{"id":844,"date":"2019-09-17T00:04:22","date_gmt":"2019-09-17T00:04:22","guid":{"rendered":"https:\/\/live-infoblox-blog.pantheonsite.io\/?p=844"},"modified":"2024-04-26T13:21:33","modified_gmt":"2024-04-26T20:21:33","slug":"how-to-catch-a-rat-by-the-tail","status":"publish","type":"post","link":"https:\/\/www.infoblox.com\/blog\/security\/how-to-catch-a-rat-by-the-tail\/","title":{"rendered":"How to Catch a RAT by the Tail"},"content":{"rendered":"<p>Sniffing out a RAT, or remote access Trojan, can be challenging for even the most prepared cyber defender. Cyberattackers continue to evolve their products and tactics to infect corporate systems as cybersecurity companies like Infoblox become increasingly aware of their tactics.<\/p>\n<p>Here\u2019s an overview of this type of malware, how it works, and how organizations can stay protected online.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-845\" src=\"https:\/\/live-infoblox-blog.pantheonsite.io\/wp-content\/uploads\/rat.png\" alt=\"How to Catch a RAT by the Tail\" width=\"599\" height=\"315\" srcset=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/rat.png 599w, https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/rat-300x158.png 300w\" sizes=\"auto, (max-width: 599px) 100vw, 599px\" \/><\/p>\n<p><strong>What is a RAT (remote access Trojan)?<\/strong><\/p>\n<p>A\u00a0<a href=\"https:\/\/searchsecurity.techtarget.com\/definition\/RAT-remote-access-Trojan\" target=\"_blank\" rel=\"noopener nofollow noreferrer\">remote access Trojan (RAT)<\/a>\u00a0is a dangerous malware program that enables covert surveillance or unauthorized access to any victim\u2019s computer or network anywhere in the world. Unlike legal remote administration tools, RATs are typically installed onto a computer or network without the victim\u2019s knowledge. They are primarily distributed through email attachments or user-requested program downloads, such as games.\u00a0This backdoor gives an attacker complete control over that computer or network, making it possible for an intruder to monitor user behavior, access and exfiltrate sensitive information, establish a botnet, take screenshots and more.<\/p>\n<p><strong>Common RATs to Hunt<\/strong><\/p>\n<p>Many RATs have been dominating cybersecurity headlines recently. These are just some of the well-known RATs\u00a0observed by Infoblox\u2019s Cyber Intelligence Unit.<\/p>\n<p><strong>Remcos RAT<\/strong><\/p>\n<p><a href=\"https:\/\/insights.infoblox.com\/threat-intelligence-reports\/threat-intelligence--32\" target=\"_blank\" rel=\"noopener nofollow noreferrer\">Remcos (remote control and surveillance) RAT<\/a>\u00a0emerged in 2016 and is still widely used by cybercriminals today. The Infoblox Cyber Intelligence Unit recently observed Remcos being distributed via phishing email using a simplified delivery tactic. Remcos has advanced surveillance and capabilities, including ScreenLogger, audio capture, and webcam capture. It\u2019s a popular choice for targeting Windows operating systems because it is easy for threat actors to use and control.<\/p>\n<p><strong>FlawedAmmyy RAT<\/strong><\/p>\n<p>Infoblox Cyber Intelligence Unit recently observed a malicious email campaign that distributed the new AndroMut malware downloader, which then dropped the\u00a0<a href=\"https:\/\/insights.infoblox.com\/threat-intelligence-reports\/threat-intelligence--33\" target=\"_blank\" rel=\"noopener nofollow noreferrer\">FlawedAmmyy RAT<\/a>\u00a0to targeted victims in South Korea. Spam emails, mostly written in Korean, were sent out referencing financial quotes or invoices and carrying an attached .doc or .xls file. Once the file opened and macros were enabled, the file downloaded AndroMut, which then downloaded FlawedAmmyy. The FlawedAmmyy RAT has also been used since at least 2016, allowing threat actors to gain access to infected computers and steal credentials, files, and other data.<\/p>\n<p><strong>Adwind RAT<\/strong><\/p>\n<p>Infoblox also observed a malicious email campaign distributing the\u00a0<a href=\"https:\/\/insights.infoblox.com\/threat-intelligence-reports\/threat-intelligence--34\" target=\"_blank\" rel=\"noopener nofollow noreferrer\">Adwind RAT<\/a>. These emails spoofed a notification about a commercial invoice and referenced \u201cimages of shipping documents,\u201d while containing a malicious JAR file attachment. Adwind is a Malware-as-a-Service (MaaS) platform that first appeared in 2012. It can log keystrokes, access webcams and record video, steal cryptocurrency wallet keys and VPN certificates, download and execute files, and more. Because it is a Java-based malware, Adwind can run on any operating system that supports Java Runtime Environment.