\/span><\/p>\n<p>Read More <a href=\"https:\/\/www.darkreading.com\/vulnerabilities---threats\/47--of-criminals-buying-exploits-target-microsoft-products\/d\/d-id\/1341037?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Researchers examine English- and Russian-language underground exploits to track how exploits are advertised and sold. Read More <a href=\"https:\/\/www.darkreading.com\/vulnerabilities---threats\/47--of-criminals-buying-exploits-target-microsoft-products\/d\/d-id\/1341037?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple\">HERE<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[151],"tags":[],"class_list":["post-40922","post","type-post","status-publish","format-standard","hentry","category-darkreading-ti"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>47% of Criminals Buying Exploits Target Microsoft Products 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/47-of-criminals-buying-exploits-target-microsoft-products\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"47% of Criminals Buying Exploits Target Microsoft Products 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/47-of-criminals-buying-exploits-target-microsoft-products\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2021-05-17T21:27:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/img.deusm.com\/darkreading\/dr_staff_125x125.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/47-of-criminals-buying-exploits-target-microsoft-products\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/47-of-criminals-buying-exploits-target-microsoft-products\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"47% of Criminals Buying Exploits Target Microsoft Products\",\"datePublished\":\"2021-05-17T21:27:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/47-of-criminals-buying-exploits-target-microsoft-products\\\/\"},\"wordCount\":839,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/47-of-criminals-buying-exploits-target-microsoft-products\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/img.deusm.com\\\/darkreading\\\/dr_staff_125x125.jpg\",\"articleSection\":[\"DarkReading |TI\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/47-of-criminals-buying-exploits-target-microsoft-products\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/47-of-criminals-buying-exploits-target-microsoft-products\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/47-of-criminals-buying-exploits-target-microsoft-products\\\/\",\"name\":\"47% of Criminals Buying Exploits Target Microsoft Products 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/47-of-criminals-buying-exploits-target-microsoft-products\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/47-of-criminals-buying-exploits-target-microsoft-products\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/img.deusm.com\\\/darkreading\\\/dr_staff_125x125.jpg\",\"datePublished\":\"2021-05-17T21:27:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/47-of-criminals-buying-exploits-target-microsoft-products\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/47-of-criminals-buying-exploits-target-microsoft-products\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/47-of-criminals-buying-exploits-target-microsoft-products\\\/#primaryimage\",\"url\":\"https:\\\/\\\/img.deusm.com\\\/darkreading\\\/dr_staff_125x125.jpg\",\"contentUrl\":\"https:\\\/\\\/img.deusm.com\\\/darkreading\\\/dr_staff_125x125.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/47-of-criminals-buying-exploits-target-microsoft-products\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"47% of Criminals Buying Exploits Target Microsoft Products\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"47% of Criminals Buying Exploits Target Microsoft Products 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/47-of-criminals-buying-exploits-target-microsoft-products\/","og_locale":"en_US","og_type":"article","og_title":"47% of Criminals Buying Exploits Target Microsoft Products 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/47-of-criminals-buying-exploits-target-microsoft-products\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2021-05-17T21:27:00+00:00","og_image":[{"url":"https:\/\/img.deusm.com\/darkreading\/dr_staff_125x125.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/47-of-criminals-buying-exploits-target-microsoft-products\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/47-of-criminals-buying-exploits-target-microsoft-products\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"47% of Criminals Buying Exploits Target Microsoft Products","datePublished":"2021-05-17T21:27:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/47-of-criminals-buying-exploits-target-microsoft-products\/"},"wordCount":839,"commentCount":0,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/47-of-criminals-buying-exploits-target-microsoft-products\/#primaryimage"},"thumbnailUrl":"https:\/\/img.deusm.com\/darkreading\/dr_staff_125x125.jpg","articleSection":["DarkReading |TI"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.threatshub.org\/blog\/47-of-criminals-buying-exploits-target-microsoft-products\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/47-of-criminals-buying-exploits-target-microsoft-products\/","url":"https:\/\/www.threatshub.org\/blog\/47-of-criminals-buying-exploits-target-microsoft-products\/","name":"47% of Criminals Buying Exploits Target Microsoft Products 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/47-of-criminals-buying-exploits-target-microsoft-products\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/47-of-criminals-buying-exploits-target-microsoft-products\/#primaryimage"},"thumbnailUrl":"https:\/\/img.deusm.com\/darkreading\/dr_staff_125x125.jpg","datePublished":"2021-05-17T21:27:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/47-of-criminals-buying-exploits-target-microsoft-products\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/47-of-criminals-buying-exploits-target-microsoft-products\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/47-of-criminals-buying-exploits-target-microsoft-products\/#primaryimage","url":"https:\/\/img.deusm.com\/darkreading\/dr_staff_125x125.jpg","contentUrl":"https:\/\/img.deusm.com\/darkreading\/dr_staff_125x125.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/47-of-criminals-buying-exploits-target-microsoft-products\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"47% of Criminals Buying Exploits Target Microsoft Products"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/40922","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=40922"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/40922\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=40922"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=40922"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=40922"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}