{"id":52052,"date":"2023-05-24T14:09:04","date_gmt":"2023-05-24T14:09:04","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/34651\/BlackCat-Ransomware-Takes-Control-With-New-Kernel-Driver.html"},"modified":"2023-05-24T14:09:04","modified_gmt":"2023-05-24T14:09:04","slug":"blackcat-ransomware-takes-control-with-new-kernel-driver","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/blackcat-ransomware-takes-control-with-new-kernel-driver\/","title":{"rendered":"BlackCat Ransomware Takes Control With New Kernel Driver"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/05\/0523_ransomware_magnified.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>A new kernel driver was discovered from a February 2023 <a rel=\"noreferrer noopener\" href=\"https:\/\/www.scmagazine.com\/brief\/ransomware\/blackcat-leaks-data-stolen-from-financial-services-firm\" target=\"_blank\">BlackCat<\/a> ransomware incident that leverages a separate user client executable as a way to control, pause and kill various processes on target endpoints of security agents deployed on protected computers.<\/p>\n<p>In a<a href=\"https:\/\/www.trendmicro.com\/en_us\/research\/23\/e\/blackcat-ransomware-deploys-new-signed-kernel-driver.html\" target=\"_blank\" rel=\"noreferrer noopener\"> May 22 blog post<\/a>, Trend Micro researchers said they believe that the new kernel driver was an updated version that inherited the main functionality from samples disclosed in previous research in December 2022 by <a href=\"https:\/\/www.mandiant.com\/resources\/blog\/hunting-attestation-signed-malware\" target=\"_blank\" rel=\"noreferrer noopener\">Mandiant<\/a>, <a href=\"https:\/\/news.sophos.com\/en-us\/2022\/12\/13\/signed-driver-malware-moves-up-the-software-trust-chain\/\" target=\"_blank\" rel=\"noreferrer noopener\">Sophos<\/a>, and <a href=\"https:\/\/www.sentinelone.com\/labs\/driving-through-defenses-targeted-attacks-leverage-signed-malicious-microsoft-drivers\/\" target=\"_blank\" rel=\"noreferrer noopener\">Sentinel One.<\/a><\/p>\n<p>The three companies published a coordinated disclosure that malicious kernel drivers were being signed through several Microsoft hardware developer accounts. The joint researchers said these profiles had been used in a number of cyberattacks that included ransomware incidents. Microsoft subsequently revoked several Microsoft hardware developer accounts that were abused in these attacks.<\/p>\n<p>Trend Micro\u2019s researchers explained that malicious actors use different approaches to sign their malicious kernel drivers. In this case, the attackers tried to deploy the old driver disclosed by <a href=\"https:\/\/www.scmagazine.com\/analysis\/third-party-risk\/mandiant-bolsters-the-case-that-north-korean-hackers-were-behind-3cx-supply-chain-hack\" target=\"_blank\" rel=\"noreferrer noopener\">Mandiant,<\/a> but because this driver had already been known and detected, the threat actors deployed another kernel driver signed by a stolen or leaked cross-signing certificate. The kernel driver typically gets used during the evasion phase, say the Trend researchers.<\/p>\n<p>The recent activity of the BlackCat ransomware group signals a disturbing escalation in the cyber threat landscape, said Craig Jones, vice president of security operations at Ontinue. Jones said by exploiting signed kernel drivers, this raises the stakes in an ongoing high-stakes game of &#8220;digital cat and mouse&#8221; between cyber criminals and those tasked with thwarting their attempts.<\/p>\n<p>\u201cOne of the intriguing aspects of this incident is the fact that the ransomware operators are using malicious kernel drivers signed through Microsoft&#8217;s portals or using stolen certificates,\u201d said Jones. \u201cThis offers them privileged-level access to the systems they attack and lets them bypass security protocols. It also indicates a high level of sophistication and a solid understanding of Windows system operations. They are essentially used to manipulate and control processes on the target systems, which includes disabling security measures, deleting files, and even forcing a system restart.\u201d&nbsp;<\/p>\n<p>Murali Palanisamy, chief solutions officer at AppViewX, said this situation underscores the critical importance of securing code-signing certificates and implementing robust processes to secure and control the code signed using these certificates. As noted in the research, Palanisamy said the methods they used highlight a new capability by these threat actors using a signed kernel driver for evasion. Companies need to leverage security tools and best practices such as central secure key and distributed code signing service with processes and controls in place to protect and validate the signed code.<\/p>\n<p>\u201cManual processes or distributing the code-signing keys and certificates to different parties increases the potential for threat actors to exploit the keys,&#8221; said Palanisamy. \u201cAny compromise by one company can potentially affect any or all of its customers, further underscoring the need to focus on certificates and keys. And this issue further gets compounded by Google\u2019s proposed reduction from 13 months to 90 days validity for public TLS certificates.\u201d<\/p>\n<p>Callie Guenther, cyber threat research senior manager at Critical Start, said this new research offers valuable insights into the evolving techniques used by ransomware operators and emphasizes the importance of collaboration, monitoring, and proactive security measures to mitigate the risks associated with malicious kernel drivers and defense evasion techniques.<\/p>\n<p>Guenther said Microsoft&#8217;s response to the reported abuse of its hardware developer accounts by revoking the compromised accounts was a crucial step to prevent further misuse, but does not address the root issue by detecting the behavior sequences that led to the abuse.<\/p>\n<p>\u201cThis vendor action is typical and expected, but demonstrates the need for proactive measures to address security vulnerabilities in the signing process,&#8221; said Guenther. &#8220;Also, the observations and findings described in the report are not exclusive to the BlackCat ransomware group. The techniques and trends discussed, such as the use of signed kernel drivers, abuse of signing portals, and the purchase or theft of certificates, can be employed by various threat actors across the cybersecurity landscape.&#8221;<\/p>\n<p>READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/34651\/BlackCat-Ransomware-Takes-Control-With-New-Kernel-Driver.