{"id":76100,"date":"2015-11-16T14:02:11","date_gmt":"2015-11-16T22:02:11","guid":{"rendered":""},"modified":"2025-12-05T13:18:05","modified_gmt":"2025-12-05T21:18:05","slug":"microsoft-security-intelligence-report-strontium","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/11\/16\/microsoft-security-intelligence-report-strontium\/","title":{"rendered":"Microsoft Security Intelligence Report: Strontium"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">The <a href=\"http:\/\/www.microsoft.com\/security\/sir\/default.aspx\">Microsoft Security Intelligence Report<\/a> (SIR) provides a regular snapshot of the current threat landscape, using data from more than 600 million computers worldwide.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The latest report (SIRv19) was released this week and includes a detailed analysis of the actor group STRONTIUM \u2013 a group that uses zero-day exploits to collect the sensitive information of high-value targets in government and political organizations.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Since 2007, the group has targeted:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"wp-block-list-item\">Government bodies<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Diplomatic institutions<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Military forces and installations<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Journalists<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Political advisors and organizations<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"attack-vectors-how-they-manage-to-get-in\">Attack vectors: How they manage to get in<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">A STRONTIUM actor attack usually has two components:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li class=\"wp-block-list-item\">A spear phishing attempt that targets specific individuals within an organization. This phishing attempt is used to gather information about potential high-value targets and steal their login credentials.<\/li>\n\n\n\n<li class=\"wp-block-list-item\">A second phase that attempts to download malware using software <a href=\"https:\/\/www.microsoft.com\/security\/portal\/mmpc\/shared\/glossary.aspx#vulnerability\">vulnerabilities <\/a>to further infect the target computers and spread through networks.<\/li>\n<\/ol>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"spear-phishing\"><strong>Spear phishing<\/strong><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">We estimate the STRONTIUM actor targeted several thousand people with spear phishing attacks during the first half of 2015. The goal of the spam email attack is to get a list of high-value individuals with access to sensitive information.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The phishing email usually attempts to trick the target into believing there has been an unauthorized user accessing their account.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The email includes a link to a website under the attacker\u2019s control that prompts the victim to change their password. If the attack is successful, the stolen credentials can be used to access the victim\u2019s email account.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Visiting the malicious website can also send sensitive information to the attacker, even when no credentials are entered. The sensitive information can include details of the victim\u2019s PC -including its IP address, browser and operating system versions, and any browser add-ons installed. This information can be used to target the individual with software exploits.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"malware-downloads\"><strong>Malware downloads<\/strong><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">The second phase of a STRONTIUM actor attack is to install malware on the compromised machine in an attempt to gain access to other machines on the network.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Usually, the malware is installed through a malicious link in an email. However, we have also seen social networks used to spread malicious links. The highly-targeted emails use current events, such as an upcoming conference, to entice the victim to click a link for \u201cadditional information\u201d. The email is sent from well-known email providers and sender names that are designed to look credible.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">When the link is clicked, a drive-by-download attack is launched using software vulnerabilities. The attacks often use <a href=\"https:\/\/www.microsoft.com\/security\/portal\/mmpc\/shared\/glossary.aspx#exploit\">zero-day exploits<\/a> that target vulnerabilities for which the affected software vendor has not yet released a security update.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">If the attack is successful the attacker tries to compromise other machines within the targeted organization to gather more sensitive information.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">See the <a href=\"http:\/\/www.microsoft.com\/security\/sir\/default.aspx\">Microsoft Security Intelligence Report (SIRv19)<\/a> for more technical details on the methods used by STRONTIUM.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"preventing-attacks\">Preventing attacks<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">You can reduce the likelihood of a successful compromise in a number of ways. Use an up-to-date real-time security product, such as <a href=\"https:\/\/www.microsoft.com\/security\/pc-security\/windows-defender.aspx\">Windows Defender for Windows 10<\/a>.