{"id":914,"date":"2018-05-18T12:42:38","date_gmt":"2018-05-18T12:42:38","guid":{"rendered":"https:\/\/kasperskycontenthub.com\/threatpost\/?p=132081"},"modified":"2018-05-18T12:42:38","modified_gmt":"2018-05-18T12:42:38","slug":"reddawn-espionage-campaign-shows-mobile-apts-on-the-rise","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/reddawn-espionage-campaign-shows-mobile-apts-on-the-rise\/","title":{"rendered":"RedDawn Espionage Campaign Shows Mobile APTs on the Rise"},"content":{"rendered":"<div class=\"media_block\"><\/div>\n<div><img decoding=\"async\" src=\"https:\/\/media.kasperskycontenthub.com\/wp-content\/uploads\/sites\/31\/2018\/05\/01162849\/north-korea-flag.jpg\" class=\"ff-og-image-inserted\"\/><\/div>\n<p>A sophisticated and targeted mobile espionage campaign has been found targeting North Korean defectors. Mounted by a relatively new APT actor known as Sun Team, the offensive used Google Play and Facebook as attack vectors; and overall, it shows how quickly the mobile threat landscape is evolving as APTs shift tactics to focus on this segment.<\/p>\n<p>The RedDawn campaign, as it has been dubbed by the researchers that observed it, planted three \u201cunreleased\u201d beta apps in Google Play that target Korean-speaking users. They masquerade as something useful. One is called Food Ingredients Info, and the other two claim to be security-related (Fast AppLock and AppLockFree).<\/p>\n<p>\u201cWe are witnessing an evolution of the traditional kill chain, where the platform is truly becoming agnostic,\u201d Raj Samani, chief scientist at McAfee, said in an email interview. \u201cMobile malware is over 14 years old, and the evolution of mobile threats into mobile APTs is a testament of the fact of how critical mobile devices have become to us in our digital life.\u201d<\/p>\n<p>In reality, the food app and Fast AppLock secretly steal sensitive data like contacts, messages, call recordings and photos, and they\u2019re also capable of receiving commands and additional executable (.dex) files from a C2 server. AppLockFree, on the other hand, appears to be part of a reconnaissance effort, setting the foundation for a future wave of attacks.<\/p>\n<p>\u201cWe believe this group behind this campaign is just getting started,\u201d said Samani.<\/p>\n<p>As for how the malicious apps made it into the official store in the first place, he explained that the apps were meant to be an innocuous-looking\u00a0initial foundation for the attack.<\/p>\n<p>\u201cThe initial stage that was uploaded on Google Play was just enough to go under their radar, but enough to carry out surveillance to download additional custom made payloads depending on the intentions of the attacker,\u201d Samani noted. \u201cThis kind of sophistication is traditionally what we see with attacks on the PC side, to see this kind of tactics coming to mobile devices is genuinely a sign this is the year of mobile malware.\u201d<\/p>\n<p>After being installed on Android devices, the malware uses Facebook to infiltrate the victims\u2019 friends, through messages asking them to install the apps and offering feedback via a Facebook account with a fake profile. This proved to be virulent; although the initial infection group totaled around 100 people, the Sun Team was able to scale its campaign far beyond, the research showed.<\/p>\n<p>\u201cThe most concerning thing about this Sun Team operation is that they use photos uploaded on social network services and identities of South Koreans to create fake accounts,\u201d said researchers. \u201cWe have found evidence that some people have had their identities stolen; more could follow. They are [also] using texting and calling services to generate virtual phone numbers so they can sign up for South Korean online services.\u201d<\/p>\n<p>Samani said that the Bouncer app-vetting tool and Google Play Protect both failed to detect the rogue apps in Google Play; Google Security however immediately responded to a request for a takedown. This is unlikely to be the end of it, though: RedDawn is the second campaign observed this year from the Sun Team hacking group. In January, a similar Android malware effort was found targeting North Korean defectors and journalists.<\/p>\n<p>\u201c[The fact that this] is the second attempt this year, despite the fact that we had called out\/dismantled their previous efforts in January, is a testament to the fact they will come back with new tactics and strategies,\u201d Samani said.<\/p>\n<p>Based on the Dropbox and Yandex cloud storage sites the malware uses to upload data and issue commands, it\u2019s clear that RedDawn was the work of the same crew. For instance, researchers found information logs from the same test Android devices that Sun Team used for the January malware campaign.