{"id":885,"date":"2018-05-18T12:45:20","date_gmt":"2018-05-18T12:45:20","guid":{"rendered":"https:\/\/kasperskycontenthub.com\/threatpost\/?p=132085"},"modified":"2018-05-18T12:45:20","modified_gmt":"2018-05-18T12:45:20","slug":"misconfigured-reverse-proxy-servers-spill-credentials","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/misconfigured-reverse-proxy-servers-spill-credentials\/","title":{"rendered":"Misconfigured Reverse Proxy Servers Spill Credentials"},"content":{"rendered":"<div class=\"media_block\"><\/div>\n<div><img decoding=\"async\" src=\"https:\/\/media.kasperskycontenthub.com\/wp-content\/uploads\/sites\/31\/2018\/03\/15174431\/Leaky_Server_AWS_DATA.jpg\" class=\"ff-og-image-inserted\"\/><\/div>\n<p><span>Researchers have created a proof-of-concept attack that allows unauthenticated adversaries to extract user credentials from misconfigured reverse proxy servers in order to delete, manipulate or extract data from websites and applications.<\/span><\/p>\n<p><span>The proof-of-concept (PoC) attack targets major cloud customers of services such as Amazon Web Services, Microsoft Azure and Google Cloud, according to researchers at<\/span> <a href=\"https:\/\/blog.redlock.io\/instance-metadata-api-a-modern-day-trojan-horse\"><span>RedLock that published a report on their findings Tuesday<\/span><\/a><span>.<\/span><\/p>\n<p><span>Similar to misconfigured storage buckets that plagued businesses with leaky data, this PoC attack takes advantage of a common default configuration used by leading cloud services and too often unchanged by website admins.<\/span><\/p>\n<p><span>The PoC targets APIs that provide access to the metadata associated with identity services such AWS\u2019 Identity and Access Management (IAM), Microsoft\u2019s Azure Managed Service Identity (MSI), and Google\u2019s Cloud Cloud IAM. \u201c[These] are features that\u2026 simplify the task of creating and distributing credentials and are popular features with developers,\u201d wrote RedLock. Adversaries can also abuse them.<\/span><\/p>\n<p><span>Gaurav Kumar, RedLock CTO, shared one PoC example with Threatpost.<\/span><\/p>\n<p><span>\u201cFor example, WordPress servers use credentials to do things like connect to other cloud services. A website might use IAM credentials to automatically connect to an AWS storage bucket to backup daily transaction data,\u201d said Kumar in an interview with Threatpost.<\/span><\/p>\n<p><span>Kumar said IAM credentials rely on web server APIs to link cloud services. By using a simple CURL command, IAM role credentials are freely available for programs to obtain, researchers said.<\/span><\/p>\n<p><span>And that\u2019s where RedLock said API and IAM credential abuse can occur.<\/span><\/p>\n<p><span>In its PoC attack, researchers created a typical configuration for a web server or application server using a reverse proxy server running a default NGINX installation. NGINX is web server software that can also be used as a reverse proxy. A reverse proxy server is a type of server that retrieves resources on behalf of a client from one or more servers.<\/span><\/p>\n<p><span>\u201cThe RedLock CSI team had a hypothesis that some reverse proxies in AWS, MS Azure, and Google Cloud environments are set up such that anyone can set the host header to call the instance metadata API and obtain credentials,\u201d wrote researchers.<\/span><\/p>\n<p><span>Kumar explains:\u00a0<\/span><span>\u201cWhen an HTTP request is made to a proxy server it contains instructions to the host. What we observed was the proxy server is reading a value from the host header and going to that destination and fetching a webpage. But an attacker can manipulate the header to ask it to fetch other data on proxy server, such as credential data from the API endpoint.\u201d<\/span><\/p>\n<p>Researchers said programs or potential attackers can use a simple CURL command via a specific URL to access IAM role credentials.<\/p>\n<p><span>That credential data can then be used to access third-party cloud services linked to the website or application such as data stores, databases or website backups.<\/span><\/p>\n<p><span>Kumar theorizes the threat landscape of misconfigured servers vulnerable to this type of attack is huge given reverse proxies are common in public cloud environments and in organizations moving on-premise applications to the cloud.<\/span><\/p>\n<p><span>\u201cWhat we found is there is a very popular configuration in reverse proxy servers that can be very problematic,\u201d he said.<\/span><\/p>\n<p><strong>Dangers of Virtual Container Reuse<\/strong><\/p>\n<p>Researchers also created a \u201csecond exploitation method even scarier and potentially more far-reaching.\u201d This type of PoC attack involves more social engineering and malicious Docker images.<\/p>\n<p>The PoC is based on Docker creating an open source tool that can package an application and its dependencies in a virtual container that can run on any Linux server.\u00a0Developers share docker images on stores such as Docker Hub, allowing developers to save time by using pre-built images for conventional tasks allowing them to focus on their areas of expertise.<\/p>\n<p>\u201cSuppose some crafty developer creates a super helpful, free-to-download docker image called \u2018X\u2019 and posts on Docker Hub along with millions of other popular resources. Then one fine day, after thousands or millions of downloads of the free service have been deployed, what if this malicious developer modifies and uploads an updated version of X (this happens all the time and others pull the latest version or make \u2018calls\u2019 to it) now containing the nefarious command:\u00a0\u2018ONBBUILD -&lt;malcious_script.sh&gt;\u2019,\u201d explains RedLock.<\/p>\n<p>\u201cUtilizing the instance metadata API, every application built upon the \u2018X\u2019 docker image will run this script (malcious_script.sh)unbeknownst to the dependent program and will request IAM role credentials. And here lies the risk,\u201d researchers said.<\/p>\n<p>READ MORE <a href=\"https:\/\/threatpost.com\/misconfigured-reverse-proxy-servers-spill-credentials\/132085\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Researchers created a proof-of-concept attack that allows remote attackers to access protected APIs to extract credentials. READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":886,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[3],"tags":[598,536,599,600,18,601,602,69],"class_list":["post-885","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-threatpost","tag-amazon-web-services","tag-cloud-security","tag-curl-command","tag-google-cloud","tag-hacks","tag-microsoft-azure","tag-nginx","tag-web-security"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Misconfigured Reverse Proxy Servers Spill Credentials 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/misconfigured-reverse-proxy-servers-spill-credentials\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Misconfigured Reverse Proxy Servers Spill Credentials 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/misconfigured-reverse-proxy-servers-spill-credentials\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2018-05-18T12:45:20+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/misconfigured-reverse-proxy-servers-spill-credentials-1024x648.