{"id":53871,"date":"2023-09-27T20:15:00","date_gmt":"2023-09-27T20:15:00","guid":{"rendered":"https:\/\/www.darkreading.com\/threat-intelligence\/china-apt-cracks-cisco-firmware-attacks-against-us-japan"},"modified":"2023-09-27T20:15:00","modified_gmt":"2023-09-27T20:15:00","slug":"china-apt-cracks-cisco-firmware-in-attacks-against-the-us-and-japan","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/china-apt-cracks-cisco-firmware-in-attacks-against-the-us-and-japan\/","title":{"rendered":"China APT Cracks Cisco Firmware in Attacks Against the US and Japan"},"content":{"rendered":"
<\/div>\n

An old Chinese state-linked threat actor has been quietly manipulating Cisco routers to breach multinational organizations in the US and Japan.<\/p>\n

“BlackTech” (aka Palmerworm, Temp.Overboard, Circuit Panda, and Radio Panda)<\/a> has been replacing device firmware with its own malicious version, in order to establish persistence and pivot from smaller, international subsidiaries to headquarters of affected organizations. Those organizations have thus far spanned government, industrial, technology, media, electronics, and telecommunication sectors, and include “entities that support the militaries of the U.S. and Japan,” according to a new joint cybersecurity advisory<\/a> from the National Security Agency (NSA), FBI, and Cybersecurity and Infrastructure Security Agency (CISA), as well as Japanese national police and cybersecurity authorities.<\/p>\n

The advisory does not detail any specific CVE affecting Cisco routers. Instead, it explains, “this TTP is not solely limited to Cisco routers, and similar techniques could be used to enable backdoors in other network equipment.”<\/p>\n

Cisco has not yet responded to Dark Reading’s request for comment.<\/p>\n

According to Tom Pace, former Department of Energy head of cyber and now CEO of NetRise, it speaks to a more endemic problem in edge security. “If we get our hands on a firmware image from Cisco, Juniper, Huawei, Arista \u2014 it doesn’t matter who it is,” he says. “The same problems persist across all device manufacturers and all verticals.”<\/p>\n

How BlackTech Breaches Networks<\/h2>\n

Cisco routers have been subject to compromise and IP theft<\/a> ever since the company first helped China build its national Internet censorship apparatus<\/a> \u2014 the so-called “Great Firewall” \u2014 at the turn of the century. BlackTech, around since 2010, has taken the tradition a step further.<\/p>\n

The group possesses 12 different custom malware families for penetrating and staking a foothold inside of Windows, Linux, and FreeBSD operating systems. They are lent an air of legitimacy by code-signing certificates and are constantly updated in order to evade antivirus detection.<\/p>\n

Once firmly planted in target networks, BlackTech uses living-off-the-land (LotL)-style tools<\/a> for evading endpoint detection, including NetCat shells, the Secure Shell Protocol (SSH), and the Remote Desktop Protocol (RDP).<\/p>\n

BlackTech’s ultimate goal is to escalate within the target network until it obtains administrator privileges over vulnerable network routers. This is where it distinguishes itself from other threat actors.<\/p>\n

How BlackTech Toys With Routers<\/h2>\n

Specifically, BlackTech aims for routers at smaller, remote branches of larger organizations where security may be a bit more lax, using their connection to an organization’s primary IT network to blend in with wider network traffic, and potentially pivot to other victims within the organization.<\/p>\n

To cement control over the routers and conceal its many malicious activities, the group performs a downgrade attack.<\/p>\n

First, it installs an old version of the router’s firmware. “Cisco allows anyone with certain privileges on the device to downgrade the OS image and firmware,” Alex Matrosov, CEO and head of research at Binarly, explained in a statement provided to Dark Reading.<\/p>\n

“To gain persistence in this case, an attacker needs an authentication bypass vulnerability to modify the firmware image to deliver malicious code on the device,” he added. The joint advisory did not allude to any specific vulnerability, though Matrosov pointed to CVE-2023-20082<\/a>, a “Medium” 6.8 CVSS-scored bug in Cisco Catalyst switches as a comparable example.<\/p>\n

BlackTech then “hot patches” the old firmware in memory, modifying it without the need for a shutdown reboot and enabling the installation of a bootloader and its own, malicious firmware with a built-in SSH backdoor.<\/p>\n

Pace offers an analogy, for those not yet sufficiently impressed. “Imagine if you’re on a computer, and a threat actor replaces your entire Windows operating system, and no one knows the difference. Well, that’d be wild, wouldn’t it?”<\/p>\n

What to Do<\/h2>\n

The advisory offers certain steps companies can take to mitigate against BlackTech’s TTPs, such as monitoring inbound and outbound connections with network devices, reviewing logs and any changes to firmware, and diligent password hygiene. But to Pace, these are just Band-Aids for a deeper issue in edge security.<\/p>\n

“If you look at laptops, desktops, servers: We have a litany of visibility solutions \u2014 technologies that can answer questions about what’s going on on those devices in a very clear way. But we don’t view these edge devices in the same way, because there aren’t users on them. And so we don’t provide the same level of monitoring across these devices,” he explains.<\/p>\n

Unless device manufacturers significantly upgrade their security, or customers significantly invest in this area traditionally overlooked, he thinks, this kind of story will repeat itself.<\/p>\n

“This is a decade-long problem. Bare minimum. If not, probably 15, 20 years,” he predicts.<\/p>\n

