{"id":46501,"date":"2022-05-05T19:15:56","date_gmt":"2022-05-05T19:15:56","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/33399\/Ridiculous-Ransomware-Kill-Switch.html"},"modified":"2022-05-05T19:15:56","modified_gmt":"2022-05-05T19:15:56","slug":"ridiculous-ransomware-kill-switch","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/ridiculous-ransomware-kill-switch\/","title":{"rendered":"Ridiculous Ransomware Kill Switch"},"content":{"rendered":"

Since the malvuln project started it is now approaching almost 600 vulnerable pieces of malware to date. Witnessing the endless ransomware attacks in the news and as I had no ransom trophy kills, I figured I would take a crack at it. At first, ransomware seemed like a big challenge. I am not aware of any sample that listen on any ports that can be abused and local elevation of privilege techniques mean nothing when things get encrypted immediately.<\/p>\n

But Wait..<\/b><\/p>\n

In steps DLL hijacking. DLL hijacking is a method of injecting malicious code into an application by exploiting the way some Microsoft Windows applications search and load Dynamic Link Libraries (DLLs). Only Microsoft operating systems are susceptible to DLL hijacking. <\/p>\n

This coding flaw with DLL searching has plagued many pieces of legitimate software for years. If a program is run and side loads an arbitrary DLL it will execute that code in the parent process.<\/i> Initial research has found this flaw to be a common mistake made by ransomware authors and we can leverage it to mitigate the attack. <\/p>\n

Implementing A Kill Switch<\/b><\/p>\n

Not all methodologies are the same, but implementing a kill switch is possible for all pieces of ransomware that suffer from this issue. The code for implementing a kill switch primarily uses Win32API calls GetCurrentDirectory, OpenProcess and TerminateProcess.<\/p>\n

Time was spent analyzing the running ransomware in a virtual machine using the sysinternals “Process Monitor” utility and monitoring for the “NAME NOT FOUND” result. This is a simple indicator identifying the DLL being sought by the ransomware.<\/p>\n

For example, “Conti Ransom” wants to load “netapi32.dll” when it spawns. We can craft a DLL to call GetCurrentDirectory to return the current directory. Next, we compare the return value from GetCurrentDirectory with the hardcoded string “C:\\Windows\\System32” using the standard “strcmp” string function.<\/p>\n

If strcmp returns a non zero value, we know the malware is looking in its own directory and not the legit “System32” directory which is normally where “netapi32.dll” lives. Based off that condition, we make the decision to call the WIN32API OpenProcess() function to get a handle to our own process ID (PID) and terminate. <\/p>\n

In cases like “BlackBasta.Ransom”, where it looks for “wow64log.dll” in the “C:\\Windows\\System32” directory, we compile and copy “wow64log.dll” there and simply call exit(). Moreover, for the wow64log.dll DLL there was a need to export the “WINBASEAPI LONG WINAPI InterlockedExchange” function required by the DLL.<\/p>\n

Defensive Leverage<\/b><\/p>\n

DLLs written to diffuse the ransomware can be placed in directories where users commonly execute binaries, whether they be downloaded or attached to email. The existence of these files can mitigate many of the current ransomware strains circulating. DLLs used to mitigate attack can be set as hidden system files using Windows CL attrib +s +h command. It is expected the malware authors will start correcting these coding mistakes, but historic strains can be stopped.<\/p>\n

In Summary<\/b><\/p>\n

Many endpoint security defenses focus on hash signatures, indicators of compromise (IOCs), and complicated hooking. However, this simple method intercepts the ransomware and acts as a built-in kill switch terminating it pre-encryption. Endpoint protection systems and antivirus can potentially be killed prior to executing malware, but this method cannot as theres nothing to kill – the DLL just lives on the disk waiting. All basic tests were conducted successfully in a virtual machine environment.<\/p>\n

Who Can Be Stopped?<\/b><\/p>\n

The following ransomware families are all susceptible at the time of this writing:<\/p>\n


\nConti [1]<\/a>, [2]<\/a>, [3]<\/a>
REvil [1]<\/a>, [2]<\/a>
BlackBasta<\/a>
Lockbit<\/a>
AvosLocker<\/a>
LokiLocker<\/a>
WannaCry<\/a>
<\/b><\/p>\n

