{"id":55792,"date":"2024-04-08T13:42:43","date_gmt":"2024-04-08T13:42:43","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/35754\/Bing-Ad-Posing-As-NordVPN-Aims-To-Spread-SecTopRAT-Malware.html"},"modified":"2024-04-08T13:42:43","modified_gmt":"2024-04-08T13:42:43","slug":"bing-ad-posing-as-nordvpn-aims-to-spread-sectoprat-malware","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/bing-ad-posing-as-nordvpn-aims-to-spread-sectoprat-malware\/","title":{"rendered":"Bing Ad Posing As NordVPN Aims To Spread SecTopRAT Malware"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2024\/04\/AdobeStock_322985006_Editorial_Use_Only.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>A Bing advertisement designed to look like a link to install NordVPN was found to lead to an installer for the remote access trojan SecTopRAT.<\/p>\n<p>Malwarebytes Labs <a href=\"https:\/\/www.malwarebytes.com\/blog\/threat-intelligence\/2024\/04\/bing-ad-for-nordvpn-leads-to-sectoprat\" target=\"_blank\" rel=\"noreferrer noopener\">discovered the malvertising campaign<\/a> on Thursday, with the domain name used for the malicious ad having been created just a day earlier. The URL (nordivpn[.]xyz) was designed to look like a legitimate NordVPN domain. The ad link redirected to a website with another typosquatted URL (besthord-vpn[.]com) and a replica of the real NordVPN website.<\/p>\n<p>The download button on the fraudulent website led to a Dropbox containing the installer NordVPNSetup.exe. This executable included both a real NordVPN installer and a malware payload that is injected into MSBuild.exe and connects to the attacker\u2019s command-and-control (C2) server.<\/p>\n<p>The threat actor attempted to digitally sign the malicious executable, but the signature was found to be invalid. However, Principal Threat Researcher J\u00e9r\u00f4me Segura of Malwarebytes ThreatDown Labs told SC Media Friday that he later found the executable had a valid code signing certificate.<\/p>\n<p>Segura said some security products may block the executable due to its invalid signature, but, \u201cPerhaps the better evasion technique is the dynamic process injection where the malicious code is injected into a legitimate Windows application.\u201d<\/p>\n<p>\u201cFinally, we should note that the file contains an installer for NordVPN which could very well thwart detection of the whole executable,\u201d Segura added.<\/p>\n<p>The malicious payload, SecTopRAT, also known as ArechClient, is a remote access trojan (RAT) that was <a href=\"https:\/\/x.com\/malwrhunterteam\/status\/1195288774957244416\" target=\"_blank\" rel=\"noreferrer noopener\">first discovered<\/a> by MalwareHunterTeam in November 2019 and shortly after <a href=\"https:\/\/www.gdatasoftware.com\/blog\/2019\/11\/35548-new-sectoprat-remote-access-malware-utilizes-second-desktop-to-control-browsers\" target=\"_blank\" rel=\"noreferrer noopener\">analyzed by researchers from G DATA.<\/a> The researchers found that the RAT creates an \u201cinvisible\u201d second desktop that enables an attacker to control browser sessions on the victim\u2019s system.<\/p>\n<p>SecTopRAT is also able to send system information, such as system name, username and hardware information, to the attacker\u2019s C2 server.<\/p>\n<p>Malwarebytes reported the malware campaign to both Microsoft, which owns Bing, and Dropbox. Dropbox has since removed the account storing the malware, and Segura said his team had not yet heard back from Microsoft as of Friday.<\/p>\n<p>\u201cWe did notice that the threat actors updated their infrastructure last night, perhaps in reaction to our report. They are now redirecting victims to a new domain thenordvpn[.]info which may indicate that the malvertising campaign is still active, perhaps under another advertiser identity,\u201d Segura said.<\/p>\n<p>Other malvertising campaigns spreading SecTopRAT have been spotted in the past. In 2021, <a href=\"https:\/\/arstechnica.com\/gadgets\/2021\/07\/with-help-from-google-impersonated-brave-com-website-pushes-malware\/\" target=\"_blank\" rel=\"noreferrer noopener\">Ars Technica reported on a campaign<\/a> that leveraged Google ads claiming to promote the Brave browser.<\/p>\n<p>Last October, threat actors used a combination of malvertising, search engine optimization (SEO) poisoning and breached websites to trick users into installing a fake MSIX Windows app package that contained <a href=\"https:\/\/www.scmagazine.com\/brief\/ghostpulse-malware-loader-deployed-via-fraudulent-msix-app-packages\" target=\"_blank\" rel=\"noreferrer noopener\">the GHOSTPULSE malware loader<\/a>. Once installed, GHOSTPULSE uses process doppelganging to facilitate the execution of multiple malware strains, including SecTopRAT.<\/p>\n<p>READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/35754\/Bing-Ad-Posing-As-NordVPN-Aims-To-Spread-SecTopRAT-Malware.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":55793,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[10902],"class_list":["post-55792","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-packet-storm","tag-headlinemalwaremicrosofttrojancybercrimefraudbackdoorcryptography"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Bing Ad Posing As NordVPN Aims To Spread SecTopRAT Malware 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/bing-ad-posing-as-nordvpn-aims-to-spread-sectoprat-malware\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Bing Ad Posing As NordVPN Aims To Spread SecTopRAT Malware 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/bing-ad-posing-as-nordvpn-aims-to-spread-sectoprat-malware\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2024-04-08T13:42:43+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2024\/04\/AdobeStock_322985006_Editorial_Use_Only.