<\/p>\n<p><strong>Detecting and Exterminating RATS<\/strong><\/p>\n<p>RATs are typically downloaded invisibly through malicious email campaigns, web links, download packages, games or .torrent files. They are covert by nature and may prevent identification of the software using a randomized filename\/path structure.<\/p>\n<p>Infoblox protects organizations wherever they\u2019re deployed using a unique hybrid approach.\u00a0<a href=\"https:\/\/www.infoblox.com\/wp-content\/uploads\/infoblox-datasheet-bloxone-threat-defense-advanced.pdf?utm_source=blox-community&amp;utm_campaign=community-q2&amp;utm_medium=blox-community\" target=\"_blank\" rel=\"noopener nofollow noreferrer\">Hybrid security<\/a>\u00a0gives enterprises the power to leverage the cloud to detect more of today\u2019s most dangerous threats while integrating with the on-prem system. Organizations benefit from streamlining and automating their security operations and scale for future growth using the security tools they already have.<\/p>\n<p>Learn more about Infoblox&#8217;s Cyber Intelligence Unit and stay up to date on the latest threat intelligence news\u00a0<a href=\"https:\/\/www.infoblox.com\/cyber-intelligence-unit\/?utm_source=blox-community&amp;utm_campaign=community-q2&amp;utm_medium=blox-community\" target=\"_self\" rel=\"nofollow noopener noreferrer\">here<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Sniffing out a RAT, or remote access Trojan, can be challenging for even the most prepared cyber defender. Cyberattackers continue to evolve their products and tactics to infect corporate systems as cybersecurity companies like Infoblox become increasingly aware of their tactics. Here\u2019s an overview of this type of malware, how it works, and how organizations [&hellip;]<\/p>\n","protected":false},"author":397,"featured_media":845,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[2],"tags":[16,32,49,15,40,36],"class_list":{"0":"post-844","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-security","8":"tag-infoblox","9":"tag-malware","10":"tag-mitigate-threats","11":"tag-security","12":"tag-threat-intelligence","13":"tag-threats","14":"entry"},"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.3 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>How to Catch a RAT by the Tail<\/title>\n<meta name=\"description\" content=\"Sniffing out a RAT, or remote access Trojan, can be challenging for even the most prepared cyber defender. Cyberattackers continue to evolve their products and tactics to infect corporate systems as cybersecurity companies like Infoblox become increasingly aware of their tactics.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.infoblox.com\/blog\/security\/how-to-catch-a-rat-by-the-tail\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to Catch a RAT by the Tail\" \/>\n<meta property=\"og:description\" content=\"Sniffing out a RAT, or remote access Trojan, can be challenging for even the most prepared cyber defender. Cyberattackers continue to evolve their products and tactics to infect corporate systems as cybersecurity companies like Infoblox become increasingly aware of their tactics.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.infoblox.com\/blog\/security\/how-to-catch-a-rat-by-the-tail\/\" \/>\n<meta property=\"og:site_name\" content=\"Infoblox Blog\" \/>\n<meta property=\"article:published_time\" content=\"2019-09-17T00:04:22+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-04-26T20:21:33+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/rat.png\" \/>\n\t<meta property=\"og:image:width\" content=\"599\" \/>\n\t<meta property=\"og:image:height\" content=\"315\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Infoblox Threat Intel\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Infoblox Threat Intel\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/how-to-catch-a-rat-by-the-tail\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/how-to-catch-a-rat-by-the-tail\\\/\"},\"author\":{\"name\":\"Infoblox Threat Intel\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/b6aed8965e3298a0817c16d32c0a67ae\"},\"headline\":\"How to Catch a RAT by the Tail\",\"datePublished\":\"2019-09-17T00:04:22+00:00\",\"dateModified\":\"2024-04-26T20:21:33+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/how-to-catch-a-rat-by-the-tail\\\/\"},\"wordCount\":564,\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/how-to-catch-a-rat-by-the-tail\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/rat.png\",\"keywords\":[\"Infoblox\",\"Malware\",\"mitigate threats\",\"Security\",\"Threat Intelligence\",\"Threats\"],\"articleSection\":[\"Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/how-to-catch-a-rat-by-the-tail\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/how-to-catch-a-rat-by-the-tail\\\/\",\"name\":\"How to Catch a RAT by the Tail\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/how-to-catch-a-rat-by-the-tail\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/how-to-catch-a-rat-by-the-tail\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/rat.png\",\"datePublished\":\"2019-09-17T00:04:22+00:00\",\"dateModified\":\"2024-04-26T20:21:33+00:00\",\"description\":\"Sniffing out a RAT, or remote access Trojan, can be challenging for even the most prepared cyber defender. Cyberattackers continue to evolve their products and tactics to infect corporate systems as cybersecurity companies like Infoblox become increasingly aware of their tactics.