{"id":52056,"date":"2023-05-24T22:09:00","date_gmt":"2023-05-24T22:09:00","guid":{"rendered":"https:\/\/www.darkreading.com\/endpoint\/-volt-typhoon-china-backed-apt-infiltrates-us-critical-infrastructure"},"modified":"2023-05-24T22:09:00","modified_gmt":"2023-05-24T22:09:00","slug":"volt-typhoon-china-backed-apt-infiltrates-us-critical-infrastructure-orgs","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/volt-typhoon-china-backed-apt-infiltrates-us-critical-infrastructure-orgs\/","title":{"rendered":"‘Volt Typhoon’ China-Backed APT Infiltrates US Critical Infrastructure Orgs"},"content":{"rendered":"
<\/div>\n

China-sponsored threat actors have managed to establish persistent access within telecom networks and other critical infrastructure targets in the US, with the observed purpose of espionage \u2014 and, potentially, the ability down the line to disrupt communications in the event of military conflict in the South China Sea and broader Pacific.<\/p>\n

That’s according to a breaking investigation from Microsoft<\/a>, which dubs the advanced persistent threat (APT) “Volt Typhoon.” It’s a known state-sponsored group that has been observed carrying out cyber espionage activity in the past, by researchers at Microsoft, Mandiant, and elsewhere.<\/p>\n

While espionage appears to be the goal for now, there could very well be a more sinister purpose at play. “Microsoft assesses with moderate confidence that this Volt Typhoon campaign is pursuing development of capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises,” according to the analysis.<\/p>\n

The first signs of compromise emerged in telecom networks in Guam, according to a New York Times report<\/a> ahead of the findings being released. The National Security Agency discovered those intrusions around the same time that the Chinese spy balloon<\/a> was making headlines for entering US airspace, according to the report. It then enlisted Microsoft to further investigate, eventually uncovering a widespread web of compromises across multiple sectors, with a particular focus on air, communications, maritime, and land transportation targets.<\/p>\n

A Shadow Goal? Laying Groundwork for Disruption<\/h2>\n

The discovery of the activity is playing out against the backdrop of the US’ frosty relations with Beijing; the two superpowers have stalled in their diplomacy since the shooting down of the balloon, and has worsened amidst fears that Russia’s invasion of Ukraine could spur China to do the same in Taiwan<\/a>.<\/p>\n

In the event of a military crisis, a destructive cyberattack on US critical infrastructure could disrupt communications and hamper the country’s ability to come to Taiwan’s aid, the Times report pointed out. Or, according to John Hultquist, chief analyst at Mandiant Intelligence – Google Cloud, a disruptive attack could be used as a proxy for kinetic action.<\/p>\n

“These operations are aggressive and potentially dangerous, but they don’t necessarily indicate attacks are looming,” he said in an emailed statement. “A far more reliable indicator for [a] destructive and disruptive cyberattack is a deteriorating geopolitical situation. A destructive and disruptive cyberattack is not just a wartime scenario either. This capability may be used by states looking for alternatives to armed conflict.”<\/p>\n

Dubbing such preparations “contingency intrusions,” he added that China is certainly not alone in conducting them \u2014 although notably, China-backed APTs are typically far more focused on cyber espionage than destruction<\/a>.<\/p>\n

“Over the last decade, Russia has targeted a variety of critical infrastructure sectors in operations that we do not believe were designed for immediate effect,” Hultquist noted. “Chinese cyber threat actors are unique among their peers in that they have not regularly resorted to destructive and disruptive cyberattacks. As a result, their capability is quite opaque.”<\/p>\n

An Observed Focus on Stealth & Spying<\/h2>\n

To achieve initial access, Volt Typhoon compromises Internet-facing Fortinet FortiGuard devices<\/a>, a popular target for cyberattackers of all stripes (Microsoft is still examining how they’re being breached in this case). Once inside the box, the APT uses the device’s privileges to extract credentials from Active Directory account and authenticate to other devices on the network.<\/p>\n

Once in, the state-sponsored actor uses the command line and living-off-the-land binaries<\/a> “to find information on the system, discover additional devices on the network, and exfiltrate data,” according to the analysis.<\/p>\n

To cover its tracks, Volt Typhoon proxies its network traffic through compromised small office\/home office (SOHO) routers and other edge devices from ASUS, Cisco, D-Link, NETGEAR, and Zyxel \u2014 that allows it to blend into normal network activity, Microsoft researchers noted.<\/p>\n

The post also provides mitigation advice and indicators of compromise, and the NSA has published a tandem advisory on Volt Typhoon<\/a> (PDF) with details on how to hunt for the threat.<\/p>\n

