{"id":52869,"date":"2023-07-21T14:14:56","date_gmt":"2023-07-21T14:14:56","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/34822\/NetScaler-RCE-Abused-To-Pilfer-Critical-Infra-Active-Directory-Data.html"},"modified":"2023-07-21T14:14:56","modified_gmt":"2023-07-21T14:14:56","slug":"netscaler-rce-abused-to-pilfer-critical-infra-active-directory-data","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/netscaler-rce-abused-to-pilfer-critical-infra-active-directory-data\/","title":{"rendered":"NetScaler RCE Abused To Pilfer Critical Infra Active Directory Data"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/07\/water-treatment-and-critical-infrastructure.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>Threat actors exfiltrated data from a critical infrastructure organization by exploiting a now-patched zero-day bug in a NetScaler application delivery controller (ADC), the Cybersecurity and Infrastructure Security Agency (CISA) said.<\/p>\n<p>The incident was revealed in a <a rel=\"noreferrer noopener\" href=\"https:\/\/www.cisa.gov\/news-events\/cybersecurity-advisories\/aa23-201a\" target=\"_blank\">cybersecurity advisory<\/a> (CSA) published by CISA on Thursday. The agency said the attack occurred last month but did not name the targeted organization, or say which industry sector it operated in.<\/p>\n<p>The threat actors were able to steal Microsoft Active Directory permissions and control data from the organization by exploiting a remote code execution (RCE) vulnerability <a rel=\"noreferrer noopener\" href=\"https:\/\/www.scmagazine.com\/brief\/device-security\/active-exploitation-of-citrix-netscaler-adc-gateway-bug-underway\" target=\"_blank\">Citrix disclosed<\/a>, and released a patch for, earlier in the week.<\/p>\n<p>The critical-level vulnerability, <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-3519\" target=\"_blank\" rel=\"noreferrer noopener\">CVE-2023-3519<\/a>, which has a CVSS v3 rating of 9.8, was one of three flaws disclosed by Citrix on Tuesday, affecting several versions of the company\u2019s NetScaler ADC and NetScaler Gateway appliances.<\/p>\n<h2>Attack targeted Active Directory data<\/h2>\n<p>For exploitation of the vulnerability to be possible, the affected appliances must be configured as gateways (VPN virtual servers, ICA proxies, CVPNs, or RDP proxies) or as authentication, authorization, and auditing (AAA) virtual servers.<\/p>\n<p>In its advisory, CISA said last month\u2019s attack involved the threat actors exploiting the vulnerability as a zero-day bug to drop a webshell on the victim organization\u2019s non-production environment NetScaler ADC appliance.<\/p>\n<p>\u201cAs part of their initial exploit chain, the threat actors uploaded a TGZ (compressed archive) file containing a generic webshell, discovery script, and setuid binary on the ADC appliance and conducted SMB (Microsoft Server Message Block protocol) scanning on the subnet,\u201d the advisory said.<\/p>\n<p>The webshell enabled the attackers to perform discovery on the victim organization\u2019s Active Directory and collect and exfiltrate Active Directory data.<\/p>\n<p>\u201cThe actors attempted to move laterally to a domain controller but network-segmentation controls for the appliance blocked movement,\u201d CISA said. \u201cThe actors implanted a second webshell on the victim that they later removed. This was likely a PHP shell with proxying capability.\u201d<\/p>\n<h2>Exploits expected to increase quickly<\/h2>\n<p>The vulnerability was <a href=\"https:\/\/www.scmagazine.com\/brief\/device-security\/active-exploitation-of-citrix-netscaler-adc-gateway-bug-underway\" target=\"_blank\" rel=\"noreferrer noopener\">one of three<\/a> affecting NetScaler ADC and NetScaler Gateway appliances Citrix disclosed and issued patches for on Tuesday. The other vulnerabilities were <a rel=\"noreferrer noopener\" href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-3466\" target=\"_blank\">CVE-2023-3466<\/a>&nbsp;(CVSS rating: 8.3), an improper input validation vulnerability resulting in a reflected cross-site scripting (XSS) attack, and <a rel=\"noreferrer noopener\" href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-3467\" target=\"_blank\">CVE-2023-3467<\/a>&nbsp;(CVSS rating: 8.0), an improper privilege management vulnerability resulting in privilege escalation to the root administrator (nsroot).<\/p>\n<p>Also on Tuesday, Rapid7 senior manager of vulnerability research, Caitlin Condon, <a href=\"https:\/\/www.rapid7.com\/blog\/post\/2023\/07\/18\/etr-critical-zero-day-vulnerability-in-citrix-netscaler-adc-and-netscaler-gateway\/\" target=\"_blank\" rel=\"noreferrer noopener\">posted about the three vulnerabilities<\/a>. She said the NetScaler ADC and NetScaler Gateway appliances were \u201ca popular target for attackers of all skill levels, and we expect that exploitation will increase quickly\u201d.