{"id":43243,"date":"2021-10-05T23:23:28","date_gmt":"2021-10-05T23:23:28","guid":{"rendered":"https:\/\/www.darkreading.com\/vulnerabilities-threats\/misconfigured-apache-airflow-platforms-threaten-organizations"},"modified":"2021-10-05T23:23:28","modified_gmt":"2021-10-05T23:23:28","slug":"misconfigured-apache-airflow-platforms-threaten-organizations","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/misconfigured-apache-airflow-platforms-threaten-organizations\/","title":{"rendered":"Misconfigured Apache Airflow Platforms Threaten Organizations"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt47e296bbc2272080\/615cd180bc00fe7cca718bf4\/workflow.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>Many organizations using the popular open source Apache Airflow platform to schedule and manage workflows may be exposing credentials and other sensitive data to the Internet because of how they use the technology, researchers have found.<\/p>\n<p>Security vendor Intezer this week said it recently discovered several misconfigured Airflow instances exposing sensitive information belonging to organizations across multiple industries, including manufacturing, media, financial services, information technology, biotech, and health.<\/p>\n<p>The exposed data included user credentials for cloud hosting services, payment processors, and social media platforms, including Slack, AWS, and PayPal. Intezer found that at least some of the data exposed via misconfigured Airflow instances could allow threat actors to gain access to enterprise networks or execute malicious code and malware in production environments and on Apache Airflow itself.<\/p>\n<p>&#8220;It is quite easy to find exposed instances,&#8221; says Ryan Robinson, security researcher at Intezer. To locate one, all a threat actor must do is scan IP addresses and check them for the expected HTML file. &#8220;It is trivial to find sensitive information on exposed instances, but to exploit it to run code is much harder and requires a solid understanding of each platform,&#8221; Robinson adds.<\/p>\n<p>Organizations use Apache Airflow to create and schedule automated workflows, including those related to external services, such as AWS, Google Cloud Platform, Microsoft Azure, Hadoop, Spark, and other Apache software. A <a href=\"http:\/\/airflow.apache.org\/blog\/airflow-survey-2020\/\" target=\"_blank\" rel=\"noopener\">survey of its usage<\/a>&nbsp;in 2020 showed most of its users are data engineers, scientists, or data analysts at midsize to large companies. More than three-quarters of organizations do little to no customization of the technology before using it.&nbsp;<\/p>\n<p>Airflow allows users to orchestrate jobs that involve multiple tasks, Robinson says. For example, he says, a&nbsp;job might involve generating reports, then emailing them to clients; another job might involve&nbsp;collecting, processing, and uploading data to AWS buckets.&nbsp;<\/p>\n<p>While Airflow gives users multiple options to use it securely, organizations can put data at risk through the way they use the platform.<\/p>\n<p>Intezer, for instance, found insecure coding practices to be the most common cause for credential leaks in Airflow. <a href=\"https:\/\/www.intezer.com\/blog\/cloud-security\/misconfigured-airflows-leak-credentials\/\" target=\"_blank\" rel=\"noopener\">Intezer&#8217;s research<\/a> uncovered multiple Airflow instances in which passwords had been hardcoded either into the Python code for orchestrating tasks or in a feature that allows a user to define a variable value. In other instances, Intezer found users misusing an Airflow feature called Connections and storing passwords in plaintext instead of encrypting them.<\/p>\n<p>&#8220;Airflow gives good options to store sensitive information securely through their Connections feature,&#8221; Robinson says. The feature allows organizations to ensure passwords that are used to push and pull data from other systems are stored in encrypted fashion. &#8220;For example, a task will download data from one platform using an API key, then process this data in another task and store this data in a database using a password to connect. One workflow may need to interact with multiple remote systems,&#8221; Robinson says. Users often misuse the Connections feature or directly hardcode the credentials into the Python scripts, bypassing the feature altogether, he notes.<\/p>\n<p><strong>Insecure Practices<br \/><\/strong>Intezer found other ways in which users can put enterprise data at risk through insecure use of Airflows. One example involves the settings related to an Airflow configuration file that often contains sensitive information, such as passwords and keys. If the setting is not secure, anyone can access the configuration file from the Web server user interface, Intezer said in its report. Similarly, a feature in older versions of Airflow that allows users to run ad hoc database queries is dangerous because it requires no authentication and allows anyone with server access to get information from the database.<\/p>\n<p>Intezer recommends all organizations using Apache Airflow update to the latest 2.0.0 version of the platform and to make sure that only authorized users are allowed to connect to it. <\/p>\n<p>&#8220;Version 2.0.0 has made great improvements in security,&#8221; Robinson says. The new version has a fully supported API, unlike the experimental API in previous versions. Other major improvements include enforcing authentication and removing sensitive information from logs, as well as changes to the structure of the main configuration file, he says. Some older \u2014 and dangerous \u2014 features such as Ad-Hoc Query have been deprecated in the new version of Airflow.<\/p>\n<p>Robinson says it&#8217;s hard to know for sure if attackers are targeting insecurely configured Airflow platforms; however, he says it would be a reasonable assumption that Airflow instances have been targeted.<\/p>\n<p>Read More <a href=\"https:\/\/www.darkreading.com\/vulnerabilities-threats\/misconfigured-apache-airflow-platforms-threaten-organizations\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Security researchers found thousands of credentials for popular cloud-hosted services exposed on insecure instances of the popular workflow management technology.Read More <a href=\"https:\/\/www.darkreading.com\/vulnerabilities-threats\/misconfigured-apache-airflow-platforms-threaten-organizations\">HERE<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[151],"tags":[],"class_list":["post-43243","post","type-post","status-publish","format-standard","hentry","category-darkreading-ti"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.7 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Misconfigured Apache Airflow Platforms Threaten Organizations 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/misconfigured-apache-airflow-platforms-threaten-organizations\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Misconfigured Apache Airflow Platforms Threaten Organizations 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/misconfigured-apache-airflow-platforms-threaten-organizations\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2021-10-05T23:23:28+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt47e296bbc2272080\/615cd180bc00fe7cca718bf4\/workflow.