{"id":11294,"date":"2024-06-13T13:02:26","date_gmt":"2024-06-13T07:32:26","guid":{"rendered":"https:\/\/threatcop.com\/blog\/?p=11294"},"modified":"2024-08-14T15:31:42","modified_gmt":"2024-08-14T10:01:42","slug":"how-pdfs-can-deliver-malware-and-how-to-stay-safe","status":"publish","type":"post","link":"https:\/\/threatcop.com\/blog\/how-pdfs-can-deliver-malware-and-how-to-stay-safe\/","title":{"rendered":"How PDFs Can Deliver Malware and How to Stay Safe"},"content":{"rendered":"<p style=\"text-align: justify;\"><span style=\"color: #000000;\">PDFs are a staple in our digital world, used for everything from reports to resumes. PDFs are another popular medium through which cybercriminals can deliver malware (and for a good reason). These could be the compromising of personal details, the corruption of your device, or the entire business being stopped in its tracks. This specific security company detected Foxit Reader to be hiding an undisclosed vector, which was until now being used in this friendly file reader.<\/span><\/p><div id=\"ez-toc-container\" class=\"ez-toc-v2_0_84 ez-toc-wrap-center counter-hierarchy ez-toc-counter ez-toc-light-blue ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #414141;color:#414141\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #414141;color:#414141\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/threatcop.com\/blog\/how-pdfs-can-deliver-malware-and-how-to-stay-safe\/#How_do_Attackers_Exploit_PDFs\" >How do Attackers Exploit PDFs?<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/threatcop.com\/blog\/how-pdfs-can-deliver-malware-and-how-to-stay-safe\/#Book_a_Free_Demo_Call_with_Our_People_Security_Expert\" >Book a Free Demo Call with Our People Security Expert<\/a><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/threatcop.com\/blog\/how-pdfs-can-deliver-malware-and-how-to-stay-safe\/#Enter_your_details\" >Enter your details<\/a><\/li><\/ul><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/threatcop.com\/blog\/how-pdfs-can-deliver-malware-and-how-to-stay-safe\/#How_a_Flaw_in_Foxit_Reader_Puts_Users_at_Risk\" >How a Flaw in Foxit Reader Puts Users at Risk?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/threatcop.com\/blog\/how-pdfs-can-deliver-malware-and-how-to-stay-safe\/#How_Attackers_Abused_Foxit_Reader\" >How Attackers Abused Foxit Reader?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/threatcop.com\/blog\/how-pdfs-can-deliver-malware-and-how-to-stay-safe\/#How_to_Stay_Safe_from_Malicious_PDFs\" >How to Stay Safe from Malicious PDFs?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/threatcop.com\/blog\/how-pdfs-can-deliver-malware-and-how-to-stay-safe\/#Empowering_Your_Organization_with_Threatcop\" >Empowering Your Organization with Threatcop<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/threatcop.com\/blog\/how-pdfs-can-deliver-malware-and-how-to-stay-safe\/#Highlights_of_TPIR\" >Highlights of TPIR<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/threatcop.com\/blog\/how-pdfs-can-deliver-malware-and-how-to-stay-safe\/#Highlights_of_TSAT\" >Highlights of TSAT<\/a><\/li><\/ul><\/li><\/ul><\/nav><\/div>\n\n<p style=\"text-align: justify;\"><span style=\"color: #000000;\">In this blog, we will easily learn how PDFs can be used to deliver malware and what we can do to protect ourselves. We will take you through two powerful tools, TPIR (Threatcop Phishing Incident Response) and TSAT (Threatcop Security Awareness Training), to protect your organization from these threats.<\/span><\/p>\n\n<style type=\"text\/css\">\n      @media print, screen and (max-width: 63.99875em){\n      .tnp-submit\n      width: 48%;\n      }\n      .wp-block-tnp-minimal{\n      padding: 20px;\n      }\n      .blog_para\n      margin-top: 4px !important;\n      line-height: 25px !important;\n      font-size: 15px !important;\n      }\n\n      }\n      .blog_para{\n      font-family: jost,sans-serif;\n      margin-top: 14px;\n      margin-bottom: 30px;\n      color: #fff;\n      font-size: 15px !important;\n      color: black !important;\n\n      }\n\n      .wp-block-tnp-minimal{\n      padding:20px;\n      border: 1px solid grey;\n      }\n\n      .tnp-submit a{\n        background: #1d58c7!important;\n    border-radius: 5px!important;\n    text-transform: inherit!important;\n    padding: 8px 25px!important;\n    font-weight: 600!important;\n    color: #fff!important;\n    width: 30%!important;\n    border: none;\n      }\n\n      .blog_get{\n      font-size: 24px !important;\n      font-weight: 700;\n      padding-bottom: 0px;\n    font-family: 'Poppins' !important;\n      margin-bottom: 0px;\n      margin-top: 0px;\n      margin-bottom: 0px !important;\n      color: white;\n          line-height: 30px;\n          color: white;\n      }\n      .row{\n             display: flex;\n    flex-wrap: