{"id":50514,"date":"2023-02-10T15:22:48","date_gmt":"2023-02-10T15:22:48","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/34308\/Novel-Phishing-Campaign-Takes-Screenshots-Before-Payload-Delivery.html"},"modified":"2023-02-10T15:22:48","modified_gmt":"2023-02-10T15:22:48","slug":"novel-phishing-campaign-takes-screenshots-before-payload-delivery","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/novel-phishing-campaign-takes-screenshots-before-payload-delivery\/","title":{"rendered":"Novel Phishing Campaign Takes Screenshots Before Payload Delivery"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/02\/computer-screen-woman-e1675983169238.png\" class=\"ff-og-image-inserted\"><\/div>\n<p>A novel phishing attack deploys a first-stage malware payload that allows attackers to take screenshots of victims to determine the value and whether to deploy additional malware. Researchers said over 1,000 organizations in the U.S. and Germany have been targeted in the attacks. They add the campaign is unique because of the malware tools used in the attacks.<\/p>\n<p>Proofpoint Threat Research, which <a rel=\"noreferrer noopener\" href=\"https:\/\/www.proofpoint.com\/us\/blog\/threat-insight\/screentime-sometimes-it-feels-like-somebodys-watching-me\" target=\"_blank\">released a report on the campaigns Wednesday<\/a>, attribute the campaigns to the advanced persistent threat group TA866. Researchers said the attacks are <a href=\"https:\/\/www.scmagazine.com\/analysis\/identity-and-access\/financial-credentials-offer-second-largest-payoff-in-account-takeover-attacks\" target=\"_blank\" rel=\"noreferrer noopener\">financially motivated<\/a> and dubbed the campaign Screentime because of its use screenshot technology as part of the attack chain.<\/p>\n<p>Proofpoint said it considers the attack chain novel because it uses malware tools previously not observed in the threat landscape and that adversaries are conducting reconnaissance on a host machine via what is called Screenshotter malware before delivering a follow-on payload.<\/p>\n<p>The attackers, researchers said, use both commodity and custom tools to leverage screenshots before installing additional bot and stealer malware. The attack chain starts with an email containing a malicious attachment or URL and gets followed by malware Proofpoint calls WasabiSeed and Screenshotter.<\/p>\n<p>The researchers said they observed post-exploitation activity that involved AHK Bot and <a rel=\"noreferrer noopener\" href=\"https:\/\/www.accenture.com\/us-en\/blogs\/security\/information-stealer-malware-on-dark-web?tlaAppCB\" target=\"_blank\">Rhadamanthys <\/a>Stealer. Proofpoint first observed TA866 in October 2022 and the campaign has continued into 2023. On Jan. 23 and 24, Proofpoint observed tens of thousands of email messages targeting more than 1,000 organizations.<\/p>\n<p>The researchers said it\u2019s also unique in that recently observed activity appears to be financially motivated and aligns with cybercrime objectives, while historic activity from TA866 overlaps with state-sponsored espionage activities. Screentime has been exploited in the wild and Proofpoint said they observed multiple campaigns using the same attack chain.<\/p>\n<p>\u201cTA866 spends time trying to figure out whether a target is worth additional payloads by using Screenshotter to take photos of a user\u2019s screen and reviews them manually before deciding to deliver additional <a href=\"https:\/\/www.scmagazine.com\/topic\/malware\">malware<\/a>, the researchers told SC Media via an email.<\/p>\n<h2>Fishing for a juicy target<\/h2>\n<p>\u201cClearly, there\u2019s some level of value a user must meet before being deemed worthy of another payload. And while recent activity appears financially motivated, some historic activity overlaps with what we call TA866 suggests an espionage focus, too,\u201c Proofpoint said.<\/p>\n<p>In terms of the threat actors origins, the researchers told SC Media that there are artifacts observed in the attack chain, including Russian language in the code and work hours analysis that align with a typical 9-to-5 workday in time zones that include Russia, as well as other countries. However, Proofpoint said these factors alone are not enough to associate with high confidence to a state sponsor or geography.<\/p>\n<p>John Bambenek, principal threat hunter at Netenrich, added that at its core, a phishing email that ultimately delivers malware isn\u2019t a new technique, but in recent years, even cybercriminals are investing in the level of research that previously was only done by APTs. Bambenek said attackers know the more precise their techniques and tools are, the more likely they are to achieve significant financial results.&nbsp;<\/p>\n<p>\u201cCertainly email protection is important, especially to vendors that follow a chain of events after an email,\u201d Bambenek said. &nbsp;\u201cAttackers just aren\u2019t emailing .exe\u2019s so getting malware on a victim is a multi-step process and each step represents its own opportunity for protection.\u201d&nbsp;<\/p>\n<p>Proofpoint added that for a compromise to succeed, a user has to click on a malicious link and, if successfully filtered, interact with a JavaScript file to download and run additional payloads. \u201cOrganizations should educate end users about this technique and encourage users to report suspicious emails and other activities,\u201d said the researchers.<\/p>\n<p>READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/34308\/Novel-Phishing-Campaign-Takes-Screenshots-Before-Payload-Delivery.