{"id":6492,"date":"2021-07-13T12:12:47","date_gmt":"2021-07-13T19:12:47","guid":{"rendered":"https:\/\/blogs.infoblox.com\/?p=6492"},"modified":"2024-04-26T13:20:33","modified_gmt":"2024-04-26T20:20:33","slug":"cyber-threat-advisory-kaseya-ransomware-attack-update-patch-available","status":"publish","type":"post","link":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-threat-advisory-kaseya-ransomware-attack-update-patch-available\/","title":{"rendered":"Cyber Threat Advisory: Kaseya Ransomware Attack Update: Patch Available"},"content":{"rendered":"<h3>Author: Shashank Jain<\/h3>\n<h3>TLP: WHITE<\/h3>\n<p>&nbsp;<\/p>\n<h3>1. Executive Summary<\/h3>\n<p>On 2 July, the REvil ransomware group launched a supply chain attack that compromised Kaseya\u2019s VSA, a remote monitoring and management software platform, to hit a large number of managed service providers (MSPs). REvil used a fake update that exploited a zero-day vulnerability to deliver the ransomware and encrypt many machines.<\/p>\n<p>On 8 July, Infoblox released a Cyber Threat Advisory report that discussed the background of REvil, also known as Sodinokibi, and the Kaseya ransomware attack.\u00b9<\/p>\n<p>On 11 July, Kaseya released a patch for its on-premises version of VSA, deployed the patch to its VSA SaaS offering, and started assisting its customers with deploying the patch.<\/p>\n<p>On 12 July, Kaseya confirmed that it had restored its VSA SaaS offerings.\u00b2<\/p>\n<h3><strong>2. <\/strong><strong>Important updates <\/strong><\/h3>\n<p>As of 03:30 PM U.S. EDT on 12 July, Kaseya had updated the following, for both VSA on-premises and VSA SaaS offering:<\/p>\n<h4><strong>VSA On-Premises:<\/strong><\/h4>\n<ol>\n<li>On-premises VSA Startup Readiness Guide: <a href=\"https:\/\/helpdesk.kaseya.com\/hc\/en-gb\/articles\/4403709150993incident-response\">https:\/\/helpdesk.kaseya.com\/hc\/en-gb\/articles\/4403709150993incident-response<\/a><\/li>\n<li>VSA On-Premises Hardening and Practice Guide:\u00a0 <a href=\"https:\/\/helpdesk.kaseya.com\/hc\/en-gb\/articles\/4403760102417\">https:\/\/helpdesk.kaseya.com\/hc\/en-gb\/articles\/4403760102417<\/a><\/li>\n<\/ol>\n<h4><strong>VSA SaaS:<\/strong><\/h4>\n<ol>\n<li>VSA SaaS Startup Guide: <a href=\"https:\/\/helpdesk.kaseya.com\/hc\/en-gb\/articles\/4403709476369\">https:\/\/helpdesk.kaseya.com\/hc\/en-gb\/articles\/4403709476369<\/a><\/li>\n<li>VSA SaaS Best Practices: <a href=\"https:\/\/helpdesk.kaseya.com\/hc\/en-gb\/articles\/4403622421009-VSA-SaaS-Best-Practices\">https:\/\/helpdesk.kaseya.com\/hc\/en-gb\/articles\/4403622421009-VSA-SaaS-Best-Practices<\/a><\/li>\n<\/ol>\n<p><sup>\u00b9<\/sup>\u00a0<a href=\"https:\/\/blogs.infoblox.com\/cyber-threat-intelligence\/kaseya-revil-ransomware-attack\/\">https:\/\/blogs.infoblox.com\/cyber-threat-intelligence\/kaseya-revil-ransomware-attack\/<\/a><\/p>\n<p><sup>\u00b2<\/sup>\u00a0<a href=\"https:\/\/helpdesk.kaseya.com\/hc\/en-gb\/articles\/4403440684689%C2%A0\">https:\/\/helpdesk.kaseya.com\/hc\/en-gb\/articles\/4403440684689%C2%A0<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Author: Shashank Jain TLP: WHITE &nbsp; 1. Executive Summary On 2 July, the REvil ransomware group launched a supply chain attack that compromised Kaseya\u2019s VSA, a remote monitoring and management software platform, to hit a large number of managed service providers (MSPs). REvil used a fake update that exploited a zero-day vulnerability to deliver the [&hellip;]<\/p>\n","protected":false},"author":397,"featured_media":4416,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[254],"tags":[525,288],"class_list":{"0":"post-6492","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-threat-intelligence","8":"tag-kaseya","9":"tag-ransomware","10":"entry"},"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.3 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Cyber Threat Advisory: Kaseya Ransomware Attack Update: Patch Available<\/title>\n<meta name=\"description\" content=\"Cyber Threat Advisory: Kaseya Ransomware Attack Update: Patch Available. On 2 July, the REvil ransomware group launched a supply chain attack that compromised Kaseya\u2019s VSA, a remote monitoring and management software platform, to hit a large number of managed service providers (MSPs). REvil used a fake update that exploited a zero-day vulnerability to deliver the ransomware and encrypt many machines.