[From the desk of Paul Davis – his opinions and no-one else’s]
\nApart from the reporter’s opinions \ud83d\ude09
\nSo onto the news:<\/p>\n
FFIEC Releases Statement on Cyber Attacks Involving Extortion
\nThe Federal Financial Institutions Examination Council (FFIEC) members today issued a statement alerting financial institutions to the increasing frequency and severity of cyber attacks involving extortion.
\nThe statement describes steps financial institutions should take to respond to these attacks and highlights resources institutions can use to mitigate the risks posed by such attacks.
\nFinancial institutions are also encouraged to notify law enforcement and their primary regulator or regulators of a cyber attack involving extortion.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=1bf4aa15bc&e=20056c7556<\/p>\n
CYREN Cyber Threat Report: Malware Distribution Peaks on Fridays to Target Employees’ Less Protected Weekend Internet Access
\nMCLEAN, Va., Nov. 4, 2015 \/PRNewswire\/ — CYREN (NASDAQ: CYRN) today announced the release of its latest CYREN Cyber Threat Report that examines trends surrounding malware, phishing, spam and other online threats.
\nThe full report is available to download here.
\nFriday Malware Spike Results in Busy Mondays for IT Security Professionals
\nIn the report, CYREN research confirms long-held suspicions that criminals are purposely intensifying their malware distribution on Fridays in order to take advantage of employees who are less protected over the weekend.
\nExamining daily malware distribution trends during Q3 2015, CYREN detected an average of 2.25 billion malware attachments on Fridays \u2013 that’s more than triple the number seen on Mondays during the same quarter.
\nCYREN’s findings validate the theory that Monday mornings are one of the most common times for threats and breaches to appear on corporate networks due to employees downloading unsafe content on Saturdays and Sundays when using unsecured networks.
\nWhen employees take their devices home over the weekend, they often connect to the Internet through public or personal unsecured Wi-Fi networks, and proceed to surf the web, download content, and click on links delivered through email.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=3a657f244e&e=20056c7556<\/p>\n
Mobile malware evolves: Adware now breaks and roots your phone
\nThe rates of adware-based malware campaigns, known as malvertising, are low but still a threat.
\nAccording to Blue Coat, five percent of mobile threats users face were through malvertising campaigns — nothing in comparison to adult websites loading up devices with junkware and malicious code — but techniques are refining and adware is becoming more sophisticated over time.
\nA new report released by Lookout says auto-rooting apps installed through malicious mobile campaigns is a recent and “worrying” development within Google’s Android ecosystem.
\nThe security team revealed that adware is now becoming trojanized, with malicious adware masquerading as legitimate apps in order to load up malicious code and steal consumer data — after rooting the victim’s device to become firmly entrenched in smartphones and tablets.
\nThe Shuanet, Kemog — also known as ShiftyBug — and Shedun are adware families which Lookout has traced over the past year.
\nWhile technically classified as adware, the researchers say the families can now firmly be viewed as Trojans as they are responsible for over 20,000 repackaged malicious apps alone.
\nThe highest detection rates are in the US, Germany, Iran, Russia and India.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=43f97761e0&e=20056c7556<\/p>\n
JSocket: Android malware that hijacks legitimate apps
\nFirst discovered in June this year, JSocket — most recently known as AlienSpy — is described by Fidelis in a new report as a “reincarnation” of previous malware.
\nNot only can Java-based JSocket control Linux, Mac and Windows PC systems remotely, but the malicious code is also able to affect mobile devices.
\nAs an example, JSocket is able to take existing mobile apps and embed malware so victims can remain infected all the while using otherwise fully functional and legitimate software on their Android mobile devices.
\nThe malware is able to remotely control and access microphones and cameras, use a mobile device’s GPS systems to track victims and both modify and view text messages and phone call data.
\nTo infect mobile devices, the Trojan is loaded into apps downloadable outside of the official Google Play store, as the malicious code requires an Android APK to function.
\nThis is not the only example of mobile malware developed with remote access capabilities.
\nThe security team from Recorded Future have analyzed malware samples revealing cyberattackers from Iran targeting Android systems through RATs.
\nNjRAT and XtremeRAT are common examples used in Syrian surveillance campaigns and attacks launched against Israeli, Egyptian, and Saudi Arabian targets.
\nFidelis suggests that both consumers and business users do not root their devices in the first place, and to ensure the security setting “Allow installation of non-Market applications” is not turned on.
