{"id":50406,"date":"2023-02-01T12:57:12","date_gmt":"2023-02-01T12:57:12","guid":{"rendered":"http:\/\/8ad36659-2e77-4ffc-a5ac-c08b32c7d127"},"modified":"2023-02-01T12:57:12","modified_gmt":"2023-02-01T12:57:12","slug":"microsoft-warning-these-phishing-attackers-used-fake-oauth-apps-to-steal-email","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/microsoft-warning-these-phishing-attackers-used-fake-oauth-apps-to-steal-email\/","title":{"rendered":"Microsoft warning: These phishing attackers used fake OAuth apps to steal email"},"content":{"rendered":"
\n
\n
\"looking-at-pc\"<\/picture><\/div>\n

<\/div>\n

Image: Getty Images<\/span><\/figcaption><\/figure>\n

Microsoft has warned that fraudulent Microsoft Partner Network (MPN) accounts were used in a phishing campaign that featured bogus apps that tricked victims into granting them permissions to access their email accounts. <\/p>\n

The attackers used the fraudulent MPN accounts to register fake versions of legitimate-sounding apps, such as “Single Sign On (SSO)” and “Meeting” that were dressed up with convincing visual indicators, including Zoom’s older video icon and and Zoom-like URLs, according to security firm Proofpoint<\/a>.<\/p>\n

Also: <\/strong>Public Wi-Fi safety tips: Protect yourself against malware and security threats<\/strong><\/a><\/p>\n

The attackers first impersonated legitimate companies to enroll in the Microsoft Cloud Partner Program or MCCP (formerly known as Microsoft Partner Network or MPN), and then used the accounts to add a verified publisher to OAuth app registrations, which they created in Azure Active Directory (AD). <\/p>\n

Microsoft classifies the attack as “consent phishing” because the attackers use the bogus apps and Azure AD-based OAuth consent prompts (pictured below) to trick targets to grant permissions to the app, for example, to read emails, access contacts, and so on, potentially for an entire year. Also, with verified publisher status, the publisher name gains a blue ‘verified’ badge that signals Microsoft has verified the publisher of the app. <\/p>\n

\n

More Microsoft<\/h3>\n<\/p><\/div>\n

Microsoft says in a blogpost<\/a> that the phishing campaign targeted “a subset of customers primarily based in the UK and Ireland”. It has also disabled the fraudulent apps and notified affected customers. <\/p>\n

Microsoft has seen consent phishing incidents increase steadily in recent years<\/a>, where the technique has been used to target Office 365 customers. Once granted by a victim, OAuth permission tokens are useful because the attacker doesn’t require the target’s account password, but can still access confidential data. Microsoft recently updated its document<\/a> about the style of attack.<\/p>\n

Proofpoint detected the malicious third-party OAuth apps on December 6 and informed Microsoft on December 20. It notes the phishing campaign ended on December 27. Microsoft became aware of the consent-phishing campaign on December 15.    <\/p>\n

Proofpoint highlights consent phishing for OAuth delegated permissions as a powerful tool that can allow the malicious app to act on the user’s behalf — accessing mailbox resources, calendar, and meeting invitations linked to compromised user accounts.  <\/p>\n

“The granted token (refresh token) has a long expiry duration of over a year in most cases. This gave threat actors access to the compromised account’s data and the ability to leverage the compromised Microsoft account in subsequent BEC or other attacks,” it notes.<\/p>\n

Also: <\/strong>Cybersecurity staff are struggling. Here’s how to support them better<\/strong><\/a><\/p>\n

Microsoft determined the primary goal in this campaign was to exfiltrate a target organization’s email. <\/p>\n

“Microsoft’s investigation determined that once consent was granted by victim users, threat actors used third-party OAuth applications as a primary technique\/vector to exfiltrate email. All impacted customers whose users granted consent to these applications have been notified,” it notes.    <\/p>\n

So, how did the threat actors get past Microsoft’s checks for MPN\/MCPP? According to Proofpoint, the actors displayed one name on their fraudulent apps that looked like the name of an existing legitimate publisher. Meanwhile, they hid the actual “verified publisher” name, which was different to the displayed name. Proofpoint notes that, in two cases, the actors got verification just one day after they created the malicious application.  <\/p>\n