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-threat-advisory-kaseya-ransomware-attack-update-patch-available\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Cyber Threat Advisory: Kaseya Ransomware Attack Update: Patch Available\" \/>\n<meta property=\"og:description\" content=\"Cyber Threat Advisory: Kaseya Ransomware Attack Update: Patch Available. On 2 July, the REvil ransomware group launched a supply chain attack that compromised Kaseya\u2019s VSA, a remote monitoring and management software platform, to hit a large number of managed service providers (MSPs). REvil used a fake update that exploited a zero-day vulnerability to deliver the ransomware and encrypt many machines.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-threat-advisory-kaseya-ransomware-attack-update-patch-available\/\" \/>\n<meta property=\"og:site_name\" content=\"Infoblox Blog\" \/>\n<meta property=\"article:published_time\" content=\"2021-07-13T19:12:47+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-04-26T20:20:33+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/visible-threat-featured-image.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"613\" \/>\n\t<meta property=\"og:image:height\" content=\"434\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Infoblox Threat Intel\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Infoblox Threat Intel\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/cyber-threat-advisory-kaseya-ransomware-attack-update-patch-available\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/cyber-threat-advisory-kaseya-ransomware-attack-update-patch-available\\\/\"},\"author\":{\"name\":\"Infoblox Threat Intel\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/b6aed8965e3298a0817c16d32c0a67ae\"},\"headline\":\"Cyber Threat Advisory: Kaseya Ransomware Attack Update: Patch Available\",\"datePublished\":\"2021-07-13T19:12:47+00:00\",\"dateModified\":\"2024-04-26T20:20:33+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/cyber-threat-advisory-kaseya-ransomware-attack-update-patch-available\\\/\"},\"wordCount\":224,\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/cyber-threat-advisory-kaseya-ransomware-attack-update-patch-available\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/visible-threat-featured-image.jpg\",\"keywords\":[\"Kaseya\",\"Ransomware\"],\"articleSection\":[\"Infoblox Threat Intel\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/cyber-threat-advisory-kaseya-ransomware-attack-update-patch-available\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/cyber-threat-advisory-kaseya-ransomware-attack-update-patch-available\\\/\",\"name\":\"Cyber Threat Advisory: Kaseya Ransomware Attack Update: Patch Available\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/cyber-threat-advisory-kaseya-ransomware-attack-update-patch-available\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/cyber-threat-advisory-kaseya-ransomware-attack-update-patch-available\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/visible-threat-featured-image.jpg\",\"datePublished\":\"2021-07-13T19:12:47+00:00\",\"dateModified\":\"2024-04-26T20:20:33+00:00\",\"description\":\"Cyber Threat Advisory: Kaseya Ransomware Attack Update: Patch Available. On 2 July, the REvil ransomware group launched a supply chain attack that compromised Kaseya\u2019s VSA, a remote monitoring and management software platform, to hit a large number of managed service providers (MSPs). REvil used a fake update that exploited a zero-day vulnerability to deliver the ransomware and encrypt many machines.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/cyber-threat-advisory-kaseya-ransomware-attack-update-patch-available\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/cyber-threat-advisory-kaseya-ransomware-attack-update-patch-available\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/cyber-threat-advisory-kaseya-ransomware-attack-update-patch-available\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/visible-threat-featured-image.jpg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/visible-threat-featured-image.jpg\",\"width\":613,\"height\":434},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/cyber-threat-advisory-kaseya-ransomware-attack-update-patch-available\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Infoblox Threat Intel\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/category\\\/threat-intelligence\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Cyber Threat Advisory: Kaseya Ransomware Attack Update: Patch