{"id":14983,"date":"2023-02-10T09:56:15","date_gmt":"2023-02-10T16:56:15","guid":{"rendered":"https:\/\/webdev.securin.xyz\/?p=14983"},"modified":"2023-04-06T15:15:26","modified_gmt":"2023-04-06T22:15:26","slug":"securins-threat-intelligence-feb-6-2023-feb-10-2023","status":"publish","type":"post","link":"https:\/\/10.42.32.162\/articles\/securins-threat-intelligence-feb-6-2023-feb-10-2023\/","title":{"rendered":"Securin&#8217;s Threat Intelligence &#8211; Feb 6, 2023 &#8211; Feb 10, 2023"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"14983\" class=\"elementor elementor-14983\" data-elementor-post-type=\"post\">\n\t\t\t\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-1c7926eb elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"1c7926eb\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-33243357\" data-id=\"33243357\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<section class=\"elementor-section elementor-inner-section elementor-element elementor-element-cc45ac1 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"cc45ac1\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-inner-column elementor-element elementor-element-9a03310\" data-id=\"9a03310\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-91253d0 elementor-widget elementor-widget-text-editor\" data-id=\"91253d0\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p style=\"text-align: left;\">This edition brings you early warnings, trending news about cyber threats, and the accurate threat context. Check out which threat group is on the rampage, what vulnerability it could soon weaponize, and more.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-0c6088c elementor-widget elementor-widget-heading\" data-id=\"0c6088c\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h4 class=\"elementor-heading-title elementor-size-default\">Why play catch up when you can fix it now?<\/h4>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-634700b elementor-widget elementor-widget-spacer\" data-id=\"634700b\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5981555 elementor-widget elementor-widget-heading\" data-id=\"5981555\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Trending Threats<\/h3>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-c5fa93a elementor-widget elementor-widget-text-editor\" data-id=\"c5fa93a\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<ul><li><a href=\"#vmware-esxi-servers-are-under-attack-from-ransomware-groups\">VMware ESXi Servers are Under Attack from Ransomware Groups<\/a><\/li><li><a href=\"#white-elephant-apt-group-actively-exploits-cve-2017-11882\">White Elephant APT Group Actively Exploits CVE-2017-11882<\/a><\/li><li><a href=\"#clop-ransomware-uses-flawed-encryption-logic-in-new-linux-variant\">Clop Ransomware Uses\u00a0Flawed Encryption Logic in New Linux Variant<\/a><\/li><li><a href=\"#enigma-stealer-targets-victims-in-europe-with-fake-jobs\">Enigma Stealer Targets Victims in Europe with Fake Jobs<\/a><\/li><li><a href=\"http:\/\/healthcare-and-critical-infrastructure-sectors-under-attack-from-korean-actors\" data-wplink-url-error=\"true\">Healthcare and Critical Infrastructure Sectors Under Attack From Korean Actors<\/a><\/li><\/ul>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2952cac elementor-widget elementor-widget-heading\" data-id=\"2952cac\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Vulnerabilities to Watch Out For<\/h3>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-33b4b1b elementor-widget elementor-widget-text-editor\" data-id=\"33b4b1b\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<ul><li><a href=\"#goanywhere-mft-zero-day-vulnerability\">GoAnywhere MFT Zero-day Vulnerability<\/a><\/li><li><a href=\"#cve-2023-22501-jira-service-management-authentication-vulnerability\">CVE-2023-22501: Jira Service Management Authentication Vulnerability<\/a><\/li><li><a href=\"#cve-2023-21608-adobe-acrobat-reader-vulnerability\">CVE-2023-21608: Adobe Acrobat Reader Vulnerability<\/a><\/li><li><a href=\"#cve-2023-25136-openssh-pre-authentication-vulnerability\">CVE-2023-25136:\u00a0OpenSSH Pre-Authentication Vulnerability<\/a><\/li><\/ul>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-e6aeae0 elementor-widget elementor-widget-spacer\" data-id=\"e6aeae0\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-285ec51 elementor-widget elementor-widget-heading\" data-id=\"285ec51\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Trending Threats<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-c235740 elementor-widget elementor-widget-spacer\" data-id=\"c235740\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5ffde44 elementor-widget elementor-widget-menu-anchor\" data-id=\"5ffde44\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"menu-anchor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div id=\"vmware-esxi-servers-are-under-attack-from-ransomware-groups\" class=\"elementor-menu-anchor\"><\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-51aa5a8 elementor-widget elementor-widget-heading\" data-id=\"51aa5a8\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h4 class=\"elementor-heading-title elementor-size-default\">VMware ESXi Servers are Under Attack from Ransomware Groups<\/h4>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-ac5ca53 elementor-widget elementor-widget-text-editor\" data-id=\"ac5ca53\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p dir=\"ltr\">The Royal Ransomware group and the new ESXiArgs ransomware group have launched massive campaigns targeting VMware ESXi servers worldwide.