Once the attacker got a verified publisher ID, they also added links in each app to the “terms of service” and “policy statement” of the impersonated organization’s website. In the past, consent-phishing campaigns have compromised existing MPN verified publishers to abuse OAuth. The new method enhances the credibility of the malicious OAuth apps. <\/p>\n

Microsoft says it has “implemented several additional security measures to improve the MCPP vetting process and decrease the risk of similar fraudulent behavior in the future.” <\/p>\n

\n
\n
\"picture7\"<\/picture><\/div>\n

<\/div>\n

Image: Proofpoint<\/span><\/figcaption><\/figure>\n

READ MORE HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Phishing attackers bypassed Microsoft’s verified publisher checks to create apps that dupe victims into granting access to their online accounts.
\nREAD MORE HERE…<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[62],"tags":[],"class_list":["post-50406","post","type-post","status-publish","format-standard","hentry","category-zdnet-security"],"yoast_head":"\nMicrosoft warning: These phishing attackers used fake OAuth apps to steal email 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/microsoft-warning-these-phishing-attackers-used-fake-oauth-apps-to-steal-email\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Microsoft warning: These phishing attackers used fake OAuth apps to steal email 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/microsoft-warning-these-phishing-attackers-used-fake-oauth-apps-to-steal-email\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2023-02-01T12:57:12+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.zdnet.com\/a\/img\/resize\/ae2b49e47e6c10b4bc19e28caf769aa73ce00c07\/2023\/02\/01\/7bf3b9eb-7651-49e7-bebd-4366eb7faba8\/looking-at-pc.jpg?auto=webp&width=1280\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-warning-these-phishing-attackers-used-fake-oauth-apps-to-steal-email\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-warning-these-phishing-attackers-used-fake-oauth-apps-to-steal-email\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Microsoft warning: These phishing attackers used fake OAuth apps to steal email\",\"datePublished\":\"2023-02-01T12:57:12+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-warning-these-phishing-attackers-used-fake-oauth-apps-to-steal-email\\\/\"},\"wordCount\":663,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-warning-these-phishing-attackers-used-fake-oauth-apps-to-steal-email\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.zdnet.com\\\/a\\\/img\\\/resize\\\/ae2b49e47e6c10b4bc19e28caf769aa73ce00c07\\\/2023\\\/02\\\/01\\\/7bf3b9eb-7651-49e7-bebd-4366eb7faba8\\\/looking-at-pc.jpg?auto=webp&width=1280\",\"articleSection\":[\"ZDNet | Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-warning-these-phishing-attackers-used-fake-oauth-apps-to-steal-email\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-warning-these-phishing-attackers-used-fake-oauth-apps-to-steal-email\\\/\",\"name\":\"Microsoft warning: These phishing attackers used fake OAuth apps to steal email 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-warning-these-phishing-attackers-used-fake-oauth-apps-to-steal-email\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-warning-these-phishing-attackers-used-fake-oauth-apps-to-steal-email\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.zdnet.com\\\/a\\\/img\\\/resize\\\/ae2b49e47e6c10b4bc19e28caf769aa73ce00c07\\\/2023\\\/02\\\/01\\\/7bf3b9eb-7651-49e7-bebd-4366eb7faba8\\\/looking-at-pc.jpg?auto=webp&width=1280\",\"datePublished\":\"2023-02-01T12:57:12+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-warning-these-phishing-attackers-used-fake-oauth-apps-to-steal-email\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-warning-these-phishing-attackers-used-fake-oauth-apps-to-steal-email\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-warning-these-phishing-attackers-used-fake-oauth-apps-to-steal-email\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.zdnet.com\\\/a\\\/img\\\/resize\\\/ae2b49e47e6c10b4bc19e28caf769aa73ce00c07\\\/2023\\\/02\\\/01\\\/7bf3b9eb-7651-49e7-bebd-4366eb7faba8\\\/looking-at-pc.jpg?auto=webp&width=1280\",\"contentUrl\":\"https:\\\/\\\/www.zdnet.com\\\/a\\\/img\\\/resize\\\/ae2b49e47e6c10b4bc19e28caf769aa73ce00c07\\\/2023\\\/02\\\/01\\\/7bf3b9eb-7651-49e7-bebd-4366eb7faba8\\\/looking-at-pc.jpg?auto=webp&width=1280\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-warning-these-phishing-attackers-used-fake-oauth-apps-to-steal-email\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Microsoft