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"648\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/misconfigured-reverse-proxy-servers-spill-credentials\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/misconfigured-reverse-proxy-servers-spill-credentials\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Misconfigured Reverse Proxy Servers Spill Credentials\",\"datePublished\":\"2018-05-18T12:45:20+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/misconfigured-reverse-proxy-servers-spill-credentials\\\/\"},\"wordCount\":747,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/misconfigured-reverse-proxy-servers-spill-credentials\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/05\\\/misconfigured-reverse-proxy-servers-spill-credentials.jpg\",\"keywords\":[\"Amazon Web Services\",\"Cloud Security\",\"CURL command\",\"google cloud\",\"Hacks\",\"Microsoft Azure\",\"NGINX\",\"Web Security\"],\"articleSection\":[\"Threatpost\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/misconfigured-reverse-proxy-servers-spill-credentials\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/misconfigured-reverse-proxy-servers-spill-credentials\\\/\",\"name\":\"Misconfigured Reverse Proxy Servers Spill Credentials 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/misconfigured-reverse-proxy-servers-spill-credentials\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/misconfigured-reverse-proxy-servers-spill-credentials\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/05\\\/misconfigured-reverse-proxy-servers-spill-credentials.jpg\",\"datePublished\":\"2018-05-18T12:45:20+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/misconfigured-reverse-proxy-servers-spill-credentials\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/misconfigured-reverse-proxy-servers-spill-credentials\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/misconfigured-reverse-proxy-servers-spill-credentials\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/05\\\/misconfigured-reverse-proxy-servers-spill-credentials.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/05\\\/misconfigured-reverse-proxy-servers-spill-credentials.jpg\",\"width\":3441,\"height\":2177},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/misconfigured-reverse-proxy-servers-spill-credentials\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Amazon Web Services\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/amazon-web-services\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Misconfigured Reverse Proxy Servers Spill Credentials\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Misconfigured Reverse Proxy Servers Spill Credentials 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/misconfigured-reverse-proxy-servers-spill-credentials\/","og_locale":"en_US","og_type":"article","og_title":"Misconfigured Reverse Proxy Servers Spill Credentials 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/misconfigured-reverse-proxy-servers-spill-credentials\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2018-05-18T12:45:20+00:00","og_image":[{"width":1024,"height":648,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/misconfigured-reverse-proxy-servers-spill-credentials-1024x648.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/misconfigured-reverse-proxy-servers-spill-credentials\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/misconfigured-reverse-proxy-servers-spill-credentials\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Misconfigured Reverse Proxy Servers Spill Credentials","datePublished":"2018-05-18T12:45:20+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/misconfigured-reverse-proxy-servers-spill-credentials\/"},"wordCount":747,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/misconfigured-reverse-proxy-servers-spill-credentials\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/misconfigured-reverse-proxy-servers-spill-credentials.jpg","keywords":["Amazon Web Services","Cloud Security","CURL command","google cloud","Hacks","Microsoft Azure","NGINX","Web Security"],"articleSection":["Threatpost"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/misconfigured-reverse-proxy-servers-spill-credentials\/","url":"https:\/\/www.threatshub.org\/blog\/misconfigured-reverse-proxy-servers-spill-credentials\/","name":"Misconfigured Reverse Proxy Servers Spill Credentials 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/misconfigured-reverse-proxy-servers-spill-credentials\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/misconfigured-reverse-proxy-servers-spill-credentials\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/misconfigured-reverse-proxy-servers-spill-credentials.jpg","datePublished":"2018-05-18T12:45:20+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/misconfigured-reverse-proxy-servers-spill-credentials\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/misconfigured-reverse-proxy-servers-spill-credentials\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/misconfigured-reverse-proxy-servers-spill-credentials\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/misconfigured-reverse-proxy-servers-spill-credentials.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/misconfigured-reverse-proxy-servers-spill-credentials.jpg","width":3441,"height":2177},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/misconfigured-reverse-proxy-servers-spill-credentials\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Amazon Web Services","item":"https:\/\/www.threatshub.org\/blog\/tag\/amazon-web-services\/"},{"@type":"ListItem","position":3,"name":"Misconfigured Reverse Proxy Servers Spill Credentials"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/885","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=885"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/885\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/886"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=885"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=885"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=885"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}