\nIn addition, you should always check what permissions a mobile app requests upon installation — as it is a common practice for mobile malware to request everything.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=417edc80ef&e=20056c7556<\/p>\n
Ransomware’s new threat: if you don’t pay, we’ll publish your photos online
\nThe \u2018scareware’ variant of the Chimera ransomware trojan has been spotted by the Cologne-based anti-botnet advisory centre, Botfrei (\u2018Botfree’).
\nThe agency says Chimera is a classic blackmail trojan which is now targeting specific employees in German companies with fake emails about job applications or job offers.
\nThe emails point them to a Dropbox address to get more information but if victims click on the link, Chimera instantly starts to encrypt their computer files and the data on their corporate network.
\nIn an extra twist, Chimera also threatens to publish their photos and other personal information online if they fail to pay the 2.45 bitcoin (\u00a3450) ransom.
\nJames also believes Chimera is likely to spread to English-speaking countries such as the UK. \u201cWe have seen many variants of CryptoLocker targeted for different countries and tailored for maximum effectiveness and this was very successful.
\nThere is no reason to suggest that this is localised and will only stay in Germany,\u201d he said.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=137683876d&e=20056c7556<\/p>\n
Stuxnet-style code signing of malware becomes darknet cottage industry
\nUnderground cybercrooks are selling digital certificates that allow code signing of malicious instructions, creating a lucrative and expanding cottage industry in the process, according to new research from threat intelligence firm InfoArmor.
\nIn one case, a hacker tricked a legitimate certificate authority into issuing digital certificates for malware before marketing a cyber-espionage tool called GovRAT.
\nGovRAT is a malware creation tool that comes bundled with digital certificates for code signing initially sold through TheRealDeal Market, an underground marketplace on the so-called dark net that\u2019s only accessible using TOR.
\nThe cybercrime or cyber-espionage toolkit was offered for sale at 1.25 Bitcoin ($420, at current rates, or $1,000 at the time) before the seller began selling it privately.
\nInfoArmor found other posts promoting code-signing certificates1 in various underground marketplace.
\nHackers price these certificates at between $600-$900 depending on the issuing company.
\nCode-signing certificates issued by Comodo, Thawte DigiCert and GoDaddy \u2013 firms well known for supplying digital credentials to legitimate software developers \u2013 are among those on offer.
\nThe GovRAT malware is probably designed for cyber espionage APT campaigns.
\nThe use of a digital certificate is designed to fool antivirus software.
\nOnce planted, malware signed using the tool can communicate over SSL, obscuring the exfiltration of sensitive data.
\nSeven banks, some in the US, and 30 defence contractors have also been targeted for attack.
\nIn addition, more than 100 corporations have been hit by malware developed using GovRAT since early 2014.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=2aa7404412&e=20056c7556<\/p>\n
Throttling mobile malware with per-app VPNs
\nOne way to deter malware is application blacklisting, which relies on IT-managed policies to prevent user-installation of unwanted apps on devices used for business.
\nBlacklisting can often be applied to mobile devices using an enterprise mobility management (EMM) platform.
\nHowever, barriers to blacklisting include maintenance and personal privacy.
\nTo address the former, you can treat blacklists as a stop-loss measure and create them selectively to identify, quarantine and remediate specific malware outbreaks.
\nThis approach can be strengthened by mobile app reputational analysis.
\nIt may not be feasible on BYODs (bring your own devices) because many employers opt against inventorying user-installed personal apps.
\nMore recently, a new method of throttling mobile malware has emerged: per-app virtual private networks (VPNs), which are now available for mobile devices running iOS 9 and Android 5.
\nPer-app VPNs made their debut in iOS 7, but it was limited to app-layer VPN clients that supported the functionality.
\nIn iOS 9, it has been integrated into the native iOS VPN client and applies to network-layer (IPsec) VPN tunnels.
\nIn addition, apps configured to authenticate via Kerberos can now automatically launch the native VPN client upon successful authentication.
\nThis makes per-app VPN a lot more usable from an enterprise perspective, and also effective as a way of stopping malware from riding network-layer tunnels into enterprise networks.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=cfcd6bbb80&e=20056c7556<\/p>\n
Kaspersky: Financial institutions in ANZ DDoS attack targets in Q3
\nFinancial institutions in Australia and New Zealand were amongst the first to fall victim to distributed-denial-of-service (DDoS) attacks in the third quarter of 2015, according to Kaspersky’s latest DDoS Intelligence Report.
\nIn its report [PDF], Kaspersky attributed a number of the financial sector’s DDoS attacks to the cyber criminal group, DD4BC, which reportedly stands for “DDoS for Bitcoin”.
\nKaspersky said the group had been targeting banks, media groups, and gaming companies since September, and had threatened to take down their customer websites unless a ransom was paid.