wrap;\n    flex-direction: row;\n    padding: 25px 0px 25px 36px;\n    align-items: center;\n\n      }\n\n.colLeft{\n         flex-basis:50%;\n    -webkit-box-flex: 0;\n    flex-grow: 0;\n    max-width: 50%;\n    color: white;\n}\n    \n .colRight{\n       flex-basis: 45%;\n    -webkit-box-flex: 0;\n    flex-grow: 0;\n    max-width: 50%;\n }\n\n.tnp-subscription-minimal{\n    float: right;\n}\n<\/style>\n<div style=\"max-width: 741px; margin: 0 auto; background-image: url('https:\/\/awareness.threatcop.ai\/marketing\/linkedinlowerbanner.webp'); background-repeat: no-repeat; background-size: cover; background-position: center; \">\n<div class=\"row\">\n<div class=\"colLeft\">\n<p class=\"blog_get\" style=\"font-family: 'Poppins' !important; color: white !important\">Subscribe to Our Newsletter On Linkedin<\/p>\n<p class=\"blog_para\" style=\"font-size: 16px;font-family: 'Poppins' !important; color: white !important; margin-top: 10px; margin-bottom: 28px;line-height: 25px;\">Sign up to Stay Tuned with the Latest Cyber Security News and Updates<\/p>\n\n<div>\n<div class=\"tnp\" style=\"margin-bottom: 10px;\">\n            <form action=\"https:\/\/threatcop.com\/newsletter-thank-you\" method=\"get\" target=\"_blank\">\n<div class=\"tnp-submit\">\n                  <a class=\"libutton\" href=\"https:\/\/www.linkedin.com\/build-relation\/newsletter-follow?entityUrn=7062043746430783488\" target=\"_blank\" rel=\"noopener\">Subscribe<\/a><\/div>\n<\/form><\/div>\n<\/div>\n<\/div>\n<div class=\"colRight\">\n<div>\n<div class=\"tnp tnp-subscription-minimal \">\n            <img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/marketing\/newsletter-icon.webp\" class=\"img-fluid\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"How_do_Attackers_Exploit_PDFs\"><\/span><strong>How do Attackers Exploit PDFs?<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">PDFs seem harmless. They might include text, images, and even some interactive elements. But, you can hide hidden code in a PDF file so that when you open the file, this code may be executed. This code can download malware to your device, steal your login credentials, or even send you to a phishing site.<\/span><\/p>\n\n\n<div class=\"wp-block-image wp-image-11296 size-full\">\n<figure class=\"aligncenter\"><img loading=\"lazy\" decoding=\"async\" width=\"782\" height=\"414\" src=\"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2024\/06\/Infection-Chain_PDF-3.png\" alt=\"\" class=\"wp-image-11296\"\/><figcaption class=\"wp-element-caption\">Example of the Infection Chain in Acrobat Reader (Source: McAfee)<\/figcaption><\/figure>\n<\/div>\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">This new research has identified a more nuanced hack. Billion Citizen, which found the technique, <strong>reported a pattern of abuse targeting more than 700 million Foxit Reader users everywhere <\/strong>in the world. Most users have opened a PDF only to see a security pop-up, prompting them to enter their password. It may appear real and convince you to take action. Social engineering operates on human psychology. The warning convinces users to click or take action on an otherwise user-initiated action, such as receiving sensitive information or executing harmful programs. It does this by inducing the device to issue apparent security alerts. This is the kind of misleading warning that could get users tricked into doing something that will make them much more insecure.<\/span><\/p>\n\n\n\n<!DOCTYPE html>\n<html lang=\"en\">\n\n<head>\n    <meta charset=\"UTF-8\">\n    <meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n    <meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\">\n    <title>Document<\/title>\n<\/head>\n\n<style>\n    .interestedBtn {\n        width: 80% !important;\n        box-sizing: border-box !important;\n        display: inline-block !important;\n        padding: 11px !important;\n        border: 1px !important;\n        border-color: #ddd !important;\n        margin-top: 10px !important;\n        background-color: #183e8b !important;\n        background-image: none !important;\n        text-shadow: none !important;\n        color: #fff !important;\n        font-size: 14px !important;\n        line-height: 20px !important;\n        border-radius: 5px !important;\n        margin: 0 !important;\n        cursor: pointer !important;\n        box-shadow: 0px 4.66px 22.99px 0px rgba(0, 0, 0, 0.10);;\n    }\n\n\n        .formSec .formSecTwo{\n            padding-top: 15px !important;\n            margin-bottom: 30px !important;\n        }\n\n\n    .tnp-email {\n        width: 80% !important;\n        box-sizing: border-box;\n        padding: 8px 10px;\n        display: inline-block;\n        border: 1px solid #ced4da;\n        background: #fff;\n        color: #000 !important;\n        font-size: 