{"id":50967,"date":"2023-03-10T21:01:30","date_gmt":"2023-03-10T21:01:30","guid":{"rendered":"https:\/\/www.darkreading.com\/threat-intelligence\/blacklotus-secure-boot-bypass-malware-set-to-ramp-up"},"modified":"2023-03-10T21:01:30","modified_gmt":"2023-03-10T21:01:30","slug":"blacklotus-secure-boot-bypass-malware-set-to-ramp-up","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/blacklotus-secure-boot-bypass-malware-set-to-ramp-up\/","title":{"rendered":"BlackLotus Secure Boot Bypass Malware Set to Ramp Up"},"content":{"rendered":"

BlackLotus, the first in-the-wild malware to bypass Microsoft’s Secure Boot (even on fully patched systems), will spawn copycats and, available in an easy-to-use bootkit on the Dark Web, inspire firmware attackers to increase their activity, security experts said this week.<\/p>\n

That means that companies need to increase efforts to validate the integrity of their servers, laptops, and workstations, starting now.<\/p>\n

On March 1, cybersecurity firm ESET published an analysis of the BlackLotus bootkit<\/a>, which bypasses a fundamental Windows security feature known as Unified Extensible Firmware Interface (UEFI) Secure Boot. Microsoft introduced Secure Boot more than a decade ago, and it’s now considered one of the foundations of its Zero Trust framework for Windows<\/a> because of the difficulty in subverting it.<\/p>\n

Yet threat actors and security researchers have targeted Secure Boot implementations more and more, and for good reason: Because UEFI is the lowest level of firmware on a system (responsible for the booting-up process), finding a vulnerability in the interface code allows an attacker to execute malware before the operating system kernel, security apps, and any other software can swing into action. This ensures the implantation of persistent malware that normal security agents will not detect. It also offers the ability to execute in kernel mode, to control and subvert every other program on the machine \u2014 even after OS reinstalls and hard drive replacements \u2014 and load additional malware at the kernel level.<\/p>\n

There have been some previous vulnerabilities in boot technology, such as the BootHole flaw disclosed in 2020<\/a> that affected the Linux bootloader GRUB2, and a firmware flaw in five Acer laptop models<\/a> that could be used to disable Secure Boot. The US Department of Homeland Security and Department of Commerce even recently warned about the persistent threat<\/a> posed by firmware rootkits and bootkits in a draft report on supply chain security issues. But BlackLotus ups the stakes on firmware issues significantly.<\/p>\n

That’s because while Microsoft patched the flaw that BlackLotus targets (a vulnerability known as Baton Drop or CVE-2022-21894<\/a>), the patch only makes exploitation more difficult \u2014 not impossible. And the impact of the vulnerability will hard to measure, because affected users will likely not see signs of compromise, according to a warning from Eclypsium published this week.<\/p>\n

“If an attacker does manage to get a foothold, companies could be running blind, because a successful attack means that an attacker is getting around all of your traditional security defenses,” says Paul Asadoorian, principal security evangelist at Eclypsium. “They can turn off logging, and essentially lie to every kind of defensive countermeasure you might have on the system to tell you that everything is okay.”<\/p>\n

Now that BlackLotus has been commercialized, it paves the way for the development of similar wares, researchers note. “We expect to see more threat groups incorporating secure boot bypasses into their arsenal in the future,” says Martin Smol\u00e1r, malware researcher at ESET. “Every threat actor’s ultimate goal is persistence on the system, and with UEFI persistence, they can operate much stealthier than with any other kind of OS-level persistence.”<\/p>\n

\n\"Timeline\n<\/picture>
BlackLotus quickly followed after the publishing of the original exploit code. Source: ESET<\/figcaption><\/figure>\n

Patching Is Not Enough<\/h2>\n

Even though Microsoft patched Baton Drop more than a year ago, the certificate of the vulnerable version remains valid, according to Eclypsium<\/a>. Attackers with access to a compromised system can install a vulnerable bootloader and then exploit the vulnerability, gaining persistence and a more privileged level of control.<\/p>\n

Microsoft maintains a list of cryptographic hashes of legitimate Secure Boot bootloaders. To prevent the vulnerable boot loader from working, the company would have to revoke the hash, but that would also prevent legitimate \u2014 although unpatched \u2014 systems from working.<\/p>\n

“To fix this you have to revoke the hashes of that software to tell Secure Boot and Microsoft’s own internal process that that software is no longer valid in the boot process,” Asadoorian says. “They would have to issue the revocation, update the revocation list, but they’re not doing that, because it would break a lot of things.”<\/p>\n

The best that companies can do is update their firmware and revocation lists on a regular basis, and monitor endpoints for indications that an attacker has made modifications, Eclypsium said in its advisory.<\/p>\n

ESET’s Smol\u00e1r, who led the earlier investigation<\/a> into BlackLotus, said in a March 1 statement<\/a> to expect exploitation to ramp up.<\/p>\n

“The low number of BlackLotus samples we have been able to obtain, both from public sources and our telemetry, leads us to believe that not many threat actors have started using it yet,” he said. “We are concerned that things will change rapidly should this bootkit get into the hands of crimeware groups, based on the bootkit’s easy deployment and crimeware groups’ capabilities for spreading malware using their botnets.”<\/p>\n

