{"id":55770,"date":"2024-04-05T17:47:17","date_gmt":"2024-04-05T17:47:17","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/35749\/Latrodectus-Uses-Sandbox-Evasion-Techniques-To-Launch-Malicious-Payloads.html"},"modified":"2024-04-05T17:47:17","modified_gmt":"2024-04-05T17:47:17","slug":"latrodectus-uses-sandbox-evasion-techniques-to-launch-malicious-payloads","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/latrodectus-uses-sandbox-evasion-techniques-to-launch-malicious-payloads\/","title":{"rendered":"Latrodectus Uses Sandbox Evasion Techniques To Launch Malicious Payloads"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2024\/04\/040424_ransomware.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>A new form of malware called &#8220;Latrodectus&#8221; was likely developed by the makers of banking trojan <a href=\"https:\/\/www.scmagazine.com\/news\/new-icedid-malware-variants-banking-trojans-ransomware\" target=\"_blank\" rel=\"noreferrer noopener\">IcedID<\/a> and was observed incorporating sandbox evasion techniques to launch impersonation campaigns that lead to victims downloading&nbsp;malicious payloads.<\/p>\n<p>Proofpoint researchers said in <a href=\"https:\/\/www.proofpoint.com\/us\/blog\/threat-insight\/latrodectus-spider-bytes-ice\" target=\"_blank\" rel=\"noreferrer noopener\">an April 4 blog post<\/a> that they anticipated Latrodectus will become increasingly used by threat actors, especially by those who previously delivered IcedID.<\/p>\n<p>\u201cLatrodectus\u2019 attempts to incorporate sandbox evasion functionality aligns with the trend overall in the cybercrime threat landscape that malware authors are increasingly trying to bypass defenders and ensure only potential victims receive the payload,\u201d wrote the researchers. \u201cProofpoint has observed similar attempts from other notable malware used by IABs, including <a href=\"https:\/\/www.scmagazine.com\/brief\/active-pikabot-loader-malware-deployment-in-spam-campaigns-reported\" target=\"_blank\" rel=\"noreferrer noopener\">Pikabot<\/a> and <a href=\"https:\/\/www.scmagazine.com\/brief\/novel-wikiloader-malware-examined\" target=\"_blank\" rel=\"noreferrer noopener\">WikiLoader.\u201d<\/a><\/p>\n<p>While Proofpoint observed attacks launched by TA577 late last year, the researchers said Latrodectus has been almost exclusively distributed by TA578 since mid-January.<\/p>\n<p>Proofpoint said this actor typically uses contact forms to initiate a conversation with a target. On Feb. 20, Proofpoint researchers observed TA578 impersonating various companies to send legal threats about alleged copyright infringement. If a link on the impersonated site was visited, the victim was redirected to a landing page personalized to display both the victim\u2019s domain and the name of the impersonated company reporting the copyright infringement. The URL then downloads a malicious JavaScript file from a Google Firebase URL.<\/p>\n<h2>Did Latrodectus emerge as a response to 2023 crackdown on Qbot?<\/h2>\n<p>Ken Dunham, cyber threat director at the Qualys Threat Research Unit, added that Latrodectus emerged in late 2023 following a government crackdown on Qbot infrastructure, one of the oldest malware campaigns in the wild that has been active since 2007.<\/p>\n<p>\u201cBattling eCrime is similar to moving a couch where roaches live, they simply run to another piece of furniture or room nearby to seek harbor and continue business as normal, despite any actions taken by the homeowner,\u201d said Dunham. \u201cLatrodectus has powerful components upon its emergence, capable of defeating sandboxes, and use of RC4 encrypted command-and-control communications. It appears likely that actors behind QBot felt the heat from takedowns last year, migrating to this new code base and infrastructure in the fall of 2023.\u201d<\/p>\n<p>Lactrodectus and IcedID share many similarities, such as the way they communicate to their C2, and even commands such as &#8220;cmd_run_icedid&#8221; that downloads and runs bp.dat, the IcedID bot, explained Adam Neel, threat detection engineer at Critical Start.<\/p>\n<p>Neel said it\u2019s becoming clear that Lactrodectus isn&#8217;t too different from IcedID, but it does demonstrate sandbox evasion tactics not utilized by previous IcedID loaders. After initialization, Neel said the malware will check it&#8217;s environment to confirm that it\u2019s not running in a sandbox by confirming the amount of running processes on the device, then checking to make sure it is running on a 64-bit host. Lastly, the malware looks to see if the host has a valid MAC address.<\/p>\n<p>\u201cThese sandbox evasion techniques can slow down researchers and defenders from analyzing samples of Latrodectus,\u201d said Neel. \u201cOverall Latrodectus is still similar to IcedID, but it\u2019s important for researchers to keep an eye on it as it continues to evolve. It\u2019s possible that this is not the last form of Latrodectus and it could continue to grow and differentiate itself from IcedID more in the future.\u201d<\/p>\n<p>READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/35749\/Latrodectus-Uses-Sandbox-Evasion-Techniques-To-Launch-Malicious-Payloads.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":55771,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[277],"tags":[6247],"class_list":["post-55770","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-blogs","tag-headlinehackermalwareflaw"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v28.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Latrodectus Uses Sandbox Evasion Techniques To Launch Malicious Payloads 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/latrodectus-uses-sandbox-evasion-techniques-to-launch-malicious-payloads\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Latrodectus Uses Sandbox Evasion Techniques To Launch Malicious Payloads 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/latrodectus-uses-sandbox-evasion-techniques-to-launch-malicious-payloads\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2024-04-05T17:47:17+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2024\/04\/040424_ransomware.