13px;\n        line-height: 20px;\n        border-radius: 2px;\n        padding-right: 30px;\n        margin-bottom: 0px;\n    }\n\n    .formSec {\n        border: 1px solid #ced4da;\n        float: left !important;\n        width: 55% !important;\n    }\n\n    .mainBox {\n       \/* border: 1px solid #183e8b;*\/\n         background: white;\n        max-width: 600px !important;\n        margin: 0 auto !important;\n        padding: 20px !important;\n        font-family: Arial, Helvetica, sans-serif !important;\n    }\n\n    .boxDiv {\n        display: flex !important;\n    }\n\n    .boxConsult {\n        float: left !important;\n        width: 45% !important;\n        padding: 10px !important;\n    }\n\n    .formSecTwo {\n        text-align:center !important;\n        width: 100% !important;\n    }\n\n    .formHeading {\n        font-family: Arial, Helvetica, sans-serif;\n        margin-top: 0px;\n        font-weight: 700;\n        line-height: 25px;\n        font-size: 18px !important;\n        \n       margin-bottom: 60px !important;\n       color: #000!important;\n          margin-top: 5px !important;\n    }\n\n    .fieldHeading {\n        margin: 0 !important;\n        font-size: 13px !important;\n        text-align: left !important;\n        margin: 0px 39px 2px 93px !important;\n        font-weight: 500 !important;\n    }\n\n    .image {\n        max-width:90% !important;\n        height: auto !important;\n    }\n\n     .email-icon {\n            position: absolute;\n            right: 50px;\n             top: 20px;\n            transform: translateY(-50%);\n            pointer-events: none; \n        }\n\n          .email-container{\n             position: relative;\n         \n        }\n       \n\n        .email-icon img{\n                 width: 15px;\n        }\n\n\n         input::placeholder {\n            color:#495057;\n        }\n\n\n     ::placeholder {\n        color: #495057;\n    }\n\n        ::-ms-input-placeholder { \n          color:#495057;\n        }\n\n\n        input:-webkit-autofill {\n            background-color: transparent !important;\n            -webkit-box-shadow: 0 0 0px 1000px white inset !important; \n            box-shadow: 0 0 0px 1000px white inset !important;\n            color: #495057 !important; \n        }\n\n        \n        input {\n            color:#495057 !important;\n        }\n\n\n    @media screen and (max-width: 480px) {\n        .boxDiv {\n            display: block !important;\n            padding: 15px !important;\n         \n        }\n\n        .image{\n        width: 80% !important;\n         margin-bottom: 14px;\n        }\n        .fieldHeading {\n            text-align: left !important;\n            margin: unset !important;\n        }\n\n        .boxConsult {\n            width: unset !important;\n            float: none !important;\n        }\n\n        .mainBox {\n            border: unset !important;\n        }\n\n        .formSec {\n            float: unset !important;\n            width: 100% !important;\n        }\n\n        .formSecTwo {\n            text-align: center !important;\n        }\n\n        .tnp-email {\n            width: 90% !important;\n        }\n\n        .formHeading {\n            margin-bottom: unset !important;\n        }\n\n         .email-icon {\n            position: absolute;\n            right: 25px;\n            top: 58%;\n            transform: translateY(-50%);\n            pointer-events: none; \/* Make sure the icon doesn't block clicking on the input *\/\n        }\n       \n        .email-container{\n             position: relative;\n        }\n\n    }\n<\/style>\n\n<body>\n\n    <div class=\"mainBox\" box-sizing:=\"\" border-box;=\"\">\n\n        <div class=\"boxDiv\">\n\n            <div class=\"boxConsult\">\n                <div>\n                    <h3 class=\"formHeading\" style=\" font-size: 16px !important;\"><span class=\"ez-toc-section\" id=\"Book_a_Free_Demo_Call_with_Our_People_Security_Expert\"><\/span>\n                        Book a Free Demo Call with Our People Security Expert<span class=\"ez-toc-section-end\"><\/span><\/h3>\n                <\/div>\n                <img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/threatcop_blog\/form.svg\" class=\"image\">\n            <\/div>\n\n            <div class=\"formSec\">\n                <div class=\" formSecTwo\">\n                    <h4 style=\"margin-top: 0; font-size: 16px !important;\"><span class=\"ez-toc-section\" id=\"Enter_your_details\"><\/span>Enter your details<span class=\"ez-toc-section-end\"><\/span><\/h4>\n                    <div class=\"tnp tnp-subscription-minimal\">\n                        <form action=\"https:\/\/threatcop.com\/thankyou-blog\" method=\"get\" target=\"_blank\">\n                            <div class=\"email-container\" style=\"margin-bottom:20px;\">\n\n                                <input class=\"tnp-email\" type=\"text\" required=\"\" name=\"FullName\" value=\"\"\n                                    placeholder=\"Full Name\">\n                                    <span class=\"email-icon\"><img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/threatcop_blog\/icon01.svg\" class=\"img-fluid\" \/><\/span>\n                            <\/div>\n\n                            <div class=\"email-container\" style=\"margin-bottom:20px;\">\n                               \n                                <input class=\"tnp-email\" type=\"email\" required=\"\" name=\"email\" value=\"\"\n                                    placeholder=\"Corporate Email Id\">\n                                     <span class=\"email-icon\"><img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/threatcop_blog\/icon02.svg\" class=\"img-fluid\" \/><\/span>\n                            <\/div>\n\n                            <div class=\"email-container\" style=\"margin-bottom:20px;\">\n                               \n                                <input class=\"tnp-email\" type=\"text\" required=\"\" name=\"CompanyName\" value=\"\"\n                                    placeholder=\"Company Name\">\n                                    <span class=\"email-icon\"><img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/threatcop_blog\/icon03.svg\" class=\"img-fluid\" \/><\/span>\n\n                            <\/div>\n\n                            <div class=\"email-container\">\n                               \n                                <input class=\"tnp-email\" type=\"number\" required=\"\" name=\"Phone\" value=\"\"\n                                    placeholder=\"Phone No.\"><br>\n                                    <span class=\"email-icon\"><img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/threatcop_blog\/icon04.svg\" class=\"img-fluid\" \/><\/span>\n                            <\/div>\n                            <input type=\"hidden\" name=\"BlogForm\" value=\"BlogForm\"><br>\n                            <input class=\"tnp-submit interestedBtn\" name=\"submit\" type=\"submit\"\n                                value=\"SUBMIT\">\n\n                        <\/form>\n                    <\/div>\n                <\/div>\n            <\/div>\n\n        <\/div>\n    <\/div>\n\n<\/body>\n\n<\/html>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"How_a_Flaw_in_Foxit_Reader_Puts_Users_at_Risk\"><\/span><b>How a Flaw in Foxit Reader Puts Users at Risk?<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">A popular PDF reader might let attackers run dangerous code, and a scareware scam preys on Google Chrome users. So the fault is of Foxit Reader&#8217;s warning messages design.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">Here&#8217;s the breakdown:<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\"><strong>Design Flaw:<\/strong>&nbsp; Foxit Reader&#8217;s warning messages have a default option that, unfortunately, can be the most harmful choice.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\"><strong>Double Trouble:<\/strong> When this default is clicked twice by the user without looking for other options, it will trigger the explosion. This downloads and executes malicious code from a remote server, effectively giving intruders a key to the house.<\/span><\/p>\n\n\n<div class=\"wp-block-image wp-image-11299 size-full\">\n<figure class=\"aligncenter\"><img loading=\"lazy\" decoding=\"async\" width=\"782\" height=\"331\" src=\"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2024\/06\/Face-of-PDF-sampl_PDF-4.png\" alt=\"\" class=\"wp-image-11299\"\/><figcaption class=\"wp-element-caption\">(Source: McAfee)<\/figcaption><\/figure>\n<\/div>\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">As we mentioned earlier, this explosion is not only a one-trick pony. This technique has been used by both e-crime and espionage-focused cybercriminals.&nbsp;<\/span><span style=\"font-weight: 400; color: #000000;\">Investigating further, the research team turned up several notable real-world cases:<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\"><strong>Espionage Case:<\/strong> There is a suspicion that this exploit would have been used by a group responsible for espionage (APT-C-35 \/ DoNot Team). This group appears to be able to conduct multi-staged attacks against multiple devices and, as demonstrated, is able to compromise 2FA.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\"><strong>Cybercrime Bonanza:<\/strong> Garden-variety cybercriminals too have been abusing the vulnerability of a variety of malware families, among them digital scourges with names like ImminentRAT and NanoCore RAT.