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/how-to-catch-a-rat-by-the-tail\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/how-to-catch-a-rat-by-the-tail\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/how-to-catch-a-rat-by-the-tail\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/rat.png\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/rat.png\",\"width\":599,\"height\":315,\"caption\":\"How to Catch a RAT by the Tail\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/how-to-catch-a-rat-by-the-tail\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/category\\\/security\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"How to Catch a RAT by the Tail\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"name\":\"infoblox.com\\\/blog\\\/\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\",\"name\":\"Infoblox\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"width\":137,\"height\":30,\"caption\":\"Infoblox\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/b6aed8965e3298a0817c16d32c0a67ae\",\"name\":\"Infoblox Threat Intel\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_397_1714162589-96x96.png\",\"url\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_397_1714162589-96x96.png\",\"contentUrl\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_397_1714162589-96x96.png\",\"caption\":\"Infoblox Threat Intel\"},\"description\":\"Infoblox Threat Intel is the leading creator of original DNS threat intelligence, distinguishing itself in a sea of aggregators. What sets us apart? Two things: mad DNS skills and unparalleled visibility. DNS is notoriously tricky to interpret and hunt from, but our deep understanding and unique access to the internet's inner workings allow us to track down threat actors that others can't see. We're proactive, not just defensive, using our insights to disrupt cybercrime where it begins. We also believe in sharing knowledge to support the broader security community by publishing detailed research and releasing indicators on GitHub. In addition, our intel is seamlessly integrated into our Infoblox Protective DNS solutions, so customers automatically get its benefits, along with ridiculously low false positive rates.\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/author\\\/infoblox-threat-intel\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"How to Catch a RAT by the Tail","description":"Sniffing out a RAT, or remote access Trojan, can be challenging for even the most prepared cyber defender. Cyberattackers continue to evolve their products and tactics to infect corporate systems as cybersecurity companies like Infoblox become increasingly aware of their tactics.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.infoblox.com\/blog\/security\/how-to-catch-a-rat-by-the-tail\/","og_locale":"en_US","og_type":"article","og_title":"How to Catch a RAT by the Tail","og_description":"Sniffing out a RAT, or remote access Trojan, can be challenging for even the most prepared cyber defender. Cyberattackers continue to evolve their products and tactics to infect corporate systems as cybersecurity companies like Infoblox become increasingly aware of their tactics.","og_url":"https:\/\/www.infoblox.com\/blog\/security\/how-to-catch-a-rat-by-the-tail\/","og_site_name":"Infoblox Blog","article_published_time":"2019-09-17T00:04:22+00:00","article_modified_time":"2024-04-26T20:21:33+00:00","og_image":[{"width":599,"height":315,"url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/rat.png","type":"image\/png"}],"author":"Infoblox Threat Intel","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Infoblox Threat Intel","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.infoblox.com\/blog\/security\/how-to-catch-a-rat-by-the-tail\/#article","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/how-to-catch-a-rat-by-the-tail\/"},"author":{"name":"Infoblox Threat Intel","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/b6aed8965e3298a0817c16d32c0a67ae"},"headline":"How to Catch a RAT by the