<a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-21974\" target=\"_blank\" rel=\"noopener\"> CVE-2021-21974<\/a>, in VMware products is exploited to gain access to the servers. This vulnerability is caused by a heap overflow issue in the OpenSLP service that can be exploited by unauthenticated threat actors in low-complexity attacks. ESXi server versions before 7.0 U3i are primarily targeted through the OpenSLP port (427). The attackers seem to have used the Sosemanuk algorithm to encrypt files, which may have been derived from the Babuk (ESXi variant) source code.\u00a0<\/p><p dir=\"ltr\">The vulnerability, <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-21974\" target=\"_blank\" rel=\"noopener\">CVE-2021-21974<\/a> has already been\u00a0<a href=\"https:\/\/www.tenable.com\/plugins\/nessus\/146827\" target=\"_blank\" rel=\"noopener\">patched<\/a>\u00a0and users should ensure that it is applied to their VMware servers immediately.<\/p><p dir=\"ltr\">Our predictive analysis platform has estimated this vulnerability as a very critical threat two years ago.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1c1f23d elementor-widget elementor-widget-image\" data-id=\"1c1f23d\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" width=\"417\" height=\"156\" src=\"https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/02\/2023-02-06-18_24_08-VI-Vulnerabilities.png\" class=\"attachment-full size-full wp-image-14989\" alt=\"\" srcset=\"https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/02\/2023-02-06-18_24_08-VI-Vulnerabilities.png 417w, https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/02\/2023-02-06-18_24_08-VI-Vulnerabilities-300x112.png 300w\" sizes=\"(max-width: 417px) 100vw, 417px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-e41ecc7 elementor-widget elementor-widget-spacer\" data-id=\"e41ecc7\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-6e03431 elementor-widget elementor-widget-menu-anchor\" data-id=\"6e03431\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"menu-anchor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div id=\"white-elephant-apt-group-actively-exploits-cve-2017-11882\" class=\"elementor-menu-anchor\"><\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-4a6dfce elementor-widget elementor-widget-heading\" data-id=\"4a6dfce\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h4 class=\"elementor-heading-title elementor-size-default\">White Elephant APT Group Actively Exploits CVE-2017-11882<\/h4>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1e46ef9 elementor-widget elementor-widget-text-editor\" data-id=\"1e46ef9\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p dir=\"ltr\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/cve-2017-11882\" target=\"_blank\" rel=\"noopener\">CVE-2017-11882<\/a> is a Microsoft Office Memory Corruption vulnerability that has been widely exploited by more than 5 ransomware groups and 20+ APT groups. One of the APT groups is the suspected Indian threat actor group, White Elephant, AKA Hangover, Patchwork, Mahacao, etc. The group targets entities in China, Pakistan, Israel and other countries and uses harpoon attacks, supplemented by a small number of watering hole attacks to carry out cyber espionage activities. <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/cve-2017-11882\" target=\"_blank\" rel=\"noopener\">CVE-2017-11882<\/a> is used for Trojan horse implantation wherein a shellcode is deployed first to release the second-order sample. Using the malware sample, victims\u2019 data is exfiltrated and accessed by the attacker.\u00a0<\/p><p dir=\"ltr\">This vulnerability was\u00a0<a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2017-11882\" target=\"_blank\" rel=\"noopener\">patched<\/a>\u00a0by Microsoft and it is important that users patch this vulnerability immediately.<\/p><p dir=\"ltr\">Within a month of this CVE being published, our ML &amp; AI based Predictive Analysis platform gave it the maximum rating for exploitability.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-25e9eb8 elementor-widget elementor-widget-image\" data-id=\"25e9eb8\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" width=\"1070\" height=\"247\" src=\"https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/02\/pasted-image-0.png\" class=\"attachment-full size-full wp-image-14990\" alt=\"\" srcset=\"https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/02\/pasted-image-0.png 1070w, https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/02\/pasted-image-0-300x69.png 300w, https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/02\/pasted-image-0-1024x236.png 1024w, https:\/\/10.42.32.162\/wp-content\/uploads\/2023\/02\/pasted-image-0-768x177.png 768w\" sizes=\"(max-width: 1070px) 100vw, 1070px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1771801 