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\"><strong>Researchers found a Social Engineering Twist:<\/strong> Even an incident where the exploit was likely delivered via Facebook, triggering the infection of information stealers and crypto miner downloads.<\/span><\/p>\n\n\n<div class=\"wp-block-image wp-image-11297 size-full\">\n<figure class=\"aligncenter\"><img loading=\"lazy\" decoding=\"async\" width=\"642\" height=\"345\" src=\"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2024\/06\/customer-Telemetry_percent-PDF-2.png\" alt=\"\" class=\"wp-image-11297\"\/><figcaption class=\"wp-element-caption\">Rise in PDF malware (Source: McAfee)<\/figcaption><\/figure>\n<\/div>\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"How_Attackers_Abused_Foxit_Reader\"><\/span><strong>How Attackers Abused Foxit Reader?<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">The story doesn&#8217;t end with the basic flaw in Foxit Reader. Here&#8217;s how attackers made things even trickier:<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\"><strong>Double the Deceit:<\/strong> Researchers also discovered a separate campaign where attackers employed two interconnected PDF files. One of them was quite clever and was hosted on a legitimate site as well (Trello.com) to appear trustworthy. This demonstrates the significance of vigilance, even with the links that look kind of safe.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\"><strong>Like a Used Yugo:<\/strong> The group behind these attacks was so bold that they were even selling this exploit as a service, using the ID &#8220;@silentkillertv.&#8221; This is another area that is making a business around these vulnerabilities.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\"><strong>Building Bad PDFs:<\/strong> The researchers also found tools the attackers used to build their own malicious PDFs and take advantage of this Foxit Reader zero-day. However, most of these PDFs were widely distributed and executed malicious code retrieved from remote servers.<\/span><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"How_to_Stay_Safe_from_Malicious_PDFs\"><\/span><strong><span style=\"color: #000000;\">How to Stay Safe from Malicious PDFs?<\/span><\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\"><strong>Be cautious with email:<\/strong> do not open attachments from unknown addresses, even if the email appears to come from a legitimate source. Beware of emails with urgent language, poor grammar,<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\"><strong>Check the sender:<\/strong>&nbsp;Confirm the email address of the sender. Attackers frequently spoof email addresses.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\"><strong>Avoid clicking any and all suspicious links<\/strong>: A link inside a PDF is as dangerous as a link given out in the open. Do not click any link unless you are 100% sure it is real.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\"><strong>Update the software:<\/strong> Make sure to update your PDF reader and your OS such that the software includes the latest patches available<\/span><\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter\"><img loading=\"lazy\" decoding=\"async\" width=\"284\" height=\"177\" src=\"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2024\/06\/pdf-image-1.png\" alt=\"\" class=\"wp-image-11300\"\/><\/figure>\n<\/div>\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Empowering_Your_Organization_with_Threatcop\"><\/span><strong><span style=\"color: #000000;\">Empowering Your Organization with Threatcop<\/span><\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">Threatcop Phishing Incident Response (<strong><span style=\"color: #183994;\"><a style=\"color: #183994;\" href=\"https:\/\/threatcop.com\/threatcop-phishing-incident-response\">TPIR<\/a><\/span><\/strong>): TPIR allows your employees to report suspicious emails in one click. This protects against phishing and gets the message to your security team, who is best trained to identify and respond to them without unnecessary damage. TPIR reviews the emails submitted, identifies attachments and URLs indicative of malicious emails and instantly emails out the disposition of reviewed threats.<\/span><\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Highlights_of_TPIR\"><\/span><span style=\"font-weight: 400; color: #000000;\">Highlights of TPIR<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><span style=\"font-weight: 400; color: #000000;\"><strong>Malware Analysis:<\/strong> Each reported email is analyzed for malicious attachments using Advanced Malware Analysis techniques.<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400; color: #000000;\"><strong>Heightened Attachment Security<\/strong>: scans attachments against a global threat database and checks the reputation of the sender.