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":50515,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[277],"tags":[9062],"class_list":["post-50514","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-blogs","tag-headlinehackerpasswordphish"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Novel Phishing Campaign Takes Screenshots Before Payload Delivery 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/novel-phishing-campaign-takes-screenshots-before-payload-delivery\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Novel Phishing Campaign Takes Screenshots Before Payload Delivery 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/novel-phishing-campaign-takes-screenshots-before-payload-delivery\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2023-02-10T15:22:48+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/02\/computer-screen-woman-e1675983169238.png\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/novel-phishing-campaign-takes-screenshots-before-payload-delivery\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/novel-phishing-campaign-takes-screenshots-before-payload-delivery\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Novel Phishing Campaign Takes Screenshots Before Payload Delivery\",\"datePublished\":\"2023-02-10T15:22:48+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/novel-phishing-campaign-takes-screenshots-before-payload-delivery\\\/\"},\"wordCount\":615,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/novel-phishing-campaign-takes-screenshots-before-payload-delivery\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/02\\\/novel-phishing-campaign-takes-screenshots-before-payload-delivery.png\",\"keywords\":[\"headline,hacker,password,phish\"],\"articleSection\":[\"CyberSecurity Blogs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/novel-phishing-campaign-takes-screenshots-before-payload-delivery\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/novel-phishing-campaign-takes-screenshots-before-payload-delivery\\\/\",\"name\":\"Novel Phishing Campaign Takes Screenshots Before Payload Delivery 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/novel-phishing-campaign-takes-screenshots-before-payload-delivery\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/novel-phishing-campaign-takes-screenshots-before-payload-delivery\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/02\\\/novel-phishing-campaign-takes-screenshots-before-payload-delivery.png\",\"datePublished\":\"2023-02-10T15:22:48+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/novel-phishing-campaign-takes-screenshots-before-payload-delivery\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/novel-phishing-campaign-takes-screenshots-before-payload-delivery\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/novel-phishing-campaign-takes-screenshots-before-payload-delivery\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/02\\\/novel-phishing-campaign-takes-screenshots-before-payload-delivery.png\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/02\\\/novel-phishing-campaign-takes-screenshots-before-payload-delivery.png\",\"width\":900,\"height\":540},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/novel-phishing-campaign-takes-screenshots-before-payload-delivery\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,password,phish\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackerpasswordphish\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Novel Phishing Campaign Takes Screenshots Before Payload Delivery\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Novel Phishing Campaign Takes Screenshots Before Payload Delivery 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/novel-phishing-campaign-takes-screenshots-before-payload-delivery\/","og_locale":"en_US","og_type":"article","og_title":"Novel Phishing Campaign Takes Screenshots Before Payload Delivery 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/novel-phishing-campaign-takes-screenshots-before-payload-delivery\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2023-02-10T15:22:48+00:00","og_image":[{"url":"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/02\/computer-screen-woman-e1675983169238.png","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/novel-phishing-campaign-takes-screenshots-before-payload-delivery\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/novel-phishing-campaign-takes-screenshots-before-payload-delivery\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Novel Phishing Campaign Takes Screenshots Before Payload Delivery","datePublished":"2023-02-10T15:22:48+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/novel-phishing-campaign-takes-screenshots-before-payload-delivery\/"},"wordCount":615,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/novel-phishing-campaign-takes-screenshots-before-payload-delivery\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/02\/novel-phishing-campaign-takes-screenshots-before-payload-delivery.png","keywords":["headline,hacker,password,phish"],"articleSection":["CyberSecurity Blogs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/novel-phishing-campaign-takes-screenshots-before-payload-delivery\/","url":"https:\/\/www.threatshub.org\/blog\/novel-phishing-campaign-takes-screenshots-before-payload-delivery\/","name":"Novel Phishing Campaign Takes Screenshots Before Payload Delivery 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/novel-phishing-campaign-takes-screenshots-before-payload-delivery\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/novel-phishing-campaign-takes-screenshots-before-payload-delivery\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/02\/novel-phishing-campaign-takes-screenshots-before-payload-delivery.png","datePublished":"2023-02-10T15:22:48+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/novel-phishing-campaign-takes-screenshots-before-payload-delivery\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/novel-phishing-campaign-takes-screenshots-before-payload-delivery\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/novel-phishing-campaign-takes-screenshots-before-payload-delivery\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/02\/novel-phishing-campaign-takes-screenshots-before-payload-delivery.png","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/02\/novel-phishing-campaign-takes-screenshots-before-payload-delivery.png","width":900,"height":540},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/novel-phishing-campaign-takes-screenshots-before-payload-delivery\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,password,phish","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackerpasswordphish\/"},{"@type":"ListItem","position":3,"name":"Novel Phishing Campaign Takes Screenshots Before Payload Delivery"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/50514","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=50514"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/50514\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/50515"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=50514"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=50514"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=50514"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}