elementor-widget elementor-widget-spacer\" data-id=\"1771801\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-8acb347 elementor-widget elementor-widget-spacer\" data-id=\"8acb347\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-7c980fc elementor-widget elementor-widget-menu-anchor\" data-id=\"7c980fc\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"menu-anchor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div id=\"clop-ransomware-uses-flawed-encryption-logic-in-new-linux-variant\" class=\"elementor-menu-anchor\"><\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-eba0fe2 elementor-widget elementor-widget-heading\" data-id=\"eba0fe2\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h4 class=\"elementor-heading-title elementor-size-default\">Clop Ransomware Uses Flawed Encryption Logic in New Linux Variant<\/h4>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-7aa875f elementor-widget elementor-widget-text-editor\" data-id=\"7aa875f\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p dir=\"ltr\">A new variant of the Clop ransomware was recently used in a few of the group\u2019s attacks. This variant is used on Linux devices. However, the encryption algorithm that the group used in this variant is flawed and allows the victims to decrypt locked files without paying a ransom. The ELF variant of Clop ransomware was used from late December 2022 and it doesn\u2019t use a hashing algorithm, such as the Windows variant, in order to avoid encrypting specific folders and files. Researchers found that the ransomware-encryption logic contained a hardcoded RC4 \u201cmaster-key\u201d which allowed the victim to decrypt Cl0p-ELF encrypted files.<\/p><p dir=\"ltr\">The Clop ransomware group exploits the following CVEs for initial access: <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/cve-2019-19781\" target=\"_blank\" rel=\"noopener\">CVE-2019-19781<\/a>, <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/cve-2020-1472\" target=\"_blank\" rel=\"noopener\">CVE-2020-1472<\/a>, <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-27101\" target=\"_blank\" rel=\"noopener\">CVE-2021-27101<\/a>, <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-27102\" target=\"_blank\" rel=\"noopener\">CVE-2021-27102<\/a>, <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-27103\" target=\"_blank\" rel=\"noopener\">CVE-2021-27103<\/a>, <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-27104\" target=\"_blank\" rel=\"noopener\">CVE-2021-27104<\/a>, and <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-35211\" target=\"_blank\" rel=\"noopener\">CVE-2021-35211<\/a>.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5b7a3eb elementor-widget elementor-widget-spacer\" data-id=\"5b7a3eb\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-ec59a6b elementor-widget elementor-widget-menu-anchor\" data-id=\"ec59a6b\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"menu-anchor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div id=\"enigma-stealer-targets-victims-in-europe-with-fake-jobs\" class=\"elementor-menu-anchor\"><\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-e5ca447 elementor-widget elementor-widget-heading\" data-id=\"e5ca447\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h4 class=\"elementor-heading-title elementor-size-default\">Enigma Stealer Targets Victims in Europe with Fake Jobs<\/h4>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-093a3c1 elementor-widget elementor-widget-text-editor\" data-id=\"093a3c1\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p dir=\"ltr\">Suspected Russian threat actors have been targeting Eastern Europeans with fake cryptocurrency jobs. They have been using a modified version of the Stealerium information stealer named Enigma stealer. This stealer is an open source C++ project that is used as a\u00a0 stealer, clipper, and keylogger with logging capabilities using the Telegram API. The fake employment campaign sends highly obfuscated and under-development custom loaders which then infect the victims with the Enigma stealer malware. The stealer uses two servers &#8211; one for delivering payloads, sending commands, and receiving the payload heartbeat. The other for DevOps and logging purposes.<\/p><p dir=\"ltr\">Apart from this, the Russian threat actors also exploit\u00a0<a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-2291\" target=\"_blank\" rel=\"noopener\">CVE-2015-2291<\/a>, an Intel driver vulnerability, to load a malicious driver designed to reduce the token integrity of Microsoft Defender.