{"id":54554,"date":"2023-11-16T14:34:55","date_gmt":"2023-11-16T14:34:55","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/35202\/Google-Search-Ads-Abused-To-Spread-Ransomware.html"},"modified":"2023-11-16T14:34:55","modified_gmt":"2023-11-16T14:34:55","slug":"google-search-ads-abused-to-spread-ransomware","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/google-search-ads-abused-to-spread-ransomware\/","title":{"rendered":"Google Search Ads Abused To Spread Ransomware"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/11\/Google-Search.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>A ransomware gang is responsible for a string of Google search ads that used major brands as lures to distribute ransomware over past three weeks. Targeted are businesses and public entities. This campaign adds to <a rel=\"noreferrer noopener\" href=\"https:\/\/www.scmagazine.com\/brief\/nearly-2-2m-impacted-by-mclaren-health-care-data-breach\" target=\"_blank\">a recent string of breaches<\/a> perpetrated by cybergang ALPHV\/BlackCat, according to eSentire researchers.<\/p>\n<p>ESentire said in a blog post <a href=\"https:\/\/www.esentire.com\/blog\/the-notorious-alphv-blackcat-ransomware-gang-is-attacking-corporations-and-public-entities-using-google-ads-laced-with-malware-warns-esentire\" target=\"_blank\" rel=\"noreferrer noopener\">outlining the research<\/a> that the ads placed by the cybergang purported to be legitimate offers for software tools. However, the ads linked to malicious sites that enticed victims to download a Python-based malware payload that opens access for further infection, according to eSentire\u2019s Threat Response Unit (TRU).<\/p>\n<p>\u201cThis affiliate is taking out Google ads promoting popular software, such as Advanced IP Scanner, Slack, WinSCP and Cisco AnyConnect, to lure business professionals to attacker-controlled websites,\u201d according to eSentire.<\/p>\n<p>The attacks targeted a law firm, a manufacturer and a warehouse provider and were detected and intercepted by the TRU, the post states.<\/p>\n<p>The threat actors also abused Python libraries to spread the ransomware via an exploit called Nitrogen, which was <a href=\"https:\/\/www.scmagazine.com\/brief\/alphv-blackcat-ransomware-deployed-by-new-nitrogen-malware\">first identified and named<\/a> by eSentire in June 2023. Nitrogen is executed through DLL sideloading and evades detection using highly obfuscated Python libraries that appear harmless to many security systems. The obfuscation of Python libraries makes the malware\u2019s attack path more difficult to trace for post-infection analysis. The exploit\u2019s purpose is to open initial access to the victim\u2019s system, allowing the ALPHV\/BlackCat ransomware to easily take hold.<\/p>\n<p>The recent cyberattacks are part of an ongoing campaign by ALPHV\/BlackCat affiliates who were <a href=\"https:\/\/www.scmagazine.com\/news\/blackcat-gang-google-bing-malware-laced-ads\" target=\"_blank\" rel=\"noreferrer noopener\">previously observed<\/a> placing malicious ads for WinSCP in both Google and Bing search results.<\/p>\n<h2>Browsers-based attacks now more popular than inbox-based attacks<\/h2>\n<p>ESentire noted that browser-based attacks such as the abuse of search results to distribute malware are now surpassing email-based attacks as the preferred method for ransomware infections.<\/p>\n<p>A <a href=\"https:\/\/www.scmagazine.com\/news\/researchers-track-worrying-jump-in-malvertising-targeting-google-ads\" target=\"_blank\" rel=\"noreferrer noopener\">\u201cmassive spike\u201d in Google ad-based malvertising<\/a> detected by Spamhaus Technology researchers in February serves as another example of the method\u2019s popularity and the potential growth of malvertising-as-a-service.<\/p>\n<p>The continued threat posed by the ALPHV\/BlackCat ransomware gang is also of note in light of the <a href=\"https:\/\/www.scmagazine.com\/brief\/nearly-2-2m-impacted-by-mclaren-health-care-data-breach\" target=\"_blank\" rel=\"noreferrer noopener\">McLaren Health Care data breach<\/a> revealed last week, in which the data of nearly 2.2 million people was stolen. The ALPHV\/BlackCat affiliate Scattered Spider is also believed to be responsible for the <a href=\"https:\/\/www.scmagazine.com\/news\/fbi-takes-heat-from-industry-for-not-making-arrests-in-mgm-caesars-cases\" target=\"_blank\" rel=\"noreferrer noopener\">ransomware attacks on MGM Resorts International and Caesars Entertainment<\/a> in September, which resulted in at least $100 million in damages for MGM and a $15 million ransom payment by Caesars, although malvertising was not reported to be involved in these attacks.<\/p>\n<h2>Malicious Google search ads now in vogue<\/h2>\n<p>Researchers from Trend Micro, who also studied these early malvertising attacks by ALPHV\/BlackCat, noted that previous campaigns also used malicious ads via search results. In one campaign, ads displayed above organic search results promoted WinSCP. The ad used a URL that resembled the legitimate WinSCP domain. This was an attempt by adversaries to abuse well-known brands as a lure to trick business professionals into downloading malicious files.<\/p>\n<p>Jon Clay, VP of Threat Intelligence at Trend Micro, told SC Media that recent campaigns abusing search-based ads should prompt ad network vendors to tighten security. &nbsp;&nbsp;<\/p>\n<p>\u201cIt isn\u2019t necessarily the search tools that are vulnerable; advertisements tend to be delivered via ad networks, and not the search vendors,\u201d Clay said. \u201cThese owners may not vet the ads being purchased, which allows malicious actors to get their malvertisements embedded within the search results along with legitimate ads. So, ad network vendors need to improve their security controls and control who they are allowing to advertise within their infrastructure.\u201d<\/p>\n<p>ESentire recommends mitigating company risk by paring back the type of script files allowed on a network, more vigilant endpoint monitoring and careful telemetry logging.<\/p>\n<p>It advises a logging protocol \u201cto ensure you are capturing telemetry \u2013 especially for devices and services that don\u2019t support an endpoint agent, including VPN, device enrollment, and server software for applications that don\u2019t generate endpoint telemetry, like Citrix, IIS, and cloud services.