<\/p>\n<p>\u201cRapid7 strongly recommends updating to a fixed version on an emergency basis, without waiting for a typical patch cycle to occur,\u201d she said.<\/p>\n<p>CISA said critical infrastructure organizations should use the detection guidance included in its advisory to help determine if their system had been compromised by the RCE vulnerability.<\/p>\n<p>\u201cIf potential compromise is detected, organizations should apply the incident response recommendations provided in this CSA,\u201d the agency said. \u201cIf no compromise is detected, organizations should immediately apply patches provided by Citrix.\u201d<\/p>\n<p>Based on evidence that the RCE bug was being actively exploited, CISA on Wednesday&nbsp;<a href=\"https:\/\/www.cisa.gov\/news-events\/alerts\/2023\/07\/19\/cisa-adds-one-known-exploited-vulnerability-catalog\" target=\"_blank\" rel=\"noreferrer noopener\">added<\/a>&nbsp;it to its <a href=\"https:\/\/www.cisa.gov\/known-exploited-vulnerabilities-catalog\" target=\"_blank\" rel=\"noreferrer noopener\">Known Exploited Vulnerabilities<\/a> (KEV) catalog. The KEV listing means all Federal Civilian Executive Branch (FCEB) government agencies are required to take steps to remediate the vulnerability by August 9. CISA \u201cstrongly recommends\u201d all non-FCEB organizations that could be exposed to the threat of exploitation follow suit.<\/p>\n<p>READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/34822\/NetScaler-RCE-Abused-To-Pilfer-Critical-Infra-Active-Directory-Data.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":52870,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[8659],"class_list":["post-52869","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-packet-storm","tag-headlinedata-lossflaw"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>NetScaler RCE Abused To Pilfer Critical Infra Active Directory Data 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/netscaler-rce-abused-to-pilfer-critical-infra-active-directory-data\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"NetScaler RCE Abused To Pilfer Critical Infra Active Directory Data 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/netscaler-rce-abused-to-pilfer-critical-infra-active-directory-data\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2023-07-21T14:14:56+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/07\/water-treatment-and-critical-infrastructure.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/netscaler-rce-abused-to-pilfer-critical-infra-active-directory-data\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/netscaler-rce-abused-to-pilfer-critical-infra-active-directory-data\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"NetScaler RCE Abused To Pilfer Critical Infra Active Directory Data\",\"datePublished\":\"2023-07-21T14:14:56+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/netscaler-rce-abused-to-pilfer-critical-infra-active-directory-data\/\"},\"wordCount\":590,\"publisher\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/netscaler-rce-abused-to-pilfer-critical-infra-active-directory-data\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/07\/netscaler-rce-abused-to-pilfer-critical-infra-active-directory-data.jpg\",\"keywords\":[\"headline,data loss,flaw\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/netscaler-rce-abused-to-pilfer-critical-infra-active-directory-data\/\",\"url\":\"https:\/\/www.threatshub.org\/blog\/netscaler-rce-abused-to-pilfer-critical-infra-active-directory-data\/\",\"name\":\"NetScaler RCE Abused To Pilfer Critical Infra Active Directory Data 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/netscaler-rce-abused-to-pilfer-critical-infra-active-directory-data\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/netscaler-rce-abused-to-pilfer-critical-infra-active-directory-data\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/07\/netscaler-rce-abused-to-pilfer-critical-infra-active-directory-data.jpg\",\"datePublished\":\"2023-07-21T14:14:56+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/netscaler-rce-abused-to-pilfer-critical-infra-active-directory-data\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.threatshub.org\/blog\/netscaler-rce-abused-to-pilfer-critical-infra-active-directory-data\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/netscaler-rce-abused-to-pilfer-critical-infra-active-directory-data\/#primaryimage\",\"url\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/07\/netscaler-rce-abused-to-pilfer-critical-infra-active-directory-data.jpg\",\"contentUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/07\/netscaler-rce-abused-to-pilfer-critical-infra-active-directory-data.jpg\",\"width\":800,\"height\":449},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/netscaler-rce-abused-to-pilfer-critical-infra-active-directory-data\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.threatshub.org\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,data