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":52053,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[8989],"class_list":["post-52052","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-packet-storm","tag-headlinemalwarecybercrimecryptography"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>BlackCat Ransomware Takes Control With New Kernel Driver 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/blackcat-ransomware-takes-control-with-new-kernel-driver\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"BlackCat Ransomware Takes Control With New Kernel Driver 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/blackcat-ransomware-takes-control-with-new-kernel-driver\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2023-05-24T14:09:04+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/05\/0523_ransomware_magnified.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/blackcat-ransomware-takes-control-with-new-kernel-driver\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/blackcat-ransomware-takes-control-with-new-kernel-driver\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"BlackCat Ransomware Takes Control With New Kernel Driver\",\"datePublished\":\"2023-05-24T14:09:04+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/blackcat-ransomware-takes-control-with-new-kernel-driver\\\/\"},\"wordCount\":686,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/blackcat-ransomware-takes-control-with-new-kernel-driver\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/blackcat-ransomware-takes-control-with-new-kernel-driver.jpg\",\"keywords\":[\"headline,malware,cybercrime,cryptography\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/blackcat-ransomware-takes-control-with-new-kernel-driver\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/blackcat-ransomware-takes-control-with-new-kernel-driver\\\/\",\"name\":\"BlackCat Ransomware Takes Control With New Kernel Driver 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/blackcat-ransomware-takes-control-with-new-kernel-driver\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/blackcat-ransomware-takes-control-with-new-kernel-driver\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/blackcat-ransomware-takes-control-with-new-kernel-driver.jpg\",\"datePublished\":\"2023-05-24T14:09:04+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/blackcat-ransomware-takes-control-with-new-kernel-driver\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/blackcat-ransomware-takes-control-with-new-kernel-driver\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/blackcat-ransomware-takes-control-with-new-kernel-driver\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/blackcat-ransomware-takes-control-with-new-kernel-driver.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/blackcat-ransomware-takes-control-with-new-kernel-driver.jpg\",\"width\":1400,\"height\":1050},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/blackcat-ransomware-takes-control-with-new-kernel-driver\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,malware,cybercrime,cryptography\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinemalwarecybercrimecryptography\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"BlackCat Ransomware Takes Control With New Kernel Driver\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"BlackCat Ransomware Takes Control With New Kernel Driver 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/blackcat-ransomware-takes-control-with-new-kernel-driver\/","og_locale":"en_US","og_type":"article","og_title":"BlackCat Ransomware Takes Control With New Kernel Driver 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/blackcat-ransomware-takes-control-with-new-kernel-driver\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2023-05-24T14:09:04+00:00","og_image":[{"url":"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/05\/0523_ransomware_magnified.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/blackcat-ransomware-takes-control-with-new-kernel-driver\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/blackcat-ransomware-takes-control-with-new-kernel-driver\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"BlackCat Ransomware Takes Control With New Kernel Driver","datePublished":"2023-05-24T14:09:04+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/blackcat-ransomware-takes-control-with-new-kernel-driver\/"},"wordCount":686,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/blackcat-ransomware-takes-control-with-new-kernel-driver\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/05\/blackcat-ransomware-takes-control-with-new-kernel-driver.jpg","keywords":["headline,malware,cybercrime,cryptography"],"articleSection":["Packet Storm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/blackcat-ransomware-takes-control-with-new-kernel-driver\/","url":"https:\/\/www.threatshub.org\/blog\/blackcat-ransomware-takes-control-with-new-kernel-driver\/","name":"BlackCat Ransomware Takes Control With New Kernel Driver 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/blackcat-ransomware-takes-control-with-new-kernel-driver\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/blackcat-ransomware-takes-control-with-new-kernel-driver\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/05\/blackcat-ransomware-takes-control-with-new-kernel-driver.jpg","datePublished":"2023-05-24T14:09:04+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/blackcat-ransomware-takes-control-with-new-kernel-driver\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/blackcat-ransomware-takes-control-with-new-kernel-driver\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/blackcat-ransomware-takes-control-with-new-kernel-driver\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/05\/blackcat-ransomware-takes-control-with-new-kernel-driver.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/05\/blackcat-ransomware-takes-control-with-new-kernel-driver.jpg","width":1400,"height":1050},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/blackcat-ransomware-takes-control-with-new-kernel-driver\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,malware,cybercrime,cryptography","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinemalwarecybercrimecryptography\/"},{"@type":"ListItem","position":3,"name":"BlackCat Ransomware Takes Control With New Kernel Driver"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/52052","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=52052"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/52052\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/52053"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=52052"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=52052"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=52052"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}