{"id":49595,"date":"2023-11-10T10:04:15","date_gmt":"2023-11-10T10:04:15","guid":{"rendered":"https:\/\/cybersecuritynews.com\/?p=49595"},"modified":"2023-11-10T10:04:18","modified_gmt":"2023-11-10T10:04:18","slug":"sidecopy-winrar-zero-day","status":"publish","type":"post","link":"https:\/\/cybersecuritynews.com\/sidecopy-winrar-zero-day\/","title":{"rendered":"SideCopy APT group Exploiting WinRAR Zero-Day to Deliver Ares RAT"},"content":{"rendered":"\n<p>SideCopy, the Pakistani-based threat actor, has been using the WinRAR vulnerability (<a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-38831\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">CVE-2023-38831<\/a>) to target Indian government entities for delivering multiple RATs (Remote Access Trojans) like AllaKore RAT, Ares RAT, and DRat.<\/p>\n\n\n\n<p>The threat actor has been observed to have conducted concurrent campaigns every month, according to reports. Recent campaigns showed that there were additional stages of exploitation used, which involved a . NET-based RAT called &#8220;Double Action RAT.&#8221;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-sub-division-of-apt36-and-campaigns\"><strong>Sub-division of APT36 and Campaigns<\/strong><\/h2>\n\n\n\n<p>SideCopy is found to be linked with the Transparent Tribe (APT-36), which targeted the Indian Military and recruited university students for terrorist groups. Additionally, this threat actor has been active since 2013; their <a href=\"https:\/\/cybersecuritynews.com\/new-stealthy-linux-malware-targeting-endpoints-iot-devices\/\">Linux malware<\/a> arsenal has been updated with Poseidon and other utilities.<\/p>\n\n\n\n<p>As per reports submitted to Cyber Security News, their first campaign was conducted through a phishing link that downloads an archive that consists of a decoy document called &#8220;ACR.pdf&#8221; or &#8220;ACR_ICR_ECR_Form_for_Endorsement_New_Policy.pdf&#8221; that was related to NSRO.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter\"><img decoding=\"async\" src=\"https:\/\/lh7-us.googleusercontent.com\/CcFPpViQUU2cza38ZV5_wsVDxvIY-KaaUQw5snkN0HKwKLkUX9JcwHUye7JlsRdUtU-l3D15CV_6Em6lo8JcqdQq3Ea4483xWrR1BuZA1wi9Wn-MbM_LgEu2_-n0IJLDI1Ts5DX8ANHTGGN0nIOCNCk\" alt=\"Source: Seqrite\"\/><figcaption class=\"wp-element-caption\"><em>Source: <\/em><a href=\"https:\/\/www.seqrite.com\/blog\/sidecopys-multi-platform-onslaught-leveraging-winrar-zero-day-and-linux-variant-of-ares-rat\/\"><em>Seqrite<\/em><\/a><\/figcaption><\/figure><\/div>\n\n\n<p>Furthermore, there were two types of next stages, such as an LNK file merged inside the PDF that triggered a remote HTA file on a compromised domain. The next stages of this campaign were to check the .NET version, fetch the AV installed, decode, and run the DLL in memory.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-ares-rat-delivery\"><strong>Ares RAT<\/strong> Delivery<\/h2>\n\n\n\n<p>There were two shortcut files in a double extension format under the name &#8220;Homosexuality \u2013 Indian Armed Forces \u2024pdf.lnk&#8221;. However, there were two embedded base64 encoded files, one decoy PDF, and a DLL. When the decoy file is opened, it downloads another HTA, whereas the final DLL points to the target.\u00a0<\/p>\n\n\n\n<p>The new HTA is saved as &#8220;seqrite.jpg&#8221; in the TEMP folder, which later executes the final DLL payload that depends upon the AV present. For persistence, this payload is added to the registry key or Startup.