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">In an enterprise environment you should also:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"wp-block-list-item\">Keep all your software up-to-date and deploy security updates as soon as possible<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Enforce segregation of privileges on user accounts and apply all possible safety measures to protect administrator accounts from compromise<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Conduct enterprise software security awareness training, and build <a href=\"http:\/\/www.microsoft.com\/security\/portal\/mmpc\/shared\/prevention.aspx\">awareness about malware infection prevention<\/a><\/li>\n\n\n\n<li class=\"wp-block-list-item\">Institute multi-factor authentication<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">The<a href=\"http:\/\/www.microsoft.com\/security\/sir\/default.aspx\">Microsoft Security Intelligence Report (SIRv19)<\/a> has more advice and detailed analysis of STRONTIUM, as well as other information about malware and unwanted software.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The Microsoft Malware Protection Center\u2019s <a href=\"https:\/\/www.microsoft.com\/security\/portal\/enterprise\/threatreports.aspx\">November Threat Intelligence Report<\/a> also includes detailed information, resources, and advice to mitigate the risk of advanced persistent threats (APTs).<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"talk-to-us\"><strong>Talk to us<\/strong><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Questions, concerns, or insights on this story? Join discussions at the <a href=\"https:\/\/answers.microsoft.com\/en-us\/protect\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft community<\/a> and <a href=\"https:\/\/www.microsoft.com\/en-us\/wdsi\" target=\"_blank\" rel=\"noreferrer noopener\">Windows Defender Security Intelligence<\/a>.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Follow us on Twitter <a href=\"https:\/\/twitter.com\/WDSecurity\" target=\"_blank\" rel=\"noreferrer noopener\">@WDSecurity.<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The Microsoft Security Intelligence Report (SIR) provides a regular snapshot of the current threat landscape, using data from more than 600 million computers worldwide.<\/p>\n","protected":false},"author":61,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"ms_queue_id":[],"ep_exclude_from_search":false,"_classifai_error":"","_classifai_text_to_speech_error":"","_alt_title":"","ms-ems-related-posts":[],"footnotes":""},"post_tag":[3829],"threat-intelligence":[3728,3738],"content-type":[3663],"job-role":[],"product":[],"topic":[3687],"coauthors":[1968],"class_list":["post-76100","post","type-post","status-publish","format-standard","hentry","tag-forest-blizzard-strontium","threat-intelligence-business-email-compromise","threat-intelligence-threat-actors","content-type-research","topic-threat-intelligence"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.2 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Microsoft Security Intelligence Report: Strontium | Microsoft Security Blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/11\/16\/microsoft-security-intelligence-report-strontium\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Microsoft Security Intelligence Report: Strontium | Microsoft Security Blog\" \/>\n<meta property=\"og:description\" content=\"The Microsoft Security Intelligence Report (SIR) provides a regular snapshot of the current threat landscape, using data from more than 600 million computers worldwide.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/11\/16\/microsoft-security-intelligence-report-strontium\/\" \/>\n<meta property=\"og:site_name\" content=\"Microsoft Security Blog\" \/>\n<meta property=\"article:published_time\" content=\"2015-11-16T22:02:11+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-12-05T21:18:05+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-microsoft_logo_element.png\" \/>\n\t<meta property=\"og:image:width\" content=\"512\" \/>\n\t<meta property=\"og:image:height\" content=\"512\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Microsoft Defender Security Research Team\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Microsoft Defender Security Research Team\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/11\/16\/microsoft-security-intelligence-report-strontium\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/11\/16\/microsoft-security-intelligence-report-strontium\/\"},\"author\":[{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/windows-defender-research\/\",\"@type\":\"Person\",\"@name\":\"Microsoft Defender Security Research Team\"}],\"headline\":\"Microsoft Security Intelligence Report: Strontium\",\"datePublished\":\"2015-11-16T22:02:11+00:00\",\"dateModified\":\"2025-12-05T21:18:05+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/11\/16\/microsoft-security-intelligence-report-strontium\/\"},\"wordCount\":626,\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\"},\"keywords\":[\"Forest Blizzard (STRONTIUM)\"],\"articleSection\":[\"Cybersecurity\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/11\/16\/microsoft-security-intelligence-report-strontium\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/11\/16\/microsoft-security-intelligence-report-strontium\/\",\"name\":\"Microsoft Security Intelligence Report: Strontium | Microsoft Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website\"},\"datePublished\":\"2015-11-16T22:02:11+00:00\",\"dateModified\":\"2025-12-05T21:18:05+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/11\/16\/microsoft-security-intelligence-report-strontium\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/11\/16\/microsoft-security-intelligence-report-strontium\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/11\/16\/microsoft-security-intelligence-report-strontium\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Microsoft Security Intelligence Report: Strontium\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\",\"name\":\"Microsoft Security Blog\",\"description\":\"Expert coverage of cybersecurity topics\",\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\",\"name\":\"Microsoft Security Blog\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png\",\"contentUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png\",\"width\":512,\"height\":512,\"caption\":\"Microsoft Security Blog\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/person\/a385e64377ec1eb81d3bd7f9839f060b\",\"name\":\"Microsoft