<\/p>\n<p>\u201cThe logs had a similar format and used the same abbreviations for fields as in other Sun Team logs,\u201d McAfee said in an <a href=\"https:\/\/securingtomorrow.mcafee.com\/mcafee-labs\/malware-on-google-play-targets-north-korean-defectors\/\">analysis<\/a> published on Thursday. \u201cFurther, the email addresses of the new malware\u2019s developer are identical to the earlier email addresses associated with the Sun Team.\u201d<\/p>\n<p>As for who\u2019s behind Sun Team, the profile of the targeted victims (North Korean defectors) as well as some of the attributes in the campaign point north. For instance, some of the Korean words found on the malware\u2019s control server are not in South Korean vocabulary; and, an exposed IP address points to North Korea. Even so, Dropbox accounts were names from South Korean celebrities.<\/p>\n<p>\u201cThese features are strong evidence that the actors behind these campaigns are not native South Koreans but are familiar with the culture and language,\u201d researchers noted.<\/p>\n<p>RedDawn is an indicator of how nation-state spy tactics are evolving, Samani said. Aside from the Sun Team, researchers also recently identified that the <a href=\"https:\/\/threatpost.com\/wannacry-shares-code-with-lazarus-apt-samples\/125718\/\">Lazarus<\/a> APT has also shifted its attention to mobile, using more sophisticated attack techniques of late, such as using forged signatures to bypass security verifications in the operating system. Also, last week a piece of North Korean spyware was found targeting Apple iOS devices.<\/p>\n<p>\u201cIt\u2019s not just Korea, but we have seen mobile devices been targeted in Iran as well as other emerging countries, as well as among immigrants living in the U.S.,\u201d he explained. \u201cIf you\u2019re a person of interest on the run or constantly on the move (may it be North Korean defectors or protesters in Iran), smartphones are likely to be your preferred method of accessing the internet.\u201d<\/p>\n<p>READ MORE <a href=\"https:\/\/threatpost.com\/reddawn-espionage-campaign-shows-mobile-apts-on-the-rise\/132081\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The Sun Team APT, likely linked to North Korea, uses Google Play and Facebook as attack vectors. READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":915,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[3],"tags":[618,619,620,4,621,126,28,622,623,624,625,626],"class_list":["post-914","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-threatpost","tag-android-malware","tag-defectors","tag-espionage-campaign","tag-facebook","tag-google-play","tag-government","tag-malware","tag-mcafee","tag-mobile-apt","tag-north-korea","tag-reddawn","tag-sun-team"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>RedDawn Espionage Campaign Shows Mobile APTs on the Rise 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/reddawn-espionage-campaign-shows-mobile-apts-on-the-rise\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"RedDawn Espionage Campaign Shows Mobile APTs on the Rise 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/reddawn-espionage-campaign-shows-mobile-apts-on-the-rise\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2018-05-18T12:42:38+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/reddawn-espionage-campaign-shows-mobile-apts-on-the-rise.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"680\" \/>\n\t<meta property=\"og:image:height\" content=\"400\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/reddawn-espionage-campaign-shows-mobile-apts-on-the-rise\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/reddawn-espionage-campaign-shows-mobile-apts-on-the-rise\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"RedDawn Espionage Campaign Shows Mobile APTs on the Rise\",\"datePublished\":\"2018-05-18T12:42:38+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/reddawn-espionage-campaign-shows-mobile-apts-on-the-rise\/\"},\"wordCount\":928,\"publisher\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/reddawn-espionage-campaign-shows-mobile-apts-on-the-rise\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/reddawn-espionage-campaign-shows-mobile-apts-on-the-rise.jpg\",\"keywords\":[\"Android malware\",\"defectors\",\"espionage campaign\",\"Facebook\",\"google play\",\"Government\",\"Malware\",\"McAfee\",\"mobile apt\",\"North Korea\",\"reddawn\",\"sun team\"],\"articleSection\":[\"Threatpost\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/reddawn-espionage-campaign-shows-mobile-apts-on-the-rise\/\",\"url\":\"https:\/\/www.threatshub.org\/blog\/reddawn-espionage-campaign-shows-mobile-apts-on-the-rise\/\",\"name\":\"RedDawn Espionage Campaign Shows Mobile APTs on the Rise 