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/misconfigured-apache-airflow-platforms-threaten-organizations\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/misconfigured-apache-airflow-platforms-threaten-organizations\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Misconfigured Apache Airflow Platforms Threaten Organizations\",\"datePublished\":\"2021-10-05T23:23:28+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/misconfigured-apache-airflow-platforms-threaten-organizations\\\/\"},\"wordCount\":744,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/misconfigured-apache-airflow-platforms-threaten-organizations\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt47e296bbc2272080\\\/615cd180bc00fe7cca718bf4\\\/workflow.jpg\",\"articleSection\":[\"DarkReading |TI\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/misconfigured-apache-airflow-platforms-threaten-organizations\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/misconfigured-apache-airflow-platforms-threaten-organizations\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/misconfigured-apache-airflow-platforms-threaten-organizations\\\/\",\"name\":\"Misconfigured Apache Airflow Platforms Threaten Organizations 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/misconfigured-apache-airflow-platforms-threaten-organizations\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/misconfigured-apache-airflow-platforms-threaten-organizations\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt47e296bbc2272080\\\/615cd180bc00fe7cca718bf4\\\/workflow.jpg\",\"datePublished\":\"2021-10-05T23:23:28+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/misconfigured-apache-airflow-platforms-threaten-organizations\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/misconfigured-apache-airflow-platforms-threaten-organizations\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/misconfigured-apache-airflow-platforms-threaten-organizations\\\/#primaryimage\",\"url\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt47e296bbc2272080\\\/615cd180bc00fe7cca718bf4\\\/workflow.jpg\",\"contentUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt47e296bbc2272080\\\/615cd180bc00fe7cca718bf4\\\/workflow.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/misconfigured-apache-airflow-platforms-threaten-organizations\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Misconfigured Apache Airflow Platforms Threaten Organizations\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Misconfigured Apache Airflow Platforms Threaten Organizations 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/misconfigured-apache-airflow-platforms-threaten-organizations\/","og_locale":"en_US","og_type":"article","og_title":"Misconfigured Apache Airflow Platforms Threaten Organizations 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/misconfigured-apache-airflow-platforms-threaten-organizations\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2021-10-05T23:23:28+00:00","og_image":[{"url":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt47e296bbc2272080\/615cd180bc00fe7cca718bf4\/workflow.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/misconfigured-apache-airflow-platforms-threaten-organizations\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/misconfigured-apache-airflow-platforms-threaten-organizations\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Misconfigured Apache Airflow Platforms Threaten Organizations","datePublished":"2021-10-05T23:23:28+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/misconfigured-apache-airflow-platforms-threaten-organizations\/"},"wordCount":744,"commentCount":0,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/misconfigured-apache-airflow-platforms-threaten-organizations\/#primaryimage"},"thumbnailUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt47e296bbc2272080\/615cd180bc00fe7cca718bf4\/workflow.jpg","articleSection":["DarkReading |TI"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.threatshub.org\/blog\/misconfigured-apache-airflow-platforms-threaten-organizations\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/misconfigured-apache-airflow-platforms-threaten-organizations\/","url":"https:\/\/www.threatshub.org\/blog\/misconfigured-apache-airflow-platforms-threaten-organizations\/","name":"Misconfigured Apache Airflow Platforms Threaten Organizations 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/misconfigured-apache-airflow-platforms-threaten-organizations\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/misconfigured-apache-airflow-platforms-threaten-organizations\/#primaryimage"},"thumbnailUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt47e296bbc2272080\/615cd180bc00fe7cca718bf4\/workflow.jpg","datePublished":"2021-10-05T23:23:28+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/misconfigured-apache-airflow-platforms-threaten-organizations\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/misconfigured-apache-airflow-platforms-threaten-organizations\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/misconfigured-apache-airflow-platforms-threaten-organizations\/#primaryimage","url":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt47e296bbc2272080\/615cd180bc00fe7cca718bf4\/workflow.jpg","contentUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt47e296bbc2272080\/615cd180bc00fe7cca718bf4\/workflow.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/misconfigured-apache-airflow-platforms-threaten-organizations\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Misconfigured Apache Airflow Platforms Threaten Organizations"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/43243","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=43243"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/43243\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=43243"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=43243"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=43243"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}