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2e80667 elementor-widget elementor-widget-spacer\" data-id=\"2e80667\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-c7cfb84 elementor-widget elementor-widget-menu-anchor\" data-id=\"c7cfb84\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"menu-anchor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div id=\"healthcare-and-critical-infrastructure-sectors-under-attack-from-korean-actors\" class=\"elementor-menu-anchor\"><\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-77b4866 elementor-widget elementor-widget-heading\" data-id=\"77b4866\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h4 class=\"elementor-heading-title elementor-size-default\">Healthcare and Critical Infrastructure Sectors Under Attack From Korean Actors<\/h4>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-6358c91 elementor-widget elementor-widget-text-editor\" data-id=\"6358c91\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p dir=\"ltr\">The Cybersecurity Advisory has\u00a0<a href=\"http:\/\/media.defense.gov\/2023\/Feb\/09\/2003159161\/-1\/-1\/0\/CSA_RANSOMWARE_ATTACKS_ON_CI_FUND_DPRK_ACTIVITIES.PDF\" target=\"_blank\" rel=\"noopener\">published a warning<\/a>\u00a0against various ransomware actors in the Democratic People\u2019s Republic of Korea (DPRK). There is an ongoing campaign targeting the Healthcare and Public Health Sector organizations and other critical infrastructure sector entities in the United States and South Korea. The Maui and H0lyGh0st ransomware families are the primary threat actors working against these entities. For ransom payments, they receive cryptocurrency.\u00a0<a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE%202021-44228\" target=\"_blank\" rel=\"noopener\">CVE 2021-44228<\/a>,\u00a0<a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-20038\" target=\"_blank\" rel=\"noopener\">CVE-2021-20038<\/a>, and\u00a0<a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-24990\" target=\"_blank\" rel=\"noopener\">CVE-2022-24990<\/a>\u00a0are exploited in these attacks.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-0371f6b elementor-widget elementor-widget-spacer\" data-id=\"0371f6b\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-fb7c0c2 elementor-widget elementor-widget-heading\" data-id=\"fb7c0c2\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Vulnerabilities to Watch Out For<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-dac80e2 elementor-widget elementor-widget-spacer\" data-id=\"dac80e2\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-551154f elementor-widget elementor-widget-menu-anchor\" data-id=\"551154f\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"menu-anchor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div id=\"goanywhere-mft-zero-day-vulnerability\" class=\"elementor-menu-anchor\"><\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-0345e89 elementor-widget elementor-widget-heading\" data-id=\"0345e89\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h4 class=\"elementor-heading-title elementor-size-default\">GoAnywhere MFT Zero-day Vulnerability<\/h4>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-0737983 elementor-widget elementor-widget-text-editor\" data-id=\"0737983\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p dir=\"ltr\">GoAnywhere MFT file transfer solution has reported a CVE-unassigned zero-day vulnerability which could grant access to their administrator consoles if exploited. It is a remote code execution vulnerability. There may be more than a 1000 administrative ports exposed to the public internet. An attacker should however have administrative console access for successful exploitation.\u00a0<\/p><p dir=\"ltr\"><em><strong>Forta has published an\u00a0<a href=\"https:\/\/infosec.exchange\/@briankrebs\/109795710941843934\" target=\"_blank\" rel=\"noopener\">advisory<\/a>\u00a0for this vulnerability.<\/strong><\/em><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-a55fb45 elementor-widget elementor-widget-spacer\" data-id=\"a55fb45\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2754349 elementor-widget elementor-widget-menu-anchor\" data-id=\"2754349\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"menu-anchor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div id=\"cve-2023-22501-jira-service-management-authentication-vulnerability\" class=\"elementor-menu-anchor\"><\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-118e0a7 elementor-widget elementor-widget-heading\" data-id=\"118e0a7\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h4 class=\"elementor-heading-title elementor-size-default\">CVE-2023-22501: Jira Service Management Authentication Vulnerability<\/h4>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-36c1f26 elementor-widget elementor-widget-text-editor\" data-id=\"36c1f26\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p dir=\"ltr\">This authentication vulnerability allows an attacker to impersonate another user and gain access to a Jira Service Management instance when exploited. However, to carry this out, the attacker should have write access to a User Directory and outgoing email enabled on a Jira Service Management instance. <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-22501\" target=\"_blank\" rel=\"noopener\">CVE-2023-22501<\/a> has a CVSS score of 9.4 making it critical.\u00a0<\/p><p dir=\"ltr\"><strong><em>Atlassian has released a\u00a0<a href=\"https:\/\/confluence.atlassian.com\/kb\/faq-for-cve-2023-22501-1189797488.html\" target=\"_blank\" rel=\"noopener\">security advisory<\/a>\u00a0for this vulnerability.