warning: These phishing attackers used fake OAuth apps to steal email\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Microsoft warning: These phishing attackers used fake OAuth apps to steal email 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/microsoft-warning-these-phishing-attackers-used-fake-oauth-apps-to-steal-email\/","og_locale":"en_US","og_type":"article","og_title":"Microsoft warning: These phishing attackers used fake OAuth apps to steal email 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/microsoft-warning-these-phishing-attackers-used-fake-oauth-apps-to-steal-email\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2023-02-01T12:57:12+00:00","og_image":[{"url":"https:\/\/www.zdnet.com\/a\/img\/resize\/ae2b49e47e6c10b4bc19e28caf769aa73ce00c07\/2023\/02\/01\/7bf3b9eb-7651-49e7-bebd-4366eb7faba8\/looking-at-pc.jpg?auto=webp&width=1280","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-warning-these-phishing-attackers-used-fake-oauth-apps-to-steal-email\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-warning-these-phishing-attackers-used-fake-oauth-apps-to-steal-email\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Microsoft warning: These phishing attackers used fake OAuth apps to steal email","datePublished":"2023-02-01T12:57:12+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-warning-these-phishing-attackers-used-fake-oauth-apps-to-steal-email\/"},"wordCount":663,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-warning-these-phishing-attackers-used-fake-oauth-apps-to-steal-email\/#primaryimage"},"thumbnailUrl":"https:\/\/www.zdnet.com\/a\/img\/resize\/ae2b49e47e6c10b4bc19e28caf769aa73ce00c07\/2023\/02\/01\/7bf3b9eb-7651-49e7-bebd-4366eb7faba8\/looking-at-pc.jpg?auto=webp&width=1280","articleSection":["ZDNet | Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-warning-these-phishing-attackers-used-fake-oauth-apps-to-steal-email\/","url":"https:\/\/www.threatshub.org\/blog\/microsoft-warning-these-phishing-attackers-used-fake-oauth-apps-to-steal-email\/","name":"Microsoft warning: These phishing attackers used fake OAuth apps to steal email 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-warning-these-phishing-attackers-used-fake-oauth-apps-to-steal-email\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-warning-these-phishing-attackers-used-fake-oauth-apps-to-steal-email\/#primaryimage"},"thumbnailUrl":"https:\/\/www.zdnet.com\/a\/img\/resize\/ae2b49e47e6c10b4bc19e28caf769aa73ce00c07\/2023\/02\/01\/7bf3b9eb-7651-49e7-bebd-4366eb7faba8\/looking-at-pc.jpg?auto=webp&width=1280","datePublished":"2023-02-01T12:57:12+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-warning-these-phishing-attackers-used-fake-oauth-apps-to-steal-email\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/microsoft-warning-these-phishing-attackers-used-fake-oauth-apps-to-steal-email\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-warning-these-phishing-attackers-used-fake-oauth-apps-to-steal-email\/#primaryimage","url":"https:\/\/www.zdnet.com\/a\/img\/resize\/ae2b49e47e6c10b4bc19e28caf769aa73ce00c07\/2023\/02\/01\/7bf3b9eb-7651-49e7-bebd-4366eb7faba8\/looking-at-pc.jpg?auto=webp&width=1280","contentUrl":"https:\/\/www.zdnet.com\/a\/img\/resize\/ae2b49e47e6c10b4bc19e28caf769aa73ce00c07\/2023\/02\/01\/7bf3b9eb-7651-49e7-bebd-4366eb7faba8\/looking-at-pc.jpg?auto=webp&width=1280"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-warning-these-phishing-attackers-used-fake-oauth-apps-to-steal-email\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Microsoft warning: These phishing attackers used fake OAuth apps to steal email"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/50406","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=50406"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/50406\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=50406"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=50406"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=50406"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}