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/reddawn-espionage-campaign-shows-mobile-apts-on-the-rise\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/reddawn-espionage-campaign-shows-mobile-apts-on-the-rise\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/reddawn-espionage-campaign-shows-mobile-apts-on-the-rise.jpg\",\"datePublished\":\"2018-05-18T12:42:38+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/reddawn-espionage-campaign-shows-mobile-apts-on-the-rise\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.threatshub.org\/blog\/reddawn-espionage-campaign-shows-mobile-apts-on-the-rise\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/reddawn-espionage-campaign-shows-mobile-apts-on-the-rise\/#primaryimage\",\"url\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/reddawn-espionage-campaign-shows-mobile-apts-on-the-rise.jpg\",\"contentUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/reddawn-espionage-campaign-shows-mobile-apts-on-the-rise.jpg\",\"width\":680,\"height\":400},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/reddawn-espionage-campaign-shows-mobile-apts-on-the-rise\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.threatshub.org\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Android malware\",\"item\":\"https:\/\/www.threatshub.org\/blog\/tag\/android-malware\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"RedDawn Espionage Campaign Shows Mobile APTs on the Rise\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#website\",\"url\":\"https:\/\/www.threatshub.org\/blog\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\/\/www.threatshub.org\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"RedDawn Espionage Campaign Shows Mobile APTs on the Rise 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/reddawn-espionage-campaign-shows-mobile-apts-on-the-rise\/","og_locale":"en_US","og_type":"article","og_title":"RedDawn Espionage Campaign Shows Mobile APTs on the Rise 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/reddawn-espionage-campaign-shows-mobile-apts-on-the-rise\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2018-05-18T12:42:38+00:00","og_image":[{"width":680,"height":400,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/reddawn-espionage-campaign-shows-mobile-apts-on-the-rise.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/reddawn-espionage-campaign-shows-mobile-apts-on-the-rise\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/reddawn-espionage-campaign-shows-mobile-apts-on-the-rise\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"RedDawn Espionage Campaign Shows Mobile APTs on the Rise","datePublished":"2018-05-18T12:42:38+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/reddawn-espionage-campaign-shows-mobile-apts-on-the-rise\/"},"wordCount":928,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/reddawn-espionage-campaign-shows-mobile-apts-on-the-rise\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/reddawn-espionage-campaign-shows-mobile-apts-on-the-rise.jpg","keywords":["Android malware","defectors","espionage campaign","Facebook","google play","Government","Malware","McAfee","mobile apt","North Korea","reddawn","sun team"],"articleSection":["Threatpost"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/reddawn-espionage-campaign-shows-mobile-apts-on-the-rise\/","url":"https:\/\/www.threatshub.org\/blog\/reddawn-espionage-campaign-shows-mobile-apts-on-the-rise\/","name":"RedDawn Espionage Campaign Shows Mobile APTs on the Rise 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/reddawn-espionage-campaign-shows-mobile-apts-on-the-rise\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/reddawn-espionage-campaign-shows-mobile-apts-on-the-rise\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/reddawn-espionage-campaign-shows-mobile-apts-on-the-rise.jpg","datePublished":"2018-05-18T12:42:38+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/reddawn-espionage-campaign-shows-mobile-apts-on-the-rise\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/reddawn-espionage-campaign-shows-mobile-apts-on-the-rise\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/reddawn-espionage-campaign-shows-mobile-apts-on-the-rise\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/reddawn-espionage-campaign-shows-mobile-apts-on-the-rise.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/reddawn-espionage-campaign-shows-mobile-apts-on-the-rise.jpg","width":680,"height":400},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/reddawn-espionage-campaign-shows-mobile-apts-on-the-rise\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Android malware","item":"https:\/\/www.threatshub.org\/blog\/tag\/android-malware\/"},{"@type":"ListItem","position":3,"name":"RedDawn Espionage Campaign Shows Mobile APTs on the Rise"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/914","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=914"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/914\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/915"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=914"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=914"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=914"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}