{"id":3762,"date":"2024-05-27T10:57:31","date_gmt":"2024-05-27T15:57:31","guid":{"rendered":"https:\/\/efficientip.com\/?p=74655"},"modified":"2024-05-27T10:57:31","modified_gmt":"2024-05-27T15:57:31","slug":"a-year-in-review-google-zip-tld-dns-security-challenges","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2024\/05\/27\/a-year-in-review-google-zip-tld-dns-security-challenges\/","title":{"rendered":"A Year in Review: Google .zip TLD DNS Security Challenges"},"content":{"rendered":"<figure class=\"wp-block-image size-large\"><img data-recalc-dims=\"1\" fetchpriority=\"high\" title=\"a Year in Review Google zip Tld Dns Security Challenges | Efficientip\" fetchpriority=\"high\" decoding=\"async\" width=\"640\" height=\"335\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/a-year-in-review-google-zip-tld-dns-security-challenges.jpg?resize=640%2C335&#038;ssl=1\" alt=\"a Year in Review Google zip Tld Dns Security Challenges\" class=\"wp-image-74697\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/a-year-in-review-google-zip-tld-dns-security-challenges.jpg 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/a-year-in-review-google-zip-tld-dns-security-challenges-4.jpg 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/a-year-in-review-google-zip-tld-dns-security-challenges-5.jpg 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/a-year-in-review-google-zip-tld-dns-security-challenges-6.jpg 480w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/a-year-in-review-google-zip-tld-dns-security-challenges-7.jpg 1200w\" sizes=\"(max-width: 1024px) 100vw, 1024px\"><\/figure>\n<p>One year after <a href=\"https:\/\/blog.google\/products\/registry\/8-new-top-level-domains-for-dads-grads-tech\/\" target=\"_blank\" rel=\"noopener\" title>Google .zip TLD (Top Level Domains)\u2019s launch<\/a>, we take a retrospective look at its impact on DNS security. The introduction of domain extensions mimicking common file extensions was met with both excitement and concern. While it opened new avenues for legitimate use, it also posed significant security challenges, particularly in the realms of phishing campaigns and malware distribution.<\/p>\n<h3 class=\"wp-block-heading\"><strong>Research Overview<\/strong><\/h3>\n<p>EfficientIP has been closely monitoring the Google domains since its inception. Our research involved analyzing approximately 17,000 .Google .zip TLD cybersecurity over the past year in our customers\u2019 traffic. We tracked Google domain registrations, their active versus inactive states, and the nature of user interactions with these domains, categorizing them as safe, suspicious, or malicious. A deeper analysis was conducted on domains containing installers in their HTML, a strong indicator of malicious activity.<\/p>\n<p>Our methodology included:<\/p>\n<ul>\n<li>Monitoring domain registrations: we observed a surge in registered domains immediately following the TLD\u2019s launch. These early registrations included a variety of uses, from genuine business applications to deceptive and harmful purposes.&nbsp;<\/li>\n<li>Tracking domain activity: we monitored which domains were active, which had gone down, and which exhibited suspicious or malicious behavior.<\/li>\n<li>User interaction analysis: we analyzed actual user attempts to access .zip domains and categorized these domains based on their safety.<\/li>\n<li>HTML content analysis: we performed a deep dive into the content of these domains, especially those that contained installer files, to identify potential threats. Although most of the HTML content consisted of text, the number of domains hosting applications is very concerning.<\/li>\n<\/ul>\n<h3 class=\"wp-block-heading\"><strong>Research Results Overview<\/strong><\/h3>\n<p>Our analysis provided several key critical insights and findings:<\/p>\n<ol>\n<li><strong>Domain Registration Trends:<\/strong> There was an initial spike in .zip domain registrations, primarily driven by curiosity and the potential for innovative uses. However, this surge also attracted threat actors looking to register domains and deceive users by exploiting the familiarity of the .zip files extension.<\/li>\n<li><strong>Active vs. Inactive Domains: <\/strong>Over the year, we noticed a decline in the proportion of active .zip domains. Many domains that were initially registered became inactive or were taken down due to malicious activity or other reasons. . However, the content on these sites remains a concern, with many containing executable files that could be malicious\u200b\u200b\u200b\u200b.<\/li>\n<li><strong>Suspicious and Malicious Content:<\/strong> The proportion of suspicious websites increased from 11.9% to 18.5% over the year. This rise indicates a growing .zip TLD cybersecurity impact. We discovered that many of these domains contained installer files, a significant indicator of potential malware. This trend highlights the increasing use of .zip domains for distributing malicious software\u200b\u200b\u200b\u200b.