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/bing-ad-posing-as-nordvpn-aims-to-spread-sectoprat-malware\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/bing-ad-posing-as-nordvpn-aims-to-spread-sectoprat-malware\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Bing Ad Posing As NordVPN Aims To Spread SecTopRAT Malware\",\"datePublished\":\"2024-04-08T13:42:43+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/bing-ad-posing-as-nordvpn-aims-to-spread-sectoprat-malware\\\/\"},\"wordCount\":483,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/bing-ad-posing-as-nordvpn-aims-to-spread-sectoprat-malware\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/04\\\/bing-ad-posing-as-nordvpn-aims-to-spread-sectoprat-malware.jpg\",\"keywords\":[\"headline,malware,microsoft,trojan,cybercrime,fraud,backdoor,cryptography\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/bing-ad-posing-as-nordvpn-aims-to-spread-sectoprat-malware\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/bing-ad-posing-as-nordvpn-aims-to-spread-sectoprat-malware\\\/\",\"name\":\"Bing Ad Posing As NordVPN Aims To Spread SecTopRAT Malware 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/bing-ad-posing-as-nordvpn-aims-to-spread-sectoprat-malware\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/bing-ad-posing-as-nordvpn-aims-to-spread-sectoprat-malware\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/04\\\/bing-ad-posing-as-nordvpn-aims-to-spread-sectoprat-malware.jpg\",\"datePublished\":\"2024-04-08T13:42:43+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/bing-ad-posing-as-nordvpn-aims-to-spread-sectoprat-malware\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/bing-ad-posing-as-nordvpn-aims-to-spread-sectoprat-malware\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/bing-ad-posing-as-nordvpn-aims-to-spread-sectoprat-malware\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/04\\\/bing-ad-posing-as-nordvpn-aims-to-spread-sectoprat-malware.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/04\\\/bing-ad-posing-as-nordvpn-aims-to-spread-sectoprat-malware.jpg\",\"width\":800,\"height\":533},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/bing-ad-posing-as-nordvpn-aims-to-spread-sectoprat-malware\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,malware,microsoft,trojan,cybercrime,fraud,backdoor,cryptography\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinemalwaremicrosofttrojancybercrimefraudbackdoorcryptography\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Bing Ad Posing As NordVPN Aims To Spread SecTopRAT Malware\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Bing Ad Posing As NordVPN Aims To Spread SecTopRAT Malware 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/bing-ad-posing-as-nordvpn-aims-to-spread-sectoprat-malware\/","og_locale":"en_US","og_type":"article","og_title":"Bing Ad Posing As NordVPN Aims To Spread SecTopRAT Malware 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/bing-ad-posing-as-nordvpn-aims-to-spread-sectoprat-malware\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2024-04-08T13:42:43+00:00","og_image":[{"url":"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2024\/04\/AdobeStock_322985006_Editorial_Use_Only.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/bing-ad-posing-as-nordvpn-aims-to-spread-sectoprat-malware\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/bing-ad-posing-as-nordvpn-aims-to-spread-sectoprat-malware\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Bing Ad Posing As NordVPN Aims To Spread SecTopRAT Malware","datePublished":"2024-04-08T13:42:43+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/bing-ad-posing-as-nordvpn-aims-to-spread-sectoprat-malware\/"},"wordCount":483,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/bing-ad-posing-as-nordvpn-aims-to-spread-sectoprat-malware\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/04\/bing-ad-posing-as-nordvpn-aims-to-spread-sectoprat-malware.jpg","keywords":["headline,malware,microsoft,trojan,cybercrime,fraud,backdoor,cryptography"],"articleSection":["Packet Storm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/bing-ad-posing-as-nordvpn-aims-to-spread-sectoprat-malware\/","url":"https:\/\/www.threatshub.org\/blog\/bing-ad-posing-as-nordvpn-aims-to-spread-sectoprat-malware\/","name":"Bing Ad Posing As NordVPN Aims To Spread SecTopRAT Malware 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/bing-ad-posing-as-nordvpn-aims-to-spread-sectoprat-malware\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/bing-ad-posing-as-nordvpn-aims-to-spread-sectoprat-malware\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/04\/bing-ad-posing-as-nordvpn-aims-to-spread-sectoprat-malware.jpg","datePublished":"2024-04-08T13:42:43+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/bing-ad-posing-as-nordvpn-aims-to-spread-sectoprat-malware\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/bing-ad-posing-as-nordvpn-aims-to-spread-sectoprat-malware\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/bing-ad-posing-as-nordvpn-aims-to-spread-sectoprat-malware\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/04\/bing-ad-posing-as-nordvpn-aims-to-spread-sectoprat-malware.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/04\/bing-ad-posing-as-nordvpn-aims-to-spread-sectoprat-malware.jpg","width":800,"height":533},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/bing-ad-posing-as-nordvpn-aims-to-spread-sectoprat-malware\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,malware,microsoft,trojan,cybercrime,fraud,backdoor,cryptography","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinemalwaremicrosofttrojancybercrimefraudbackdoorcryptography\/"},{"@type":"ListItem","position":3,"name":"Bing Ad Posing As NordVPN Aims To Spread SecTopRAT Malware"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/55792","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=55792"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/55792\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/55793"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=55792"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=55792"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=55792"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}