<\/p>\n\n\n\n<p>Additionally, their target scope has a large number of Linux-based malware, which was due to the recent Indian government&#8217;s announcement for replacing Microsoft Windows with Maya OS (Linux flavor) in government as well as defense sectors.<\/p>\n\n\n\n<p>A <a href=\"https:\/\/www.seqrite.com\/blog\/sidecopys-multi-platform-onslaught-leveraging-winrar-zero-day-and-linux-variant-of-ares-rat\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">complete report<\/a> has been published by SEQRITE, which provides detailed information about this threat actor, the malware, and other information.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-iocs\"><strong>IOCs<\/strong><\/h2>\n\n\n\n<p>For a comprehensive list of potential signs that a system has been breached or compromised, please refer to the Indicators of Compromise document available at the <a href=\"https:\/\/www.seqrite.com\/blog\/sidecopys-multi-platform-onslaught-leveraging-winrar-zero-day-and-linux-variant-of-ares-rat\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">provided source<\/a>.<\/p>\n\n\n\n<p class=\"has-text-align-center has-background\" style=\"background:linear-gradient(180deg,rgb(238,238,238) 86%,rgb(169,184,195) 100%)\">Secures your storage &amp; backup systems With StorageGuard \u2013 <a href=\"https:\/\/www.continuitysoftware.com\/watch-a-demo\/?utm_source=cybersecuritynews\" target=\"_blank\" rel=\"noreferrer noopener nofollow\"><strong>Watch a 40-second Video Tour<\/strong><\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>SideCopy, the Pakistani-based threat actor, has been using the WinRAR vulnerability (CVE-2023-38831) to target Indian government entities for delivering multiple RATs (Remote Access Trojans) like AllaKore RAT, Ares RAT, and DRat. The threat actor has been observed to have conducted concurrent campaigns every month, according to reports. Recent campaigns showed that there were additional stages [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":49619,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjvKjEBL1lI0YveYPwqVJTSGBQ4EoCVL0EdVWPEWGReXy8Nwe2E0bV8ZfhPaOEIeBPJygY9GTD7KR28SmhPmj6BOXIXlsaEG2pyilKWH9dbjOB6B7xs-ZPHY20Ww9XGZKVhE2LBcDZbjhq4x9x74oJeq2Fkr5Uh0adAe1idmcibAlzQFbs-YrqhVf-3fGCU\/s1600\/SideCopy%20APT%20Exploit%20WinRAR%20Zero-Day-1.webp","fifu_image_alt":"SideCopy APT group Exploiting WinRAR Zero-Day to Deliver Ares RAT","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[11,48,53,60],"tags":[149,151,153,416],"class_list":{"0":"post-49595","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-cyber-security-news","8":"category-threats","9":"category-vulnerability","10":"category-zero-day","11":"tag-cyber-security","12":"tag-cyber-security-news","13":"tag-cybersecurity","14":"tag-vulnerability"},"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v25.7.1 (Yoast SEO v25.7) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>SideCopy APT group Exploiting WinRAR to Deliver Ares RAT<\/title>\n<meta name=\"description\" content=\"SideCopy, the Pakistani-based threat actor, has been using the WinRAR vulnerability (CVE-2023-38831) to target Indian government entities.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/cybersecuritynews.com\/sidecopy-winrar-zero-day\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"SideCopy APT group Exploiting WinRAR Zero-Day to Deliver Ares RAT\" \/>\n<meta property=\"og:description\" content=\"SideCopy, the Pakistani-based threat actor, has been using the WinRAR vulnerability (CVE-2023-38831) to target Indian government entities.