Read More HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

According to Microsoft and researchers, the state-sponsored threat actor could very well be setting up a contingency plan for disruptive attacks on the US in the wake of an armed conflict in the South China Sea.Read More HERE<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[151],"tags":[],"class_list":["post-52056","post","type-post","status-publish","format-standard","hentry","category-darkreading-ti"],"yoast_head":"\n'Volt Typhoon' China-Backed APT Infiltrates US Critical Infrastructure Orgs 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/volt-typhoon-china-backed-apt-infiltrates-us-critical-infrastructure-orgs\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"'Volt Typhoon' China-Backed APT Infiltrates US Critical Infrastructure Orgs 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/volt-typhoon-china-backed-apt-infiltrates-us-critical-infrastructure-orgs\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2023-05-24T22:09:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/bltbaa8b9347880afdf\/62e2ed6606f888156e69bb74\/china_TY_Lim_shutterstock.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/volt-typhoon-china-backed-apt-infiltrates-us-critical-infrastructure-orgs\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/volt-typhoon-china-backed-apt-infiltrates-us-critical-infrastructure-orgs\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"‘Volt Typhoon’ China-Backed APT Infiltrates US Critical Infrastructure Orgs\",\"datePublished\":\"2023-05-24T22:09:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/volt-typhoon-china-backed-apt-infiltrates-us-critical-infrastructure-orgs\\\/\"},\"wordCount\":677,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/volt-typhoon-china-backed-apt-infiltrates-us-critical-infrastructure-orgs\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/bltbaa8b9347880afdf\\\/62e2ed6606f888156e69bb74\\\/china_TY_Lim_shutterstock.jpg\",\"articleSection\":[\"DarkReading |TI\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/volt-typhoon-china-backed-apt-infiltrates-us-critical-infrastructure-orgs\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/volt-typhoon-china-backed-apt-infiltrates-us-critical-infrastructure-orgs\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/volt-typhoon-china-backed-apt-infiltrates-us-critical-infrastructure-orgs\\\/\",\"name\":\"'Volt Typhoon' China-Backed APT Infiltrates US Critical Infrastructure Orgs 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/volt-typhoon-china-backed-apt-infiltrates-us-critical-infrastructure-orgs\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/volt-typhoon-china-backed-apt-infiltrates-us-critical-infrastructure-orgs\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/bltbaa8b9347880afdf\\\/62e2ed6606f888156e69bb74\\\/china_TY_Lim_shutterstock.jpg\",\"datePublished\":\"2023-05-24T22:09:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/volt-typhoon-china-backed-apt-infiltrates-us-critical-infrastructure-orgs\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/volt-typhoon-china-backed-apt-infiltrates-us-critical-infrastructure-orgs\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/volt-typhoon-china-backed-apt-infiltrates-us-critical-infrastructure-orgs\\\/#primaryimage\",\"url\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/bltbaa8b9347880afdf\\\/62e2ed6606f888156e69bb74\\\/china_TY_Lim_shutterstock.jpg\",\"contentUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/bltbaa8b9347880afdf\\\/62e2ed6606f888156e69bb74\\\/china_TY_Lim_shutterstock.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/volt-typhoon-china-backed-apt-infiltrates-us-critical-infrastructure-orgs\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"‘Volt Typhoon’ China-Backed APT Infiltrates US Critical Infrastructure Orgs\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"'Volt Typhoon' China-Backed APT Infiltrates US Critical Infrastructure Orgs 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/volt-typhoon-china-backed-apt-infiltrates-us-critical-infrastructure-orgs\/","og_locale":"en_US","og_type":"article","og_title":"'Volt Typhoon' China-Backed APT Infiltrates US Critical Infrastructure Orgs 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/volt-typhoon-china-backed-apt-infiltrates-us-critical-infrastructure-orgs\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2023-05-24T22:09:00+00:00","og_image":[{"url":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/bltbaa8b9347880afdf\/62e2ed6606f888156e69bb74\/china_TY_Lim_shutterstock.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/volt-typhoon-china-backed-apt-infiltrates-us-critical-infrastructure-orgs\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/volt-typhoon-china-backed-apt-infiltrates-us-critical-infrastructure-orgs\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"‘Volt Typhoon’ China-Backed APT Infiltrates US Critical Infrastructure Orgs","datePublished":"2023-05-24T22:09:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/volt-typhoon-china-backed-apt-infiltrates-us-critical-infrastructure-orgs\/"},"wordCount":677,"commentCount":0,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/volt-typhoon-china-backed-apt-infiltrates-us-critical-infrastructure-orgs\/#primaryimage"},"thumbnailUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/bltbaa8b9347880afdf\/62e2ed6606f888156e69bb74\/china_TY_Lim_shutterstock.jpg","articleSection":["DarkReading |TI"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.threatshub.org\/blog\/volt-typhoon-china-backed-apt-infiltrates-us-critical-infrastructure-orgs\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/volt-typhoon-china-backed-apt-infiltrates-us-critical-infrastructure-orgs\/","url":"https:\/\/www.threatshub.org\/blog\/volt-typhoon-china-backed-apt-infiltrates-us-critical-infrastructure-orgs\/","name":"'Volt Typhoon' China-Backed APT Infiltrates US Critical Infrastructure Orgs 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/volt-typhoon-china-backed-apt-infiltrates-us-critical-infrastructure-orgs\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/volt-typhoon-china-backed-apt-infiltrates-us-critical-infrastructure-orgs\/#primaryimage"},"thumbnailUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/bltbaa8b9347880afdf\/62e2ed6606f888156e69bb74\/china_TY_Lim_shutterstock.jpg","datePublished":"2023-05-24T22:09:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/volt-typhoon-china-backed-apt-infiltrates-us-critical-infrastructure-orgs\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/volt-typhoon-china-backed-apt-infiltrates-us-critical-infrastructure-orgs\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/volt-typhoon-china-backed-apt-infiltrates-us-critical-infrastructure-orgs\/#primaryimage","url":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/bltbaa8b9347880afdf\/62e2ed6606f888156e69bb74\/china_TY_Lim_shutterstock.jpg","contentUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/bltbaa8b9347880afdf\/62e2ed6606f888156e69bb74\/china_TY_Lim_shutterstock.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/volt-typhoon-china-backed-apt-infiltrates-us-critical-infrastructure-orgs\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"‘Volt Typhoon’ China-Backed APT Infiltrates US Critical Infrastructure Orgs"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/52056","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=52056"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/52056\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=52056"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=52056"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=52056"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}