\nIn its report [PDF], Kaspersky attributed a number of the financial sector’s DDoS attacks to the cyber criminal group, DD4BC, which reportedly stands for “DDoS for Bitcoin”.
\nKaspersky said the group had been targeting banks, media groups, and gaming companies since September, and had threatened to take down their customer websites unless a ransom was paid.
\nCiting findings by Akamai Technologies, Kaspersky said the proportion of attacks by Linux-based bots grew from 37.6 percent in the second quarter, to 45.6 percent in the third quarter; adding that victims were mostly Asian sites belonging to educational institutions and gaming communities.
\nChina received 35 percent of the world’s DDoS attacks, the United States had 21 percent, and South Korea were third with 18 percent of attacks — a 7.9 percentage point jump in attacks for South Korea from the previous quarter.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=664482529c&e=20056c7556<\/p>\n
Ireland to lose world-leading cyber-crime research centre
\nThe Royal College of Surgeons in Ireland (RCSI) confirmed it would no longer be supporting the CyberPsychology programme run by Professor Mary Aiken, who spoke on the main stage at the Web Summit yesterday.
\nProf Aiken’s work has inspired the latest series of the hit US TV show CSI and was at the forefront of research into cyber-crime and online crime motivation.
\nRCSI said the decision was made after a “strategic review to better align itself” with its broader objectives and to increase the impact of research in areas of core expertise.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=803a227dae&e=20056c7556<\/p>\n
Maximizing Your Investment In Cyberthreat Intelligence Providers
\nI just published my latest research on threat intelligence: Vendor Landscape: S&R Pros Turn To Cyberthreat Intelligence Providers For Help.
\nThis report builds upon The State Of The Cyberthreat Intelligence Market research from June.
\nIn the new research, I divide the threat intelligence space into four functional areas: 1) Providers 2) Platforms 3) Enrichment 4) Integration.
\nThis research is designed to help readers navigate the crowded threat intelligence provider landscape and maximize limited investment resources.
\nIn this report, we looked at 20 vendors providing a range of tactical, operational, and strategic threat intelligence.
\nIn the report, I use the traditional intelligence cycle as a framework to evaluate threat intelligence providers.
\nThe intelligence cycle consists of five phases:
\n1) Planning and direction.
\n2) Collection.
\n3) Processing.
\n4) Analysis and production.
\n5) Dissemination.
\nThe traditional intelligence cycle does have its flaws, the hierarchical model doesn’t reflect the real world intelligence operations and intelligence takes to long to be created.
\nAs a result, other methodologies have emerged including target centric intelligence and most recently activity based intelligence.
\nPragmatically speaking, for most commercial organizations the traditional intelligence cycle is more than sufficient to meet your needs.
\nThe following threat intelligence providers were evaluated in this research: Bitsight Technologies (AnubisNetworks), CrowdStrike, Cyjax, Cytegic, Cyveillance, Digital Shadows, Emerging Threats, FireEye\/Mandiant, Flashpoint, IID, Intel 471, iSight Partners, Norse, Recorded Future, SurfWatch Labs, Symantec, Verisign iDefense, Wapack Labs, Webroot, and ZeroFox
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=112659795d&e=20056c7556<\/p>\n
Creating and Delivering Actionable Threat Intelligence
\nThis foundational element of a threat intelligence program is building out your organization\u2019s individual Priority Intelligence Requirements (PIRs): What are your threat intelligence goals.
\nWhat threats\/actors\/exploits\/leaked information are you looking for.
\nWhat does your organization most need to protect?
\nPIRs must provide situational awareness into the threat landscape and help feed the business\u2019s overall strategic goals.
\nIt\u2019s particularly important that PIRs be evaluated constantly, as the business grows and the threat landscape evolves.
\nNeither side is static, and therefore a set-it-and-forget-it mentality will turn your threat program into a wasted effort.
\nAn effective threat intelligence program is actionable and allows the organization to understand threats, threat actors and their capabilities; identify risks before they are realized; learn where exposed data may be lurking; mitigate attacks more effectively; and determine countermeasures and controls.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=25cfefbd31&e=20056c7556<\/p>\n
Nettitude\u2019s new Cyber Threat Intelligence report reveals increase in targeted phishing emails
\nThis new report details our examination of a global network \u2013 in which 82 percent of brute force attacks we observed originated in Hong Kong \u2013 and a number of attack trends.
\nFor instance, phishing attacks show no sign of abating, with our research revealing a notable increase in highly advanced and targeted phishing emails, particularly aimed at financial organisations.