Tail","datePublished":"2019-09-17T00:04:22+00:00","dateModified":"2024-04-26T20:21:33+00:00","mainEntityOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/how-to-catch-a-rat-by-the-tail\/"},"wordCount":564,"publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/how-to-catch-a-rat-by-the-tail\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/rat.png","keywords":["Infoblox","Malware","mitigate threats","Security","Threat Intelligence","Threats"],"articleSection":["Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.infoblox.com\/blog\/security\/how-to-catch-a-rat-by-the-tail\/","url":"https:\/\/www.infoblox.com\/blog\/security\/how-to-catch-a-rat-by-the-tail\/","name":"How to Catch a RAT by the Tail","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/how-to-catch-a-rat-by-the-tail\/#primaryimage"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/how-to-catch-a-rat-by-the-tail\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/rat.png","datePublished":"2019-09-17T00:04:22+00:00","dateModified":"2024-04-26T20:21:33+00:00","description":"Sniffing out a RAT, or remote access Trojan, can be challenging for even the most prepared cyber defender. Cyberattackers continue to evolve their products and tactics to infect corporate systems as cybersecurity companies like Infoblox become increasingly aware of their tactics.","breadcrumb":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/how-to-catch-a-rat-by-the-tail\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.infoblox.com\/blog\/security\/how-to-catch-a-rat-by-the-tail\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/security\/how-to-catch-a-rat-by-the-tail\/#primaryimage","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/rat.png","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/rat.png","width":599,"height":315,"caption":"How to Catch a RAT by the Tail"},{"@type":"BreadcrumbList","@id":"https:\/\/www.infoblox.com\/blog\/security\/how-to-catch-a-rat-by-the-tail\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.infoblox.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Security","item":"https:\/\/www.infoblox.com\/blog\/category\/security\/"},{"@type":"ListItem","position":3,"name":"How to Catch a RAT by the Tail"}]},{"@type":"WebSite","@id":"https:\/\/www.infoblox.com\/blog\/#website","url":"https:\/\/www.infoblox.com\/blog\/","name":"infoblox.com\/blog\/","description":"","publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.infoblox.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.infoblox.com\/blog\/#organization","name":"Infoblox","url":"https:\/\/www.infoblox.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","width":137,"height":30,"caption":"Infoblox"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/b6aed8965e3298a0817c16d32c0a67ae","name":"Infoblox Threat Intel","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_397_1714162589-96x96.png","url":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_397_1714162589-96x96.png","contentUrl":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_397_1714162589-96x96.png","caption":"Infoblox Threat Intel"},"description":"Infoblox Threat Intel is the leading creator of original DNS threat intelligence, distinguishing itself in a sea of aggregators. What sets us apart? Two things: mad DNS skills and unparalleled visibility. DNS is notoriously tricky to interpret and hunt from, but our deep understanding and unique access to the internet's inner workings allow us to track down threat actors that others can't see. We're proactive, not just defensive, using our insights to disrupt cybercrime where it begins. We also believe in sharing knowledge to support the broader security community by publishing detailed research and releasing indicators on GitHub. In addition, our intel is seamlessly integrated into our Infoblox Protective DNS solutions, so customers automatically get its benefits, along with ridiculously low false positive rates.","url":"https:\/\/www.infoblox.com\/blog\/author\/infoblox-threat-intel\/"}]}},"_links":{"self":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/844","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/users\/397"}],"replies":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/comments?post=844"}],"version-history":[{"count":5,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/844\/revisions"}],"predecessor-version":[{"id":852,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/844\/revisions\/852"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media\/845"}],"wp:attachment":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media?parent=844"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/categories?post=844"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/tags?post=844"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}