Read More HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

BlackLotus is the first in-the-wild malware to exploit a vulnerability in the Secure Boot process on Windows, and experts expect copycats and imminent increased activity.Read More HERE<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[151],"tags":[],"class_list":["post-50967","post","type-post","status-publish","format-standard","hentry","category-darkreading-ti"],"yoast_head":"\nBlackLotus Secure Boot Bypass Malware Set to Ramp Up 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/blacklotus-secure-boot-bypass-malware-set-to-ramp-up\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"BlackLotus Secure Boot Bypass Malware Set to Ramp Up 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/blacklotus-secure-boot-bypass-malware-set-to-ramp-up\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2023-03-10T21:01:30+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt3a3d9895fbf7ba8b\/640a3e3dbe1d645e08983eb9\/eset-blacklotus-timeline.jpg?width=690&quality=80&format=webply&disable=upscale\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/blacklotus-secure-boot-bypass-malware-set-to-ramp-up\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/blacklotus-secure-boot-bypass-malware-set-to-ramp-up\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"BlackLotus Secure Boot Bypass Malware Set to Ramp Up\",\"datePublished\":\"2023-03-10T21:01:30+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/blacklotus-secure-boot-bypass-malware-set-to-ramp-up\\\/\"},\"wordCount\":810,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/blacklotus-secure-boot-bypass-malware-set-to-ramp-up\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt3a3d9895fbf7ba8b\\\/640a3e3dbe1d645e08983eb9\\\/eset-blacklotus-timeline.jpg?width=690&quality=80&format=webply&disable=upscale\",\"articleSection\":[\"DarkReading |TI\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/blacklotus-secure-boot-bypass-malware-set-to-ramp-up\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/blacklotus-secure-boot-bypass-malware-set-to-ramp-up\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/blacklotus-secure-boot-bypass-malware-set-to-ramp-up\\\/\",\"name\":\"BlackLotus Secure Boot Bypass Malware Set to Ramp Up 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/blacklotus-secure-boot-bypass-malware-set-to-ramp-up\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/blacklotus-secure-boot-bypass-malware-set-to-ramp-up\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt3a3d9895fbf7ba8b\\\/640a3e3dbe1d645e08983eb9\\\/eset-blacklotus-timeline.jpg?width=690&quality=80&format=webply&disable=upscale\",\"datePublished\":\"2023-03-10T21:01:30+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/blacklotus-secure-boot-bypass-malware-set-to-ramp-up\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/blacklotus-secure-boot-bypass-malware-set-to-ramp-up\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/blacklotus-secure-boot-bypass-malware-set-to-ramp-up\\\/#primaryimage\",\"url\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt3a3d9895fbf7ba8b\\\/640a3e3dbe1d645e08983eb9\\\/eset-blacklotus-timeline.jpg?width=690&quality=80&format=webply&disable=upscale\",\"contentUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt3a3d9895fbf7ba8b\\\/640a3e3dbe1d645e08983eb9\\\/eset-blacklotus-timeline.jpg?width=690&quality=80&format=webply&disable=upscale\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/blacklotus-secure-boot-bypass-malware-set-to-ramp-up\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"BlackLotus Secure Boot Bypass Malware Set to Ramp Up\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"BlackLotus Secure Boot Bypass Malware Set to Ramp Up 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/blacklotus-secure-boot-bypass-malware-set-to-ramp-up\/","og_locale":"en_US","og_type":"article","og_title":"BlackLotus Secure Boot Bypass Malware Set to Ramp Up 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/blacklotus-secure-boot-bypass-malware-set-to-ramp-up\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2023-03-10T21:01:30+00:00","og_image":[{"url":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt3a3d9895fbf7ba8b\/640a3e3dbe1d645e08983eb9\/eset-blacklotus-timeline.jpg?width=690&quality=80&format=webply&disable=upscale","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/blacklotus-secure-boot-bypass-malware-set-to-ramp-up\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/blacklotus-secure-boot-bypass-malware-set-to-ramp-up\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"BlackLotus Secure Boot Bypass Malware Set to Ramp Up","datePublished":"2023-03-10T21:01:30+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/blacklotus-secure-boot-bypass-malware-set-to-ramp-up\/"},"wordCount":810,"commentCount":0,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/blacklotus-secure-boot-bypass-malware-set-to-ramp-up\/#primaryimage"},"thumbnailUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt3a3d9895fbf7ba8b\/640a3e3dbe1d645e08983eb9\/eset-blacklotus-timeline.jpg?width=690&quality=80&format=webply&disable=upscale","articleSection":["DarkReading |TI"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.threatshub.org\/blog\/blacklotus-secure-boot-bypass-malware-set-to-ramp-up\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/blacklotus-secure-boot-bypass-malware-set-to-ramp-up\/","url":"https:\/\/www.threatshub.org\/blog\/blacklotus-secure-boot-bypass-malware-set-to-ramp-up\/","name":"BlackLotus Secure Boot Bypass Malware Set to Ramp Up 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/blacklotus-secure-boot-bypass-malware-set-to-ramp-up\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/blacklotus-secure-boot-bypass-malware-set-to-ramp-up\/#primaryimage"},"thumbnailUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt3a3d9895fbf7ba8b\/640a3e3dbe1d645e08983eb9\/eset-blacklotus-timeline.jpg?width=690&quality=80&format=webply&disable=upscale","datePublished":"2023-03-10T21:01:30+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/blacklotus-secure-boot-bypass-malware-set-to-ramp-up\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/blacklotus-secure-boot-bypass-malware-set-to-ramp-up\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/blacklotus-secure-boot-bypass-malware-set-to-ramp-up\/#primaryimage","url":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt3a3d9895fbf7ba8b\/640a3e3dbe1d645e08983eb9\/eset-blacklotus-timeline.jpg?width=690&quality=80&format=webply&disable=upscale","contentUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt3a3d9895fbf7ba8b\/640a3e3dbe1d645e08983eb9\/eset-blacklotus-timeline.jpg?width=690&quality=80&format=webply&disable=upscale"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/blacklotus-secure-boot-bypass-malware-set-to-ramp-up\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"BlackLotus Secure Boot Bypass Malware Set to Ramp Up"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/50967","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=50967"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/50967\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=50967"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=50967"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=50967"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}