\nWe found the US to be the most heavily plagued by phishing attacks, while the UK was the sixth most targeted nation during this period.
\nOur researchers also noted that attackers typically look to exploit organisations\u2019 Content Management System (CMS) administrator pages that are exposed to the internet, in order to launch attacks via their victims\u2019 domains.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=47c5970a3f&e=20056c7556<\/p>\n
Technology Overview for Threat Intelligence Platforms
\nThis research describes for CISOs and IT security leaders how threat intelligence platforms allow security organizations to ingest structured and unstructured threat intelligence so they can visualize, correlate and gain context; securely share TI that is machine-readable; and act on it.
\nThreat intelligence platforms (TIPs) are an emerging technology, and organizations investigating their use need to pay close attention to their specific requirements and how they are deployed.
\nAn organization’s inability to share TI is an advantage to cyber threat actors.
\nTI sharing is a force multiplier and is becoming a key element in keeping up with the increasing number of threat actors and the attacks they use.
\nSome pure-play TI providers and industry groups are now delivering TI in nonproprietary machine-readable formats, accelerating the utility and value of machine-readable threat intelligence (MRTI).
\nA TIP is positioned to be the most advanced vehicle to take advantage of this development.
\nThe staffing cost of running a TI capability can put this out of the reach of organizations.
\nA TIP can increase the capacity of existing intelligence teams and lower the threshold required to establish this functionality in existing environments.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=1e1e45186e&e=20056c7556<\/p>\n
Organizations Call for Major Security Vulnerability Remediation Changes
\nNEW YORK, NY–(Marketwired – Nov 4, 2015) – NopSec released its latest report today, “2016 Outlook: Vulnerability Risk Management and Remediation Trends.” Based on a recent survey of 200+ security and IT professionals, the report examines the current state of vulnerability risk management, top prioritization and remediation challenges, and 2016 priorities.
\nView the infographic now.
\n“Vulnerability scanners provide visibility into potential network, application and endpoint risks, but much of the value of that data is lost in a never-ending deluge of spreadsheets, ineffective business processes and lack of cross-team communication.
\nSecurity teams are already drowning, and more data is not always the answer,” added NopSec’s Vice President of Strategy and Operations, Kevin Ketts. “Organizations need clear visibility on what to fix, as well as when and how to fix it.”
\nEven though organizations claim to be actively detecting threats across their environment — nearly 70 percent noted they scan on a daily or weekly basis — they are still lost when it comes to next steps.
\nMore than half (51 percent) of organizations surveyed cited data overload as their biggest challenge to prioritizing data generated from vulnerability scanning, followed by lack of resources (46 percent) and too many false positives (34 percent).
\nRoadblocks to faster remediation include lack of resources (78 percent), competing priorities among internal teams (76 percent) and validity of vulnerability data\/ false positives (70 percent).
\nOrganizations recognize the value of additional context with the majority of respondents (85 percent) citing the use of open source, commercial threat intelligence feeds, or a combination of both, within their current vulnerability management programs.
\nOrganizations know that improving prioritization and remediation is critical to drastically reducing the risk of a data breach.
\nRespondents called out three vulnerability management priorities in 2016: implementing tools to improve vulnerability and threat prioritization (50 percent), scanning networks and applications more frequently (42 percent), and improving communication between remediation teams (40 percent).
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=f09a1417fc&e=20056c7556<\/p>\n
RSA: Cyber-security industry is “fundamentally broken”, says Amit Yoran
\nRSA, The Security Division of EMC EMC, -0.19% today announced new RSA Archer [\u00ae] GRC offerings, enhancing the user experience for all RSA Archer solutions.
\nNew features are engineered to include a walk-up friendly, task-driven user interface and drag-and-drop advanced workflow capabilities to make risk management easy and effective for all “three lines of defense” \u2013 business users, risk managers, and the audit team.
\nAdditionally, new features have been added to RSA Archer Operational Risk Management to help streamline how organizations identify, assess, respond, and monitor existing and emerging risks.
\nNew advanced configuration options also are engineered to allow business unit managers to view a history of their risk activity, configure key reports, and customize action buttons to quickly access specific risk-related actions from a single dashboard.
\nAdditionally, RSA Archer Operational Risk Management now is designed to make it easier for risk managers to manage assessment campaigns, track metrics and loss events, and report on risk with thousands of out-of-the-box reports, risk analytics, dashboards and an ad hoc reporting tool.
\nThis helps provide business units and risk managers with a thorough understanding of the risk environment, and enables more effective communication of the potential impact risk could have on the business \u2013 both good and bad \u2013 to executive management.