<\/li>\n<li><strong>Common Malicious Patterns:<\/strong> Our analysis revealed common patterns among malicious .zip domains. These included the use of well-known software update names, eg. \u201cwindows-updater.zip,\u201d \u201cmsteams-update.zip\u201d, to trick users into downloading malware. This tactic exploits the familiarity and trust users place in these names to increase the likelihood of successful .zip phishing attacks and malware distribution.<\/li>\n<\/ol>\n<h3 class=\"wp-block-heading\"><strong>Cybersecurity and DNS Security Challenges introduced by Google .zip TLD<\/strong><\/h3>\n<p>The introduction of Google\u2019s .zip TLD has significantly increased the security risks associated with DNS server due to its resemblance to the common .zip file extension. This resemblance causes confusion for both users and automated systems, leading to several critical vulnerabilities.<\/p>\n<h4 class=\"wp-block-heading\"><strong>Phishing, Domain Spoofing, and Social Engineering<\/strong><\/h4>\n<p>The automatic interpretation of .zip strings as URLs in messaging applications and web browsers presents a substantial risk. For example, text like \u201cupdate.zip\u201d can be turned into a clickable link. This is particularly problematic in chat applications, where it can trigger DNS or web queries to display a thumbnail of the linked page. In the example below we can see that what appears to be a legitimate link to a file on GitHub might actually direct users to a deceptive domain such as \u201cv15.zip,\u201d exploiting fake characters like confusable fraction slash instead of slash to create a misleading appearance. Such scenarios are prime opportunities for domain spoofing, phishing, and social engineering attacks, where users are tricked into clicking on malicious links, sharing personal information such as credit card data or login credentials, and opening the door for threat actors.<\/p>\n<figure class=\"wp-block-image size-full\"><img data-recalc-dims=\"1\" title=\"Email Isabella Morales | Efficientip\" decoding=\"async\" width=\"640\" height=\"469\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/a-year-in-review-google-zip-tld-dns-security-challenges-1.jpg?resize=640%2C469&#038;ssl=1\" alt=\"Email Isabella Morales\" class=\"wp-image-74692\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/a-year-in-review-google-zip-tld-dns-security-challenges-1.jpg 934w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/a-year-in-review-google-zip-tld-dns-security-challenges-8.jpg 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/a-year-in-review-google-zip-tld-dns-security-challenges-9.jpg 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/a-year-in-review-google-zip-tld-dns-security-challenges-10.jpg 480w\" sizes=\"(max-width: 934px) 100vw, 934px\"><figcaption class=\"wp-element-caption\">Email Isabella Morales<\/figcaption><\/figure>\n<p><strong><br \/>Unintended DNS Queries<\/strong><\/p>\n<p>Another significant issue is the inadvertent triggering of DNS queries by merely mentioning filenames ending in \u201c.zip\u201d during discussions. This can expose internal information to those controlling the domain\u2019s DNS server. For instance, a filename like \u201csoftware[.]exe[.]zip\u201d can generate DNS queries to malicious domains, revealing sensitive information. Similarly, searching for non-existent .zip files in Windows Explorer , such as the \u201cprospects.xlsx.zip\u201d below, can lead to unintended online searches, potentially reaching harmful domains.<\/p>\n<figure class=\"wp-block-image size-large\"><img data-recalc-dims=\"1\" title=\"Windows Search | Efficientip\" decoding=\"async\" width=\"640\" height=\"360\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/a-year-in-review-google-zip-tld-dns-security-challenges.gif?resize=640%2C360&#038;ssl=1\" alt=\"Windows Search\" class=\"wp-image-74691\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/a-year-in-review-google-zip-tld-dns-security-challenges.gif 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/a-year-in-review-google-zip-tld-dns-security-challenges-1.gif 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/a-year-in-review-google-zip-tld-dns-security-challenges-2.gif 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/a-year-in-review-google-zip-tld-dns-security-challenges-3.gif 480w\" sizes=\"(max-width: 1024px) 100vw, 1024px\"><figcaption class=\"wp-element-caption\">Windows Search<\/figcaption><\/figure>\n<p>This problem exemplifies the risk of unintended DNS queries, which can lead to sensitive information leaks or network breaches.