<\/span><\/li>\n\n\n\n<li><span style=\"color: #000000;\"><b>User-Reported Analytics:<\/b><span style=\"font-weight: 400;\"> Provides insights into user behavior and identifies employees most susceptible to phishing attacks.<\/span><\/span><\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">Threatcop Security Awareness Training (<strong><span style=\"color: #183994;\"><a style=\"color: #183994;\" href=\"https:\/\/threatcop.com\/threatcop-security-awareness-training\">TSAT<\/a><\/span><\/strong>) trains your employees to recognize and avoid phishing activities such as those delivered in PDF format. TSAT uses computerized models that are AI-powered to create a realistic copy of phishing scenarios posing as real-world attacks enabling your coworkers to rehearse while in a secure space.<\/span><\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Highlights_of_TSAT\"><\/span><span style=\"font-weight: 400; color: #000000;\">Highlights of TSAT<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\"><strong>AI-Powered Simulation:<\/strong> Generates phishing simulation templates driven by artificial intelligence, which can be tailored to any organization.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\"><strong>Multiple Attack Vectors:<\/strong> Helps identify fake emails across different platforms like email, QR codes, and WhatsApp.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\"><strong>Employee Vulnerability Score:<\/strong> It shows who is the most vulnerable against phishing attacks and explains how they should be trained.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">After understanding the risk involved with malicious PDFs, and putting in place the right security measures, organizations can significantly reduce their chances of falling prey to cyber-attacks. To empower your company with the tools and training needed to stay safe in the ever-changing threat landscape of today\u2019s businesses, consider TPIR and TSAT by Threatcop.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>PDFs are a staple in our digital world, used for everything from reports to resumes. PDFs are another popular medium through which cybercriminals can deliver malware (and for a good reason). These could be the compromising of personal details, the corruption of your device, or the entire business being stopped in its tracks. This specific [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":11318,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-11294","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-people-security-insights"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>How PDFs Can Deliver Malware and How to Stay Safe | Threatcop<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/threatcop.com\/blog\/how-pdfs-can-deliver-malware-and-how-to-stay-safe\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How PDFs Can Deliver Malware and How to Stay Safe | Threatcop\" \/>\n<meta property=\"og:description\" content=\"PDFs are a staple in our digital world, used for everything from reports to resumes. PDFs are another popular medium through which cybercriminals can deliver malware (and for a good reason). These could be the compromising of personal details, the corruption of your device, or the entire business being stopped in its tracks. This specific [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/threatcop.com\/blog\/how-pdfs-can-deliver-malware-and-how-to-stay-safe\/\" \/>\n<meta property=\"og:site_name\" content=\"Threatcop\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/people\/Threatcop\/100083109892339\/\" \/>\n<meta property=\"article:published_time\" content=\"2024-06-13T07:32:26+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-08-14T10:01:42+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2024\/06\/PDF-Blog.png\" \/>\n\t<meta property=\"og:image:width\" content=\"2048\" \/>\n\t<meta property=\"og:image:height\" content=\"1169\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Ritu Yadav\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatcop\" \/>\n<meta name=\"twitter:site\" content=\"@threatcop\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ritu Yadav\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/how-pdfs-can-deliver-malware-and-how-to-stay-safe\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/how-pdfs-can-deliver-malware-and-how-to-stay-safe\\\/\"},\"author\":{\"name\":\"Ritu Yadav\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/person\\\/22d5f1d29bffa611a2e16b7e46659bce\"},\"headline\":\"How PDFs Can Deliver Malware and How to Stay Safe\",\"datePublished\":\"2024-06-13T07:32:26+00:00\",\"dateModified\":\"2024-08-14T10:01:42+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/how-pdfs-can-deliver-malware-and-how-to-stay-safe\\\/\"},\"wordCount\":1110,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/how-pdfs-can-deliver-malware-and-how-to-stay-safe\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/06\\\/PDF-Blog.png\",\"articleSection\":[\"People