Read More HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Sophisticated hackers are rewriting router firmware in real time and hiding their footprints, leaving defenders with hardly a fighting chance.Read More HERE<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[151],"tags":[],"class_list":["post-53871","post","type-post","status-publish","format-standard","hentry","category-darkreading-ti"],"yoast_head":"\nChina APT Cracks Cisco Firmware in Attacks Against the US and Japan 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/china-apt-cracks-cisco-firmware-in-attacks-against-the-us-and-japan\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"China APT Cracks Cisco Firmware in Attacks Against the US and Japan 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/china-apt-cracks-cisco-firmware-in-attacks-against-the-us-and-japan\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2023-09-27T20:15:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt1dd207980be358ea\/65147f733e851a2a0ff40867\/Cisco-MTP-Alamy.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/china-apt-cracks-cisco-firmware-in-attacks-against-the-us-and-japan\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/china-apt-cracks-cisco-firmware-in-attacks-against-the-us-and-japan\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"China APT Cracks Cisco Firmware in Attacks Against the US and Japan\",\"datePublished\":\"2023-09-27T20:15:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/china-apt-cracks-cisco-firmware-in-attacks-against-the-us-and-japan\\\/\"},\"wordCount\":786,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/china-apt-cracks-cisco-firmware-in-attacks-against-the-us-and-japan\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt1dd207980be358ea\\\/65147f733e851a2a0ff40867\\\/Cisco-MTP-Alamy.jpg\",\"articleSection\":[\"DarkReading |TI\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/china-apt-cracks-cisco-firmware-in-attacks-against-the-us-and-japan\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/china-apt-cracks-cisco-firmware-in-attacks-against-the-us-and-japan\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/china-apt-cracks-cisco-firmware-in-attacks-against-the-us-and-japan\\\/\",\"name\":\"China APT Cracks Cisco Firmware in Attacks Against the US and Japan 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/china-apt-cracks-cisco-firmware-in-attacks-against-the-us-and-japan\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/china-apt-cracks-cisco-firmware-in-attacks-against-the-us-and-japan\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt1dd207980be358ea\\\/65147f733e851a2a0ff40867\\\/Cisco-MTP-Alamy.jpg\",\"datePublished\":\"2023-09-27T20:15:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/china-apt-cracks-cisco-firmware-in-attacks-against-the-us-and-japan\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/china-apt-cracks-cisco-firmware-in-attacks-against-the-us-and-japan\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/china-apt-cracks-cisco-firmware-in-attacks-against-the-us-and-japan\\\/#primaryimage\",\"url\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt1dd207980be358ea\\\/65147f733e851a2a0ff40867\\\/Cisco-MTP-Alamy.jpg\",\"contentUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt1dd207980be358ea\\\/65147f733e851a2a0ff40867\\\/Cisco-MTP-Alamy.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/china-apt-cracks-cisco-firmware-in-attacks-against-the-us-and-japan\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"China APT Cracks Cisco Firmware in Attacks Against the US and Japan\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"China APT Cracks Cisco Firmware in Attacks Against the US and Japan 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/china-apt-cracks-cisco-firmware-in-attacks-against-the-us-and-japan\/","og_locale":"en_US","og_type":"article","og_title":"China APT Cracks Cisco Firmware in Attacks Against the US and Japan 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/china-apt-cracks-cisco-firmware-in-attacks-against-the-us-and-japan\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2023-09-27T20:15:00+00:00","og_image":[{"url":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt1dd207980be358ea\/65147f733e851a2a0ff40867\/Cisco-MTP-Alamy.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/china-apt-cracks-cisco-firmware-in-attacks-against-the-us-and-japan\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/china-apt-cracks-cisco-firmware-in-attacks-against-the-us-and-japan\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"China APT Cracks Cisco Firmware in Attacks Against the US and Japan","datePublished":"2023-09-27T20:15:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/china-apt-cracks-cisco-firmware-in-attacks-against-the-us-and-japan\/"},"wordCount":786,"commentCount":0,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/china-apt-cracks-cisco-firmware-in-attacks-against-the-us-and-japan\/#primaryimage"},"thumbnailUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt1dd207980be358ea\/65147f733e851a2a0ff40867\/Cisco-MTP-Alamy.jpg","articleSection":["DarkReading |TI"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.threatshub.org\/blog\/china-apt-cracks-cisco-firmware-in-attacks-against-the-us-and-japan\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/china-apt-cracks-cisco-firmware-in-attacks-against-the-us-and-japan\/","url":"https:\/\/www.threatshub.org\/blog\/china-apt-cracks-cisco-firmware-in-attacks-against-the-us-and-japan\/","name":"China APT Cracks Cisco Firmware in Attacks Against the US and Japan 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/china-apt-cracks-cisco-firmware-in-attacks-against-the-us-and-japan\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/china-apt-cracks-cisco-firmware-in-attacks-against-the-us-and-japan\/#primaryimage"},"thumbnailUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt1dd207980be358ea\/65147f733e851a2a0ff40867\/Cisco-MTP-Alamy.jpg","datePublished":"2023-09-27T20:15:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/china-apt-cracks-cisco-firmware-in-attacks-against-the-us-and-japan\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/china-apt-cracks-cisco-firmware-in-attacks-against-the-us-and-japan\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/china-apt-cracks-cisco-firmware-in-attacks-against-the-us-and-japan\/#primaryimage","url":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt1dd207980be358ea\/65147f733e851a2a0ff40867\/Cisco-MTP-Alamy.jpg","contentUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt1dd207980be358ea\/65147f733e851a2a0ff40867\/Cisco-MTP-Alamy.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/china-apt-cracks-cisco-firmware-in-attacks-against-the-us-and-japan\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"China APT Cracks Cisco Firmware in Attacks Against the US and Japan"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/53871","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=53871"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/53871\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=53871"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=53871"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=53871"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}