Available\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"name\":\"infoblox.com\\\/blog\\\/\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\",\"name\":\"Infoblox\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"width\":137,\"height\":30,\"caption\":\"Infoblox\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/b6aed8965e3298a0817c16d32c0a67ae\",\"name\":\"Infoblox Threat Intel\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_397_1714162589-96x96.png\",\"url\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_397_1714162589-96x96.png\",\"contentUrl\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_397_1714162589-96x96.png\",\"caption\":\"Infoblox Threat Intel\"},\"description\":\"Infoblox Threat Intel is the leading creator of original DNS threat intelligence, distinguishing itself in a sea of aggregators. What sets us apart? Two things: mad DNS skills and unparalleled visibility. DNS is notoriously tricky to interpret and hunt from, but our deep understanding and unique access to the internet's inner workings allow us to track down threat actors that others can't see. We're proactive, not just defensive, using our insights to disrupt cybercrime where it begins. We also believe in sharing knowledge to support the broader security community by publishing detailed research and releasing indicators on GitHub. In addition, our intel is seamlessly integrated into our Infoblox Protective DNS solutions, so customers automatically get its benefits, along with ridiculously low false positive rates.\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/author\\\/infoblox-threat-intel\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Cyber Threat Advisory: Kaseya Ransomware Attack Update: Patch Available","description":"Cyber Threat Advisory: Kaseya Ransomware Attack Update: Patch Available. On 2 July, the REvil ransomware group launched a supply chain attack that compromised Kaseya\u2019s VSA, a remote monitoring and management software platform, to hit a large number of managed service providers (MSPs). REvil used a fake update that exploited a zero-day vulnerability to deliver the ransomware and encrypt many machines.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-threat-advisory-kaseya-ransomware-attack-update-patch-available\/","og_locale":"en_US","og_type":"article","og_title":"Cyber Threat Advisory: Kaseya Ransomware Attack Update: Patch Available","og_description":"Cyber Threat Advisory: Kaseya Ransomware Attack Update: Patch Available. On 2 July, the REvil ransomware group launched a supply chain attack that compromised Kaseya\u2019s VSA, a remote monitoring and management software platform, to hit a large number of managed service providers (MSPs). REvil used a fake update that exploited a zero-day vulnerability to deliver the ransomware and encrypt many machines.","og_url":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-threat-advisory-kaseya-ransomware-attack-update-patch-available\/","og_site_name":"Infoblox Blog","article_published_time":"2021-07-13T19:12:47+00:00","article_modified_time":"2024-04-26T20:20:33+00:00","og_image":[{"width":613,"height":434,"url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/visible-threat-featured-image.jpg","type":"image\/jpeg"}],"author":"Infoblox Threat Intel","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Infoblox Threat Intel","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-threat-advisory-kaseya-ransomware-attack-update-patch-available\/#article","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-threat-advisory-kaseya-ransomware-attack-update-patch-available\/"},"author":{"name":"Infoblox Threat Intel","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/b6aed8965e3298a0817c16d32c0a67ae"},"headline":"Cyber Threat Advisory: Kaseya Ransomware Attack Update: Patch Available","datePublished":"2021-07-13T19:12:47+00:00","dateModified":"2024-04-26T20:20:33+00:00","mainEntityOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-threat-advisory-kaseya-ransomware-attack-update-patch-available\/"},"wordCount":224,"publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-threat-advisory-kaseya-ransomware-attack-update-patch-available\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/visible-threat-featured-image.jpg","keywords":["Kaseya","Ransomware"],"articleSection":["Infoblox Threat Intel"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-threat-advisory-kaseya-ransomware-attack-update-patch-available\/","url":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-threat-advisory-kaseya-ransomware-attack-update-patch-available\/","name":"Cyber Threat Advisory: Kaseya Ransomware