\nBy proactively linking risk management to business objectives, risk can be harnessed and become a new source of competitive advantage.
\nInfosec is “fundamentally broken”.
\nThat was the bold claim today from Amit Yoran, the president of RSA and former cyber-security director at the US Department of Homeland Security.
\nHe was speaking this morning at RSA Middle East in Abu Dhabi, a place, he said, where “if it isn’t gold, it isn’t welcome”.
\n\u201cToday’s threats are from aggressive professional actors,\u201d said Yoran before proceeding to dump on that \u201cglorious and useless money pit, we call the SIEM.\u201d
\nIt’s indicative of an industry asleep at the wheel, and if nothing is done, warned Yoran, \u201cit’s going to get worse”.
\nFirst, advanced protections fail, he said: \u201cDon’t make the mistake of thinking that an anti-malware solution is a strategy.\u201d You can put as many walls up as you want, but sooner or later an adversary is going to find a way around, under or over them.
\nSecond, we need pervasive and true vulnerability awareness, all the way from the network to the endpoint and into the cloud. \u201cYou wouldn’t do brain surgery in the dark,\u201d Yoran reminded the audience.
\nDon’t act first, think first, he said.
\nThe single biggest mistake of any cyber-security team after breach is to try and clean up their system before understanding the extent of the breach.
\nThird, as attackers get more determined, more creative and pick their targets more carefully, identity and authentication is going to get even more important.
\nMalware, while still big, was the primary attack vector in less than half of recorded cases.
\nInstead, attackers steal access credentials and just \u201cwalk right in\u201d.
\nLink: http:\/\/paulgdavis.us3.list-manage2.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=54bfa61411&e=20056c7556<\/p>\n
Software-Defined Perimeter enables application-specific access control
\nSDP shrinks the perimeter down to the servers that deliver critical applications to end users.
\nBy doing that, as shown in the diagram to the left, the \u201cbad actors\u201d are again on the outside of the perimeter and the servers are hidden to them.
\nThis creates a very strong security model.
\nHowever, by shrinking the perimeter, the \u201cgood guys\u201d are now outside the perimeter as well.
\nTo complete the solution, a process is needed for identifying the \u201cgood guys\u201d and proving them secure access to their authorized applications.
\nTo achieve that, Software Defined Perimeter separates the control channel from the packet path.
\nThe control path is used to assess user trust, authenticity, and authorization; and then to establish packet path connectivity for users or systems that are deemed trustworthy.
\nSDP puts all legitimate users of applications outside the shrunken perimeter, at the same time provides a robust method for identifying trusted authorized users to enable very granular access to just the application servers and servers they need to access.
\nThis model can be applied to provide restricted connectivity\u2014therefore even more securely\u2014for all types of users and devices, including less trusted users (e.g., contractors, external subject matter experts, business partners) and less trusted devices (e.g., employee mobile devices, non-managed laptops).
\nConnectivity is productivity\u2014so anything that promotes it without sacrificing security is of huge value.
\nSDP provides a server perimeter that can be deployed anywhere there is a server.
\nSDP represents a common access control model that an enterprise can use to control access to any of their applications, independent of location\u2014internal data center, internet data center, cloud service provider, hybrids, and so on.
\nSDP represents a unified solution not only for restoring security to the traditional enterprise architecture, but also for providing an ideal solution for all the new IT trends of BYOD, cloud migration, and complex business ecosystems.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=f81422f7c3&e=20056c7556<\/p>\n
============================================================
\nFeedback, questions? Our mailing address is: ** dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)<\/p>\n
If you know someone else who would be interested in this Newsalert, please forwarded this email.
\nIf you want to be added to the distribution list, please click this: ** Subscribe to this list (http:\/\/paulgdavis.us3.list-manage.com\/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)<\/p>\n
** Unsubscribe from this list (http:\/\/paulgdavis.us3.list-manage2.com\/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=5a84622bb5)<\/p>\n
** Update subscription preferences (http:\/\/paulgdavis.us3.list-manage.com\/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)<\/p>\n","protected":false},"excerpt":{"rendered":"
[From the desk of Paul Davis – his opinions and no-one else’s] Apart from the reporter’s opinions \ud83d\ude09 So onto the news: FFIEC Releases Statement on Cyber Attacks Involving Extortion The Federal Financial Institutions Examination Council (FFIEC) members today issued a statement alerting financial institutions to the increasing frequency and…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[29],"tags":[],"class_list":["post-1166","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1166","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=1166"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1166\/revisions"}],"predecessor-version":[{"id":3653,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1166\/revisions\/3653"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=1166"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=1166"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=1166"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}