<\/p>\n<h4 class=\"wp-block-heading\"><strong>Malware Distribution<\/strong><\/h4>\n<p>The .zip TLD security impact also involves a serious threat of malware distribution. Cybercriminals can exploit the .zip extension to host websites that serve malware disguised as legitimate software. Users might trust a .zip domain for downloading software, thereby increasing the risk of malware infection.&nbsp; Additionally, homograph attacks, where visually similar domain names deceive users into thinking they are accessing a legitimate domain, further exacerbate this risk. Many .zip domains host executable files or archives containing malware. Our 17,000 .zip domains analysis uncovered over 600 instances of Windows Trojans, highlighting the extent of this threat.<\/p>\n<h3 class=\"wp-block-heading\"><strong>Analysis of Domains Activity Over One Year<\/strong><\/h3>\n<p>Our study revealed several key trends in .zip domain activity over the past year:<\/p>\n<h4 class=\"wp-block-heading\"><strong>Domains Registration Trends<\/strong><\/h4>\n<p>There was an initial surge in .zip domain registrations following the TLD\u2019s launch, with a gradual decline in new domain registrations over time. This pattern reflects both the initial excitement and subsequent caution as security issues became apparent.<\/p>\n<figure class=\"wp-block-image size-full\"><img data-recalc-dims=\"1\" title=\"Dates of zip Appearances | Efficientip\" decoding=\"async\" width=\"640\" height=\"361\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/a-year-in-review-google-zip-tld-dns-security-challenges-2.jpg?resize=640%2C361&#038;ssl=1\" alt=\"Dates of zip Appearances\" class=\"wp-image-74688\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/a-year-in-review-google-zip-tld-dns-security-challenges-2.jpg 841w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/a-year-in-review-google-zip-tld-dns-security-challenges-11.jpg 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/a-year-in-review-google-zip-tld-dns-security-challenges-12.jpg 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/a-year-in-review-google-zip-tld-dns-security-challenges-13.jpg 480w\" sizes=\"(max-width: 841px) 100vw, 841px\"><figcaption class=\"wp-element-caption\">Dates of .zip appearances <\/figcaption><\/figure>\n<h4 class=\"wp-block-heading\"><strong>Active vs. Inactive Domains<\/strong><\/h4>\n<p>The proportion of active .zip domains has slightly decreased since July 2023. Many domains were deactivated or taken down due to their involvement in malicious activities. However, a significant number of these domains remain active and continue to pose security risks\u200b\u200b\u200b\u200b.<\/p>\n<figure class=\"wp-block-image size-full\"><img data-recalc-dims=\"1\" loading=\"lazy\" title=\"Active Domains over Time | Efficientip\" decoding=\"async\" width=\"600\" height=\"371\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/a-year-in-review-google-zip-tld-dns-security-challenges.png?resize=600%2C371&#038;ssl=1\" alt=\"Active Domains over Time\" class=\"wp-image-74690\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/a-year-in-review-google-zip-tld-dns-security-challenges.png 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/a-year-in-review-google-zip-tld-dns-security-challenges-2.png 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/a-year-in-review-google-zip-tld-dns-security-challenges-3.png 480w\" sizes=\"(max-width: 600px) 100vw, 600px\"><figcaption class=\"wp-element-caption\">Active domains over time<\/figcaption><\/figure>\n<h4 class=\"wp-block-heading\"><strong>Suspicious and Malicious Content<\/strong><\/h4>\n<p>The proportion of suspicious websites increased from 11.9% to 14.6% over the year (preventage of suspicious domaines from both active and inactive domains). This rise indicates a growing threat landscape associated with. The analysis of malicious .zip domains in March 2024 reveals that a significant portion remains active, with 60% (1323) from all malicious domains are still operational and posing a threat to users. Notably, out of the malicious domains, 41 contain installer files, which is a strong indication of active malware distribution.&nbsp; The analysis of suspicious .zip domains has similar results \u2013 59% of suspicious domains (1474) were identified as active, with 44 of these domains containing installer files, indicating a considerable threat.&nbsp; When considering both malicious and suspicious .zip domains, it is evident that cybercriminals are exploiting the .zip TLD for harmful activities. This underscores the critical need for enhanced detection mechanisms, rapid response strategies, and user education to safeguard against these threats.