Security\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/0242738c3da64c97e705834683728e774a3f4e29c071681ed74a68e3a671d270?s=96&d=microsoft&r=gea2dea4ce5dbbbe4077dc25334909eb7\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/0242738c3da64c97e705834683728e774a3f4e29c071681ed74a68e3a671d270?s=96&d=microsoft&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/0242738c3da64c97e705834683728e774a3f4e29c071681ed74a68e3a671d270?s=96&d=microsoft&r=g\",\"caption\":\"Microsoft Security\"},\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/mssecurity\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Microsoft Security Intelligence Report: Strontium | Microsoft Security Blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/11\/16\/microsoft-security-intelligence-report-strontium\/","og_locale":"en_US","og_type":"article","og_title":"Microsoft Security Intelligence Report: Strontium | Microsoft Security Blog","og_description":"The Microsoft Security Intelligence Report (SIR) provides a regular snapshot of the current threat landscape, using data from more than 600 million computers worldwide.","og_url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/11\/16\/microsoft-security-intelligence-report-strontium\/","og_site_name":"Microsoft Security Blog","article_published_time":"2015-11-16T22:02:11+00:00","article_modified_time":"2025-12-05T21:18:05+00:00","og_image":[{"width":512,"height":512,"url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-microsoft_logo_element.png","type":"image\/png"}],"author":"Microsoft Defender Security Research Team","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Microsoft Defender Security Research Team","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/11\/16\/microsoft-security-intelligence-report-strontium\/#article","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/11\/16\/microsoft-security-intelligence-report-strontium\/"},"author":[{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/windows-defender-research\/","@type":"Person","@name":"Microsoft Defender Security Research Team"}],"headline":"Microsoft Security Intelligence Report: Strontium","datePublished":"2015-11-16T22:02:11+00:00","dateModified":"2025-12-05T21:18:05+00:00","mainEntityOfPage":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/11\/16\/microsoft-security-intelligence-report-strontium\/"},"wordCount":626,"publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization"},"keywords":["Forest Blizzard (STRONTIUM)"],"articleSection":["Cybersecurity"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/11\/16\/microsoft-security-intelligence-report-strontium\/","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/11\/16\/microsoft-security-intelligence-report-strontium\/","name":"Microsoft Security Intelligence Report: Strontium | Microsoft Security Blog","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website"},"datePublished":"2015-11-16T22:02:11+00:00","dateModified":"2025-12-05T21:18:05+00:00","breadcrumb":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/11\/16\/microsoft-security-intelligence-report-strontium\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/11\/16\/microsoft-security-intelligence-report-strontium\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2015\/11\/16\/microsoft-security-intelligence-report-strontium\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/"},{"@type":"ListItem","position":2,"name":"Microsoft Security Intelligence Report: Strontium"}]},{"@type":"WebSite","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/","name":"Microsoft Security Blog","description":"Expert coverage of cybersecurity topics","publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization","name":"Microsoft Security Blog","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png","contentUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png","width":512,"height":512,"caption":"Microsoft Security Blog"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/person\/a385e64377ec1eb81d3bd7f9839f060b","name":"Microsoft Security","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/0242738c3da64c97e705834683728e774a3f4e29c071681ed74a68e3a671d270?s=96&d=microsoft&r=gea2dea4ce5dbbbe4077dc25334909eb7","url":"https:\/\/secure.gravatar.com\/avatar\/0242738c3da64c97e705834683728e774a3f4e29c071681ed74a68e3a671d270?s=96&d=microsoft&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/0242738c3da64c97e705834683728e774a3f4e29c071681ed74a68e3a671d270?s=96&d=microsoft&r=g","caption":"Microsoft Security"},"url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/mssecurity\/"}]}},"bloginabox_animated_featured_image":null,"bloginabox_display_generated_audio":false,"distributor_meta":false,"distributor_terms":false,"distributor_media":false,"distributor_original_site_name":"Microsoft Security Blog","distributor_original_site_url":"https:\/\/www.microsoft.com\/en-us\/security\/blog","push-errors":false,"_links":{"self":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts\/76100","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/users\/61"}],"replies":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/comments?post=76100"}],"version-history":[{"count":1,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts\/76100\/revisions"}],"predecessor-version":[{"id":144198,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts\/76100\/revisions\/144198"}],"wp:attachment":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/media?parent=76100"}],"wp:term":[{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/post_tag?post=76100"},{"taxonomy":"threat-intelligence","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/threat-intelligence?post=76100"},{"taxonomy":"content-type","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/content-type?post=76100"},{"taxonomy":"job-role","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/job-role?post=76100"},{"taxonomy":"product","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/product?post=76100"},{"taxonomy":"topic","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/topic?post=76100"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/coauthors?post=76100"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}