<\/em><\/strong><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-015441e elementor-widget elementor-widget-spacer\" data-id=\"015441e\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3c04af0 elementor-widget elementor-widget-menu-anchor\" data-id=\"3c04af0\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"menu-anchor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div id=\"cve-2023-21608-adobe-acrobat-reader-vulnerability\" class=\"elementor-menu-anchor\"><\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-61ced82 elementor-widget elementor-widget-heading\" data-id=\"61ced82\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h4 class=\"elementor-heading-title elementor-size-default\">CVE-2023-21608: Adobe Acrobat Reader Vulnerability<\/h4>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3c4667f elementor-widget elementor-widget-text-editor\" data-id=\"3c4667f\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p dir=\"ltr\"><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2023-21608\" target=\"_blank\" rel=\"noopener\">CVE-2023-21608<\/a> is a remote code execution vulnerability in the Adobe Acrobat Reader DC. A\u00a0<a href=\"https:\/\/hacksys.io\/blogs\/adobe-reader-resetform-cagg-rce-cve-2023-21608\" target=\"_blank\" rel=\"noopener\">proof of concept<\/a>\u00a0for this exploit has been released. Users should take note of this vulnerability and patch it according to the\u00a0<a href=\"https:\/\/hacksys.io\/advisories\/HI-2022-006\" target=\"_blank\" rel=\"noopener\">advisory<\/a>.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3a91914 elementor-widget elementor-widget-spacer\" data-id=\"3a91914\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-4c9a08d elementor-widget elementor-widget-menu-anchor\" data-id=\"4c9a08d\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"menu-anchor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div id=\"cve-2023-25136-openssh-pre-authentication-vulnerability\" class=\"elementor-menu-anchor\"><\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-c45cee4 elementor-widget elementor-widget-heading\" data-id=\"c45cee4\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h4 class=\"elementor-heading-title elementor-size-default\">CVE-2023-25136: OpenSSH Pre-Authentication Vulnerability<\/h4>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-887a570 elementor-widget elementor-widget-text-editor\" data-id=\"887a570\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p dir=\"ltr\">This vulnerability <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/cve-2023-25136\" target=\"_blank\" rel=\"noopener\">CVE-2023-25136<\/a> is caused by a boundary error within the sshd(8) daemon. An unauthenticated attacker can\u00a0 send specially crafted data to the application, trigger a double free error and execute arbitrary code on the target system by exploiting the vulnerability. OpenSSH has fixed this flaw in <a href=\"https:\/\/www.openssh.com\/releasenotes.html\" target=\"_blank\" rel=\"noopener\">OpenSSH 9.2<\/a>.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<div class=\"elementor-element elementor-element-d07bcdb elementor-widget elementor-widget-spacer\" data-id=\"d07bcdb\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<section class=\"elementor-section elementor-inner-section elementor-element elementor-element-15874bb elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"15874bb\" data-element_type=\"section\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-inner-column elementor-element elementor-element-2aaad6a\" data-id=\"2aaad6a\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-92cd473 elementor-widget elementor-widget-spacer\" data-id=\"92cd473\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-dc3ccab elementor-widget elementor-widget-text-editor\" data-id=\"dc3ccab\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p dir=\"ltr\" style=\"text-align: center;\">Follow our weekly Threat Intelligence Series and podcast for proactive alerts on trending threats.<\/p><p dir=\"ltr\" style=\"text-align: center;\"><strong>Leverage our expertise and manage your threats continuously to stay safe from attackers.\u00a0<\/strong><a href=\"https:\/\/webdev.securin.xyz\/contact-us\/\" target=\"_blank\" rel=\"noopener\">Talk to Us!<\/a><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-90351a6 elementor-widget elementor-widget-spacer\" data-id=\"90351a6\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting.<\/p>\n","protected":false},"author":1,"featured_media":13471,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"content-type":""},"categories":[80,146],"tags":[268,588,107,584,585,581,586,119,587,167,150,589,91,580,218,582,583,149],"acf":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/posts\/14983"}],"collection":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/comments?post=14983"}],"version-history":[{"count":27,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/posts\/14983\/revisions"}],"predecessor-version":[{"id":17435,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/posts\/14983\/revisions\/17435"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/media\/13471"}],"wp:attachment":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/media?parent=14983"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/categories?post=14983"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/tags?post=14983"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}