&nbsp;<\/p>\n<figure class=\"wp-block-image size-full\"><img data-recalc-dims=\"1\" loading=\"lazy\" title=\"Malicious and Suspicious Domains Activity | Efficientip\" decoding=\"async\" width=\"600\" height=\"371\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/a-year-in-review-google-zip-tld-dns-security-challenges-1.png?resize=600%2C371&#038;ssl=1\" alt=\"Malicious and Suspicious Domains Activity\" class=\"wp-image-74689\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/a-year-in-review-google-zip-tld-dns-security-challenges-1.png 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/a-year-in-review-google-zip-tld-dns-security-challenges-4.png 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/a-year-in-review-google-zip-tld-dns-security-challenges-5.png 480w\" sizes=\"(max-width: 600px) 100vw, 600px\"><figcaption class=\"wp-element-caption\">Malicious and Suspicious domains activity <\/figcaption><\/figure>\n<h3 class=\"wp-block-heading\"><strong>In-Depth Analysis of Google .zip TLD Domains Names<\/strong><\/h3>\n<p>Not surprisingly, many of the analyzed Google .zip TLD domains included extensions mimicking common, widely-used applications such as Microsoft Word and Adobe Acrobat Reader. For example, domains like \u201c2024.xlsx.zip\u201d and \u201cfact03240175.pdf.zip\u201d appear to be regular document files but are actually compressed files. This tactic is designed for tricking users into believing they are opening legitimate documents, increasing the risk of inadvertently downloading malicious files and executing malware.<\/p>\n<p>As mentioned earlier in the blog, if a user searches for an .xlsx file that doesn\u2019t exist, Windows will automatically open the web browser, putting the user at high risk of unintentionally downloading a malicious file. Similarly, if such a filename is mentioned by error in Slack or other chat apps, it can be automatically hyperlinked, leading to potential accidental downloads.<\/p>\n<p>This is exactly what we observed in the data analyzed in our research. The domains that matched in our traffic are most probably ones that real users were unintentionally trying to download. Examples include \u201c2024.xlsx.zip\u201d, \u201ccourrierdevotrecaisse.pdf.zip\u201d, \u201cmoteurs.docx.zip\u201d, and \u201cmsoffice365update.zip\u201d.<\/p>\n<p>Domains that include installers are the most interesting because they have the potential to install malware directly onto users\u2019 systems. These domains are particularly dangerous as they impersonate widely-used software and trusted brands, making them highly effective at deceiving users. Our deeper examination reveals that Microsoft-related domains dominate, accounting for 47.22% of the total malicious installer domains. This is followed by Google at 8.33%, with other brands like Apple, Adobe, Zoom, and Firefox each having smaller yet significant shares. The prevalence of these brands underscores a strategic effort by cybercriminals to exploit user trust and the urgency to update software. These insights highlight the dangerous nature of the .zip domains, revealing how they can be leveraged to spread malware and deceive users on a large scale.<\/p>\n<figure class=\"wp-block-image size-full\"><img data-recalc-dims=\"1\" loading=\"lazy\" title=\"Known Brand Distribution in zip Tld Domain Names | Efficientip\" decoding=\"async\" width=\"640\" height=\"449\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/a-year-in-review-google-zip-tld-dns-security-challenges-3.jpg?resize=640%2C449&#038;ssl=1\" alt=\"Known Brand Distribution in zip Tld Domain Names\" class=\"wp-image-74693\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/a-year-in-review-google-zip-tld-dns-security-challenges-3.jpg 699w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/a-year-in-review-google-zip-tld-dns-security-challenges-14.jpg 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/a-year-in-review-google-zip-tld-dns-security-challenges-15.jpg 480w\" sizes=\"(max-width: 699px) 100vw, 699px\"><figcaption class=\"wp-element-caption\">Known brand distribution in .zip TLD domain names <\/figcaption><\/figure>\n<p>Further analysis of the malicious installer domain names reveals a strategic use of specific keywords to deceive users and distribute malware. \u201cUpdate\u201d appears in 56 domains, exploiting the urgency to keep software current. \u201cInstaller\u201d is found in 38 domains, often disguised as legitimate software installers. Security-related keywords are in 8 domains, leveraging fears of vulnerabilities. Additionally, \u201csetup\u201d appears in 10 domains, commonly used in initial configurations. These insights underscore the dangerous nature of .zip domains and the critical need for vigilance and robust cybersecurity measures.