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/latrodectus-uses-sandbox-evasion-techniques-to-launch-malicious-payloads\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/latrodectus-uses-sandbox-evasion-techniques-to-launch-malicious-payloads\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Latrodectus Uses Sandbox Evasion Techniques To Launch Malicious Payloads\",\"datePublished\":\"2024-04-05T17:47:17+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/latrodectus-uses-sandbox-evasion-techniques-to-launch-malicious-payloads\\\/\"},\"wordCount\":555,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/latrodectus-uses-sandbox-evasion-techniques-to-launch-malicious-payloads\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/04\\\/latrodectus-uses-sandbox-evasion-techniques-to-launch-malicious-payloads.jpg\",\"keywords\":[\"headline,hacker,malware,flaw\"],\"articleSection\":[\"CyberSecurity Blogs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/latrodectus-uses-sandbox-evasion-techniques-to-launch-malicious-payloads\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/latrodectus-uses-sandbox-evasion-techniques-to-launch-malicious-payloads\\\/\",\"name\":\"Latrodectus Uses Sandbox Evasion Techniques To Launch Malicious Payloads 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/latrodectus-uses-sandbox-evasion-techniques-to-launch-malicious-payloads\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/latrodectus-uses-sandbox-evasion-techniques-to-launch-malicious-payloads\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/04\\\/latrodectus-uses-sandbox-evasion-techniques-to-launch-malicious-payloads.jpg\",\"datePublished\":\"2024-04-05T17:47:17+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/latrodectus-uses-sandbox-evasion-techniques-to-launch-malicious-payloads\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/latrodectus-uses-sandbox-evasion-techniques-to-launch-malicious-payloads\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/latrodectus-uses-sandbox-evasion-techniques-to-launch-malicious-payloads\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/04\\\/latrodectus-uses-sandbox-evasion-techniques-to-launch-malicious-payloads.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/04\\\/latrodectus-uses-sandbox-evasion-techniques-to-launch-malicious-payloads.jpg\",\"width\":1073,\"height\":700},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/latrodectus-uses-sandbox-evasion-techniques-to-launch-malicious-payloads\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,malware,flaw\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackermalwareflaw\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Latrodectus Uses Sandbox Evasion Techniques To Launch Malicious Payloads\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Latrodectus Uses Sandbox Evasion Techniques To Launch Malicious Payloads 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/latrodectus-uses-sandbox-evasion-techniques-to-launch-malicious-payloads\/","og_locale":"en_US","og_type":"article","og_title":"Latrodectus Uses Sandbox Evasion Techniques To Launch Malicious Payloads 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/latrodectus-uses-sandbox-evasion-techniques-to-launch-malicious-payloads\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2024-04-05T17:47:17+00:00","og_image":[{"url":"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2024\/04\/040424_ransomware.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/latrodectus-uses-sandbox-evasion-techniques-to-launch-malicious-payloads\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/latrodectus-uses-sandbox-evasion-techniques-to-launch-malicious-payloads\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Latrodectus Uses Sandbox Evasion Techniques To Launch Malicious Payloads","datePublished":"2024-04-05T17:47:17+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/latrodectus-uses-sandbox-evasion-techniques-to-launch-malicious-payloads\/"},"wordCount":555,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/latrodectus-uses-sandbox-evasion-techniques-to-launch-malicious-payloads\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/04\/latrodectus-uses-sandbox-evasion-techniques-to-launch-malicious-payloads.jpg","keywords":["headline,hacker,malware,flaw"],"articleSection":["CyberSecurity Blogs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/latrodectus-uses-sandbox-evasion-techniques-to-launch-malicious-payloads\/","url":"https:\/\/www.threatshub.org\/blog\/latrodectus-uses-sandbox-evasion-techniques-to-launch-malicious-payloads\/","name":"Latrodectus Uses Sandbox Evasion Techniques To Launch Malicious Payloads 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/latrodectus-uses-sandbox-evasion-techniques-to-launch-malicious-payloads\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/latrodectus-uses-sandbox-evasion-techniques-to-launch-malicious-payloads\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/04\/latrodectus-uses-sandbox-evasion-techniques-to-launch-malicious-payloads.jpg","datePublished":"2024-04-05T17:47:17+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/latrodectus-uses-sandbox-evasion-techniques-to-launch-malicious-payloads\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/latrodectus-uses-sandbox-evasion-techniques-to-launch-malicious-payloads\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/latrodectus-uses-sandbox-evasion-techniques-to-launch-malicious-payloads\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/04\/latrodectus-uses-sandbox-evasion-techniques-to-launch-malicious-payloads.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/04\/latrodectus-uses-sandbox-evasion-techniques-to-launch-malicious-payloads.jpg","width":1073,"height":700},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/latrodectus-uses-sandbox-evasion-techniques-to-launch-malicious-payloads\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,malware,flaw","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackermalwareflaw\/"},{"@type":"ListItem","position":3,"name":"Latrodectus Uses Sandbox Evasion Techniques To Launch Malicious Payloads"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/55770","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=55770"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/55770\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/55771"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=55770"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=55770"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=55770"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}