Security\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/threatcop.com\\\/blog\\\/how-pdfs-can-deliver-malware-and-how-to-stay-safe\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/how-pdfs-can-deliver-malware-and-how-to-stay-safe\\\/\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/how-pdfs-can-deliver-malware-and-how-to-stay-safe\\\/\",\"name\":\"How PDFs Can Deliver Malware and How to Stay Safe | Threatcop\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/how-pdfs-can-deliver-malware-and-how-to-stay-safe\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/how-pdfs-can-deliver-malware-and-how-to-stay-safe\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/06\\\/PDF-Blog.png\",\"datePublished\":\"2024-06-13T07:32:26+00:00\",\"dateModified\":\"2024-08-14T10:01:42+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/how-pdfs-can-deliver-malware-and-how-to-stay-safe\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/threatcop.com\\\/blog\\\/how-pdfs-can-deliver-malware-and-how-to-stay-safe\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/how-pdfs-can-deliver-malware-and-how-to-stay-safe\\\/#primaryimage\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/06\\\/PDF-Blog.png\",\"contentUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/06\\\/PDF-Blog.png\",\"width\":2048,\"height\":1169},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/how-pdfs-can-deliver-malware-and-how-to-stay-safe\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"How PDFs Can Deliver Malware and How to Stay Safe\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/\",\"name\":\"Threatcop\",\"description\":\"Cybersecurity Blogs, News, Updates, and Articles\",\"publisher\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#organization\",\"name\":\"Threatcop\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/03\\\/cropped-original-logo-TC.png\",\"contentUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/03\\\/cropped-original-logo-TC.png\",\"width\":951,\"height\":228,\"caption\":\"Threatcop\"},\"image\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/people\\\/Threatcop\\\/100083109892339\\\/\",\"https:\\\/\\\/x.com\\\/threatcop\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/threatcop\\\/\",\"https:\\\/\\\/www.instagram.com\\\/threatcop_official\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/person\\\/22d5f1d29bffa611a2e16b7e46659bce\",\"name\":\"Ritu Yadav\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/11\\\/Ritu-edited.jpg\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/11\\\/Ritu-edited.jpg\",\"contentUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/11\\\/Ritu-edited.jpg\",\"caption\":\"Ritu Yadav\"},\"description\":\"Technical Content Writer at Threatcop Ritu Yadav is a seasoned Technical Content Writer at Threatcop, leveraging her extensive experience as a former journalist with leading media organizations. Her expertise bridges the worlds of in-depth research on cybersecurity, delivering informative and engaging content.\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"How PDFs Can Deliver Malware and How to Stay Safe | Threatcop","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/threatcop.com\/blog\/how-pdfs-can-deliver-malware-and-how-to-stay-safe\/","og_locale":"en_US","og_type":"article","og_title":"How PDFs Can Deliver Malware and How to Stay Safe | Threatcop","og_description":"PDFs are a staple in our digital world, used for everything from reports to resumes. PDFs are another popular medium through which cybercriminals can deliver malware (and for a good reason). These could be the compromising of personal details, the corruption of your device, or the entire business being stopped in its tracks. This specific [&hellip;]","og_url":"https:\/\/threatcop.com\/blog\/how-pdfs-can-deliver-malware-and-how-to-stay-safe\/","og_site_name":"Threatcop","article_publisher":"https:\/\/www.facebook.com\/people\/Threatcop\/100083109892339\/","article_published_time":"2024-06-13T07:32:26+00:00","article_modified_time":"2024-08-14T10:01:42+00:00","og_image":[{"width":2048,"height":1169,"url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2024\/06\/PDF-Blog.png","type":"image\/png"}],"author":"Ritu Yadav","twitter_card":"summary_large_image","twitter_creator":"@threatcop","twitter_site":"@threatcop","twitter_misc":{"Written by":"Ritu Yadav","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/threatcop.com\/blog\/how-pdfs-can-deliver-malware-and-how-to-stay-safe\/#article","isPartOf":{"@id":"https:\/\/threatcop.com\/blog\/how-pdfs-can-deliver-malware-and-how-to-stay-safe\/"},"author":{"name":"Ritu