<\/p>\n<h3 class=\"wp-block-heading\"><strong>Lessons Learned and Future Outlook<\/strong><\/h3>\n<p>The Google .zip TLD underscores cybersecurity challenges related to domain name confusion, a problem Google emphasizes is not new. They stress the need for continuous monitoring and proactive measures to address these risks. Looking ahead, Google advocates for adaptive security strategies and comprehensive user education to enhance online safety. Despite these efforts, the .zip TLD remains a tool that can be exploited by attackers, necessitating continuous vigilance and proactive DNS security measures.<\/p>\n<p>EfficientIP\u2019s Protective DNS Security Solution plays a crucial role in mitigating these risks. By leveraging advanced AI-driven threat detection and DNS-centric threat intelligence, EfficientIP offers robust protection, real-time threat detection, and automated response and recovery capabilities.&nbsp;<\/p>\n<p>EfficientIP\u2019s advanced capabilities include patented DNS traffic inspection and behavioral analysis, which allow for precise identification of suspicious activities and potential sophisticated threats such as phishing, malware, spyware, data exfiltration through zero-day malicious domains, DNS tunneling, command and control\u2026. Micro-segmentation with fine-grained, centrally managed DNS traffic filtering policies using Client Query Filtering (CQF) enhances zero trust security by ensuring only authorized users can access specific resources, enabling dynamic domain filtering based on the user\u2019s group and permissions. Adaptive countermeasures and rescue mode provide swift, automated responses to mitigate the impact of attacks and maintain service continuity. Advanced AI-powered algorithms, such as Tuple Clustering, natural language processing, and image recognition , enable proactive identification of sophisticated DGA and phishing threats. Together, these features help reduce the risk of attackers misleading users and exploiting domain names like .zip, ensuring a higher level of network security.<\/p>\n<p>This comprehensive approach is essential for maintaining network security in the face of evolving threats.<\/p>\n<h4 class=\"wp-block-heading\"><strong>Conclusion<\/strong><\/h4>\n<p>One year after the launch of the Google .zip TLD, it is clear that while it has potential for legitimate use, it also introduces significant security risks. Continuous vigilance and protective actions by both domain registrants and users are essential to mitigate these risks. Enhanced cooperation among registry operators, cybersecurity experts, and users is crucial for developing robust measures against DNS-based threats.<\/p>\n<p>Stay informed about developments in TLD cybersecurity and DNS security. EfficientIP\u2019s DNS Security solution offers a robust defense against emerging threats. For a practical demonstration of DNS Security, <a href=\"https:\/\/efficientip.com\/contact\/\">click here<\/a>.<\/p>\n<p><a href=\"https:\/\/efficientip.com\/blog\/a-year-in-review-google-zip-tld-dns-security-challenges\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>One year after Google .zip TLD (Top Level Domains)\u2019s launch,<\/p>\n","protected":false},"author":5,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[896,496,62,1244,60,49],"tags":[903,503,69,1254,67,57],"class_list":["post-3762","post","type-post","status-publish","format-standard","hentry","category-dns-attack","category-dns-filtering","category-dns-security","category-dns-solution","category-phishing","category-threat-intelligence","tag-dns-attack","tag-dns-filtering","tag-dns-security","tag-dns-solution","tag-phishing","tag-threat-intelligence"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Efficient IP","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/efficient-ip\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/dns-attack\/\" rel=\"category tag\">DNS Attack<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/dns-filtering\/\" rel=\"category tag\">DNS filtering<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/dns-security\/\" rel=\"category tag\">DNS Security<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/dns-solution\/\" rel=\"category tag\">DNS Solution<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/phishing\/\" rel=\"category tag\">phishing<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/threat-intelligence\/\" rel=\"category tag\">Threat Intelligence<\/a>","tag_info":"Threat Intelligence","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/3762","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=3762"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/3762\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=3762"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=3762"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=3762"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}