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/cybersecuritynews.com\/sidecopy-winrar-zero-day\/\" \/>\n<meta property=\"og:site_name\" content=\"Cyber Security News\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/Hackingtutorialsandnews\" \/>\n<meta property=\"article:published_time\" content=\"2023-11-10T10:04:15+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-11-10T10:04:18+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjvKjEBL1lI0YveYPwqVJTSGBQ4EoCVL0EdVWPEWGReXy8Nwe2E0bV8ZfhPaOEIeBPJygY9GTD7KR28SmhPmj6BOXIXlsaEG2pyilKWH9dbjOB6B7xs-ZPHY20Ww9XGZKVhE2LBcDZbjhq4x9x74oJeq2Fkr5Uh0adAe1idmcibAlzQFbs-YrqhVf-3fGCU\/s1600\/SideCopy%20APT%20Exploit%20WinRAR%20Zero-Day-1.webp\" \/><meta property=\"og:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjvKjEBL1lI0YveYPwqVJTSGBQ4EoCVL0EdVWPEWGReXy8Nwe2E0bV8ZfhPaOEIeBPJygY9GTD7KR28SmhPmj6BOXIXlsaEG2pyilKWH9dbjOB6B7xs-ZPHY20Ww9XGZKVhE2LBcDZbjhq4x9x74oJeq2Fkr5Uh0adAe1idmcibAlzQFbs-YrqhVf-3fGCU\/s1600\/SideCopy%20APT%20Exploit%20WinRAR%20Zero-Day-1.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"1600\" \/>\n\t<meta property=\"og:image:height\" content=\"900\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Eswar\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjvKjEBL1lI0YveYPwqVJTSGBQ4EoCVL0EdVWPEWGReXy8Nwe2E0bV8ZfhPaOEIeBPJygY9GTD7KR28SmhPmj6BOXIXlsaEG2pyilKWH9dbjOB6B7xs-ZPHY20Ww9XGZKVhE2LBcDZbjhq4x9x74oJeq2Fkr5Uh0adAe1idmcibAlzQFbs-YrqhVf-3fGCU\/s1600\/SideCopy%20APT%20Exploit%20WinRAR%20Zero-Day-1.webp\" \/>\n<meta name=\"twitter:creator\" content=\"@The_Cyber_News\" \/>\n<meta name=\"twitter:site\" content=\"@The_Cyber_News\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Eswar\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"SideCopy APT group Exploiting WinRAR to Deliver Ares RAT","description":"SideCopy, the Pakistani-based threat actor, has been using the WinRAR vulnerability (CVE-2023-38831) to target Indian government entities.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/cybersecuritynews.com\/sidecopy-winrar-zero-day\/","og_locale":"en_US","og_type":"article","og_title":"SideCopy APT group Exploiting WinRAR Zero-Day to Deliver Ares RAT","og_description":"SideCopy, the Pakistani-based threat actor, has been using the WinRAR vulnerability (CVE-2023-38831) to target Indian government entities.","og_url":"https:\/\/cybersecuritynews.com\/sidecopy-winrar-zero-day\/","og_site_name":"Cyber Security News","article_publisher":"https:\/\/www.facebook.com\/Hackingtutorialsandnews","article_published_time":"2023-11-10T10:04:15+00:00","article_modified_time":"2023-11-10T10:04:18+00:00","og_image":[{"url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjvKjEBL1lI0YveYPwqVJTSGBQ4EoCVL0EdVWPEWGReXy8Nwe2E0bV8ZfhPaOEIeBPJygY9GTD7KR28SmhPmj6BOXIXlsaEG2pyilKWH9dbjOB6B7xs-ZPHY20Ww9XGZKVhE2LBcDZbjhq4x9x74oJeq2Fkr5Uh0adAe1idmcibAlzQFbs-YrqhVf-3fGCU\/s1600\/SideCopy%20APT%20Exploit%20WinRAR%20Zero-Day-1.webp","type":"","width":"","height":""},{"width":1600,"height":900,"url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjvKjEBL1lI0YveYPwqVJTSGBQ4EoCVL0EdVWPEWGReXy8Nwe2E0bV8ZfhPaOEIeBPJygY9GTD7KR28SmhPmj6BOXIXlsaEG2pyilKWH9dbjOB6B7xs-ZPHY20Ww9XGZKVhE2LBcDZbjhq4x9x74oJeq2Fkr5Uh0adAe1idmcibAlzQFbs-YrqhVf-3fGCU\/s1600\/SideCopy%20APT%20Exploit%20WinRAR%20Zero-Day-1.webp","type":"image\/jpeg"}],"author":"Eswar","twitter_card":"summary_large_image","twitter_image":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjvKjEBL1lI0YveYPwqVJTSGBQ4EoCVL0EdVWPEWGReXy8Nwe2E0bV8ZfhPaOEIeBPJygY9GTD7KR28SmhPmj6BOXIXlsaEG2pyilKWH9dbjOB6B7xs-ZPHY20Ww9XGZKVhE2LBcDZbjhq4x9x74oJeq2Fkr5Uh0adAe1idmcibAlzQFbs-YrqhVf-3fGCU\/s1600\/SideCopy%20APT%20Exploit%20WinRAR%20Zero-Day-1.webp","twitter_creator":"@The_Cyber_News","twitter_site":"@The_Cyber_News","twitter_misc":{"Written