Attack Update: Patch Available","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-threat-advisory-kaseya-ransomware-attack-update-patch-available\/#primaryimage"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-threat-advisory-kaseya-ransomware-attack-update-patch-available\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/visible-threat-featured-image.jpg","datePublished":"2021-07-13T19:12:47+00:00","dateModified":"2024-04-26T20:20:33+00:00","description":"Cyber Threat Advisory: Kaseya Ransomware Attack Update: Patch Available. On 2 July, the REvil ransomware group launched a supply chain attack that compromised Kaseya\u2019s VSA, a remote monitoring and management software platform, to hit a large number of managed service providers (MSPs). REvil used a fake update that exploited a zero-day vulnerability to deliver the ransomware and encrypt many machines.","breadcrumb":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-threat-advisory-kaseya-ransomware-attack-update-patch-available\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-threat-advisory-kaseya-ransomware-attack-update-patch-available\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-threat-advisory-kaseya-ransomware-attack-update-patch-available\/#primaryimage","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/visible-threat-featured-image.jpg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/visible-threat-featured-image.jpg","width":613,"height":434},{"@type":"BreadcrumbList","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-threat-advisory-kaseya-ransomware-attack-update-patch-available\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.infoblox.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Infoblox Threat Intel","item":"https:\/\/www.infoblox.com\/blog\/category\/threat-intelligence\/"},{"@type":"ListItem","position":3,"name":"Cyber Threat Advisory: Kaseya Ransomware Attack Update: Patch Available"}]},{"@type":"WebSite","@id":"https:\/\/www.infoblox.com\/blog\/#website","url":"https:\/\/www.infoblox.com\/blog\/","name":"infoblox.com\/blog\/","description":"","publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.infoblox.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.infoblox.com\/blog\/#organization","name":"Infoblox","url":"https:\/\/www.infoblox.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","width":137,"height":30,"caption":"Infoblox"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/b6aed8965e3298a0817c16d32c0a67ae","name":"Infoblox Threat Intel","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_397_1714162589-96x96.png","url":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_397_1714162589-96x96.png","contentUrl":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_397_1714162589-96x96.png","caption":"Infoblox Threat Intel"},"description":"Infoblox Threat Intel is the leading creator of original DNS threat intelligence, distinguishing itself in a sea of aggregators. What sets us apart? Two things: mad DNS skills and unparalleled visibility. DNS is notoriously tricky to interpret and hunt from, but our deep understanding and unique access to the internet's inner workings allow us to track down threat actors that others can't see. We're proactive, not just defensive, using our insights to disrupt cybercrime where it begins. We also believe in sharing knowledge to support the broader security community by publishing detailed research and releasing indicators on GitHub. In addition, our intel is seamlessly integrated into our Infoblox Protective DNS solutions, so customers automatically get its benefits, along with ridiculously low false positive rates.","url":"https:\/\/www.infoblox.com\/blog\/author\/infoblox-threat-intel\/"}]}},"_links":{"self":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/6492","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/users\/397"}],"replies":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/comments?post=6492"}],"version-history":[{"count":3,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/6492\/revisions"}],"predecessor-version":[{"id":6495,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/6492\/revisions\/6495"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media\/4416"}],"wp:attachment":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media?parent=6492"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/categories?post=6492"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/tags?post=6492"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}