\u201d<\/p>\n<p>READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/35202\/Google-Search-Ads-Abused-To-Spread-Ransomware.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":54555,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[277],"tags":[10770],"class_list":["post-54554","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-blogs","tag-headlinehackermalwaregooglecryptography"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Google Search Ads Abused To Spread Ransomware 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/google-search-ads-abused-to-spread-ransomware\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Google Search Ads Abused To Spread Ransomware 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/google-search-ads-abused-to-spread-ransomware\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2023-11-16T14:34:55+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/11\/Google-Search.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-search-ads-abused-to-spread-ransomware\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-search-ads-abused-to-spread-ransomware\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Google Search Ads Abused To Spread Ransomware\",\"datePublished\":\"2023-11-16T14:34:55+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-search-ads-abused-to-spread-ransomware\\\/\"},\"wordCount\":680,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-search-ads-abused-to-spread-ransomware\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/11\\\/google-search-ads-abused-to-spread-ransomware.jpg\",\"keywords\":[\"headline,hacker,malware,google,cryptography\"],\"articleSection\":[\"CyberSecurity Blogs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-search-ads-abused-to-spread-ransomware\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-search-ads-abused-to-spread-ransomware\\\/\",\"name\":\"Google Search Ads Abused To Spread Ransomware 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-search-ads-abused-to-spread-ransomware\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-search-ads-abused-to-spread-ransomware\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/11\\\/google-search-ads-abused-to-spread-ransomware.jpg\",\"datePublished\":\"2023-11-16T14:34:55+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-search-ads-abused-to-spread-ransomware\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-search-ads-abused-to-spread-ransomware\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-search-ads-abused-to-spread-ransomware\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/11\\\/google-search-ads-abused-to-spread-ransomware.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/11\\\/google-search-ads-abused-to-spread-ransomware.jpg\",\"width\":800,\"height\":533},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-search-ads-abused-to-spread-ransomware\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,malware,google,cryptography\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackermalwaregooglecryptography\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Google Search Ads Abused To Spread Ransomware\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Google Search Ads Abused To Spread Ransomware 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/google-search-ads-abused-to-spread-ransomware\/","og_locale":"en_US","og_type":"article","og_title":"Google Search Ads Abused To Spread Ransomware 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/google-search-ads-abused-to-spread-ransomware\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2023-11-16T14:34:55+00:00","og_image":[{"url":"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/11\/Google-Search.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/google-search-ads-abused-to-spread-ransomware\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/google-search-ads-abused-to-spread-ransomware\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Google Search Ads Abused To Spread Ransomware","datePublished":"2023-11-16T14:34:55+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/google-search-ads-abused-to-spread-ransomware\/"},"wordCount":680,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/google-search-ads-abused-to-spread-ransomware\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/11\/google-search-ads-abused-to-spread-ransomware.jpg","keywords":["headline,hacker,malware,google,cryptography"],"articleSection":["CyberSecurity Blogs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/google-search-ads-abused-to-spread-ransomware\/","url":"https:\/\/www.threatshub.org\/blog\/google-search-ads-abused-to-spread-ransomware\/","name":"Google Search Ads Abused To Spread Ransomware 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/google-search-ads-abused-to-spread-ransomware\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/google-search-ads-abused-to-spread-ransomware\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/11\/google-search-ads-abused-to-spread-ransomware.jpg","datePublished":"2023-11-16T14:34:55+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/google-search-ads-abused-to-spread-ransomware\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/google-search-ads-abused-to-spread-ransomware\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/google-search-ads-abused-to-spread-ransomware\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/11\/google-search-ads-abused-to-spread-ransomware.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/11\/google-search-ads-abused-to-spread-ransomware.jpg","width":800,"height":533},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/google-search-ads-abused-to-spread-ransomware\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,malware,google,cryptography","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackermalwaregooglecryptography\/"},{"@type":"ListItem","position":3,"name":"Google Search Ads Abused To Spread Ransomware"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/54554","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=54554"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/54554\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/54555"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=54554"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=54554"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=54554"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}