– Guest post from John Page \/ Malvuln.com<\/a><\/p>\n

READ MORE HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Since the malvuln project started it is now approaching almost 600 vulnerable pieces of malware to date. Witnessing the endless ransomware attacks in the news and as I had no ransom trophy kills, I figured I would take a crack at it. At first, ransomware seemed like a big challenge. I am not aware of any sample that listen on any ports that can be abused and local elevation of privilege techniques mean nothing when things get encrypted immediately. 
\nREAD MORE HERE…<\/p>\n","protected":false},"author":2,"featured_media":46502,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[277],"tags":[9987],"class_list":["post-46501","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-blogs","tag-headlinehackermalwarerussiaflawcryptography"],"yoast_head":"\nRidiculous Ransomware Kill Switch 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/ridiculous-ransomware-kill-switch\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Ridiculous Ransomware Kill Switch 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/ridiculous-ransomware-kill-switch\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2022-05-05T19:15:56+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/packetstatic.com\/art\/n\/nuclearbomb-200.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ridiculous-ransomware-kill-switch\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ridiculous-ransomware-kill-switch\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Ridiculous Ransomware Kill Switch\",\"datePublished\":\"2022-05-05T19:15:56+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ridiculous-ransomware-kill-switch\\\/\"},\"wordCount\":608,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ridiculous-ransomware-kill-switch\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/05\\\/ridiculous-ransomware-kill-switch.jpg\",\"keywords\":[\"headline,hacker,malware,russia,flaw,cryptography\"],\"articleSection\":[\"CyberSecurity Blogs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ridiculous-ransomware-kill-switch\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ridiculous-ransomware-kill-switch\\\/\",\"name\":\"Ridiculous Ransomware Kill Switch 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ridiculous-ransomware-kill-switch\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ridiculous-ransomware-kill-switch\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/05\\\/ridiculous-ransomware-kill-switch.jpg\",\"datePublished\":\"2022-05-05T19:15:56+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ridiculous-ransomware-kill-switch\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ridiculous-ransomware-kill-switch\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ridiculous-ransomware-kill-switch\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/05\\\/ridiculous-ransomware-kill-switch.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/05\\\/ridiculous-ransomware-kill-switch.jpg\",\"width\":200,\"height\":159},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ridiculous-ransomware-kill-switch\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,malware,russia,flaw,cryptography\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackermalwarerussiaflawcryptography\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Ridiculous Ransomware Kill Switch\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Ridiculous Ransomware Kill Switch 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/ridiculous-ransomware-kill-switch\/","og_locale":"en_US","og_type":"article","og_title":"Ridiculous Ransomware Kill Switch 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/ridiculous-ransomware-kill-switch\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2022-05-05T19:15:56+00:00","og_image":[{"url":"https:\/\/packetstatic.com\/art\/n\/nuclearbomb-200.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/ridiculous-ransomware-kill-switch\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/ridiculous-ransomware-kill-switch\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Ridiculous Ransomware Kill Switch","datePublished":"2022-05-05T19:15:56+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/ridiculous-ransomware-kill-switch\/"},"wordCount":608,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/ridiculous-ransomware-kill-switch\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/05\/ridiculous-ransomware-kill-switch.jpg","keywords":["headline,hacker,malware,russia,flaw,cryptography"],"articleSection":["CyberSecurity Blogs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/ridiculous-ransomware-kill-switch\/","url":"https:\/\/www.threatshub.org\/blog\/ridiculous-ransomware-kill-switch\/","name":"Ridiculous Ransomware Kill Switch 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/ridiculous-ransomware-kill-switch\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/ridiculous-ransomware-kill-switch\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/05\/ridiculous-ransomware-kill-switch.jpg","datePublished":"2022-05-05T19:15:56+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/ridiculous-ransomware-kill-switch\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/ridiculous-ransomware-kill-switch\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/ridiculous-ransomware-kill-switch\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/05\/ridiculous-ransomware-kill-switch.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/05\/ridiculous-ransomware-kill-switch.jpg","width":200,"height":159},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/ridiculous-ransomware-kill-switch\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,malware,russia,flaw,cryptography","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackermalwarerussiaflawcryptography\/"},{"@type":"ListItem","position":3,"name":"Ridiculous Ransomware Kill Switch"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/46501","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=46501"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/46501\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/46502"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=46501"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=46501"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=46501"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}