loss,flaw\",\"item\":\"https:\/\/www.threatshub.org\/blog\/tag\/headlinedata-lossflaw\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"NetScaler RCE Abused To Pilfer Critical Infra Active Directory Data\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#website\",\"url\":\"https:\/\/www.threatshub.org\/blog\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\/\/www.threatshub.org\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"NetScaler RCE Abused To Pilfer Critical Infra Active Directory Data 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/netscaler-rce-abused-to-pilfer-critical-infra-active-directory-data\/","og_locale":"en_US","og_type":"article","og_title":"NetScaler RCE Abused To Pilfer Critical Infra Active Directory Data 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/netscaler-rce-abused-to-pilfer-critical-infra-active-directory-data\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2023-07-21T14:14:56+00:00","og_image":[{"url":"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/07\/water-treatment-and-critical-infrastructure.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/netscaler-rce-abused-to-pilfer-critical-infra-active-directory-data\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/netscaler-rce-abused-to-pilfer-critical-infra-active-directory-data\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"NetScaler RCE Abused To Pilfer Critical Infra Active Directory Data","datePublished":"2023-07-21T14:14:56+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/netscaler-rce-abused-to-pilfer-critical-infra-active-directory-data\/"},"wordCount":590,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/netscaler-rce-abused-to-pilfer-critical-infra-active-directory-data\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/07\/netscaler-rce-abused-to-pilfer-critical-infra-active-directory-data.jpg","keywords":["headline,data loss,flaw"],"articleSection":["Packet Storm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/netscaler-rce-abused-to-pilfer-critical-infra-active-directory-data\/","url":"https:\/\/www.threatshub.org\/blog\/netscaler-rce-abused-to-pilfer-critical-infra-active-directory-data\/","name":"NetScaler RCE Abused To Pilfer Critical Infra Active Directory Data 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/netscaler-rce-abused-to-pilfer-critical-infra-active-directory-data\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/netscaler-rce-abused-to-pilfer-critical-infra-active-directory-data\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/07\/netscaler-rce-abused-to-pilfer-critical-infra-active-directory-data.jpg","datePublished":"2023-07-21T14:14:56+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/netscaler-rce-abused-to-pilfer-critical-infra-active-directory-data\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/netscaler-rce-abused-to-pilfer-critical-infra-active-directory-data\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/netscaler-rce-abused-to-pilfer-critical-infra-active-directory-data\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/07\/netscaler-rce-abused-to-pilfer-critical-infra-active-directory-data.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/07\/netscaler-rce-abused-to-pilfer-critical-infra-active-directory-data.jpg","width":800,"height":449},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/netscaler-rce-abused-to-pilfer-critical-infra-active-directory-data\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,data loss,flaw","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinedata-lossflaw\/"},{"@type":"ListItem","position":3,"name":"NetScaler RCE Abused To Pilfer Critical Infra Active Directory Data"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/52869","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=52869"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/52869\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/52870"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=52869"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=52869"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=52869"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}