Yadav","@id":"https:\/\/threatcop.com\/blog\/#\/schema\/person\/22d5f1d29bffa611a2e16b7e46659bce"},"headline":"How PDFs Can Deliver Malware and How to Stay Safe","datePublished":"2024-06-13T07:32:26+00:00","dateModified":"2024-08-14T10:01:42+00:00","mainEntityOfPage":{"@id":"https:\/\/threatcop.com\/blog\/how-pdfs-can-deliver-malware-and-how-to-stay-safe\/"},"wordCount":1110,"commentCount":0,"publisher":{"@id":"https:\/\/threatcop.com\/blog\/#organization"},"image":{"@id":"https:\/\/threatcop.com\/blog\/how-pdfs-can-deliver-malware-and-how-to-stay-safe\/#primaryimage"},"thumbnailUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2024\/06\/PDF-Blog.png","articleSection":["People Security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/threatcop.com\/blog\/how-pdfs-can-deliver-malware-and-how-to-stay-safe\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/threatcop.com\/blog\/how-pdfs-can-deliver-malware-and-how-to-stay-safe\/","url":"https:\/\/threatcop.com\/blog\/how-pdfs-can-deliver-malware-and-how-to-stay-safe\/","name":"How PDFs Can Deliver Malware and How to Stay Safe | Threatcop","isPartOf":{"@id":"https:\/\/threatcop.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/threatcop.com\/blog\/how-pdfs-can-deliver-malware-and-how-to-stay-safe\/#primaryimage"},"image":{"@id":"https:\/\/threatcop.com\/blog\/how-pdfs-can-deliver-malware-and-how-to-stay-safe\/#primaryimage"},"thumbnailUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2024\/06\/PDF-Blog.png","datePublished":"2024-06-13T07:32:26+00:00","dateModified":"2024-08-14T10:01:42+00:00","breadcrumb":{"@id":"https:\/\/threatcop.com\/blog\/how-pdfs-can-deliver-malware-and-how-to-stay-safe\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/threatcop.com\/blog\/how-pdfs-can-deliver-malware-and-how-to-stay-safe\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/threatcop.com\/blog\/how-pdfs-can-deliver-malware-and-how-to-stay-safe\/#primaryimage","url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2024\/06\/PDF-Blog.png","contentUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2024\/06\/PDF-Blog.png","width":2048,"height":1169},{"@type":"BreadcrumbList","@id":"https:\/\/threatcop.com\/blog\/how-pdfs-can-deliver-malware-and-how-to-stay-safe\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/threatcop.com\/blog\/"},{"@type":"ListItem","position":2,"name":"How PDFs Can Deliver Malware and How to Stay Safe"}]},{"@type":"WebSite","@id":"https:\/\/threatcop.com\/blog\/#website","url":"https:\/\/threatcop.com\/blog\/","name":"Threatcop","description":"Cybersecurity Blogs, News, Updates, and Articles","publisher":{"@id":"https:\/\/threatcop.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/threatcop.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/threatcop.com\/blog\/#organization","name":"Threatcop","url":"https:\/\/threatcop.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/threatcop.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2022\/03\/cropped-original-logo-TC.png","contentUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2022\/03\/cropped-original-logo-TC.png","width":951,"height":228,"caption":"Threatcop"},"image":{"@id":"https:\/\/threatcop.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/people\/Threatcop\/100083109892339\/","https:\/\/x.com\/threatcop","https:\/\/www.linkedin.com\/company\/threatcop\/","https:\/\/www.instagram.com\/threatcop_official\/"]},{"@type":"Person","@id":"https:\/\/threatcop.com\/blog\/#\/schema\/person\/22d5f1d29bffa611a2e16b7e46659bce","name":"Ritu Yadav","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/11\/Ritu-edited.jpg","url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/11\/Ritu-edited.jpg","contentUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/11\/Ritu-edited.jpg","caption":"Ritu Yadav"},"description":"Technical Content Writer at Threatcop Ritu Yadav is a seasoned Technical Content Writer at Threatcop, leveraging her extensive experience as a former journalist with leading media organizations. Her expertise bridges the worlds of in-depth research on cybersecurity, delivering informative and engaging content."}]}},"_links":{"self":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts\/11294","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/comments?post=11294"}],"version-history":[{"count":7,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts\/11294\/revisions"}],"predecessor-version":[{"id":11813,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts\/11294\/revisions\/11813"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/media\/11318"}],"wp:attachment":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/media?parent=11294"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/categories?post=11294"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/tags?post=11294"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}