by":"Eswar","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"NewsArticle","@id":"https:\/\/cybersecuritynews.com\/sidecopy-winrar-zero-day\/#article","isPartOf":{"@id":"https:\/\/cybersecuritynews.com\/sidecopy-winrar-zero-day\/"},"author":{"name":"Eswar","@id":"https:\/\/cybersecuritynews.com\/#\/schema\/person\/1250c3caccf177ebfc4eb55c51c60b4d"},"headline":"SideCopy APT group Exploiting WinRAR Zero-Day to Deliver Ares RAT","datePublished":"2023-11-10T10:04:15+00:00","dateModified":"2023-11-10T10:04:18+00:00","mainEntityOfPage":{"@id":"https:\/\/cybersecuritynews.com\/sidecopy-winrar-zero-day\/"},"wordCount":414,"publisher":{"@id":"https:\/\/cybersecuritynews.com\/#organization"},"image":{"@id":"https:\/\/cybersecuritynews.com\/sidecopy-winrar-zero-day\/#primaryimage"},"thumbnailUrl":"https:\/\/i2.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjvKjEBL1lI0YveYPwqVJTSGBQ4EoCVL0EdVWPEWGReXy8Nwe2E0bV8ZfhPaOEIeBPJygY9GTD7KR28SmhPmj6BOXIXlsaEG2pyilKWH9dbjOB6B7xs-ZPHY20Ww9XGZKVhE2LBcDZbjhq4x9x74oJeq2Fkr5Uh0adAe1idmcibAlzQFbs-YrqhVf-3fGCU\/s1600\/SideCopy%20APT%20Exploit%20WinRAR%20Zero-Day-1.webp?w=1600&resize=1600,900&ssl=1","keywords":["cyber security","cyber security news","cybersecurity","vulnerability"],"articleSection":["Cyber Security News","Threats","Vulnerability","Zero-Day"],"inLanguage":"en-US","copyrightYear":"2023","copyrightHolder":{"@id":"https:\/\/cybersecuritynews.com\/#organization"}},{"@type":"WebPage","@id":"https:\/\/cybersecuritynews.com\/sidecopy-winrar-zero-day\/","url":"https:\/\/cybersecuritynews.com\/sidecopy-winrar-zero-day\/","name":"SideCopy APT group Exploiting WinRAR to Deliver Ares RAT","isPartOf":{"@id":"https:\/\/cybersecuritynews.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/cybersecuritynews.com\/sidecopy-winrar-zero-day\/#primaryimage"},"image":{"@id":"https:\/\/cybersecuritynews.com\/sidecopy-winrar-zero-day\/#primaryimage"},"thumbnailUrl":"https:\/\/i2.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjvKjEBL1lI0YveYPwqVJTSGBQ4EoCVL0EdVWPEWGReXy8Nwe2E0bV8ZfhPaOEIeBPJygY9GTD7KR28SmhPmj6BOXIXlsaEG2pyilKWH9dbjOB6B7xs-ZPHY20Ww9XGZKVhE2LBcDZbjhq4x9x74oJeq2Fkr5Uh0adAe1idmcibAlzQFbs-YrqhVf-3fGCU\/s1600\/SideCopy%20APT%20Exploit%20WinRAR%20Zero-Day-1.webp?w=1600&resize=1600,900&ssl=1","datePublished":"2023-11-10T10:04:15+00:00","dateModified":"2023-11-10T10:04:18+00:00","description":"SideCopy, the Pakistani-based threat actor, has been using the WinRAR vulnerability (CVE-2023-38831) to target Indian government entities.","breadcrumb":{"@id":"https:\/\/cybersecuritynews.com\/sidecopy-winrar-zero-day\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/cybersecuritynews.com\/sidecopy-winrar-zero-day\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/cybersecuritynews.com\/sidecopy-winrar-zero-day\/#primaryimage","url":"https:\/\/i2.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjvKjEBL1lI0YveYPwqVJTSGBQ4EoCVL0EdVWPEWGReXy8Nwe2E0bV8ZfhPaOEIeBPJygY9GTD7KR28SmhPmj6BOXIXlsaEG2pyilKWH9dbjOB6B7xs-ZPHY20Ww9XGZKVhE2LBcDZbjhq4x9x74oJeq2Fkr5Uh0adAe1idmcibAlzQFbs-YrqhVf-3fGCU\/s1600\/SideCopy%20APT%20Exploit%20WinRAR%20Zero-Day-1.webp?w=1600&resize=1600,900&ssl=1","contentUrl":"https:\/\/i2.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjvKjEBL1lI0YveYPwqVJTSGBQ4EoCVL0EdVWPEWGReXy8Nwe2E0bV8ZfhPaOEIeBPJygY9GTD7KR28SmhPmj6BOXIXlsaEG2pyilKWH9dbjOB6B7xs-ZPHY20Ww9XGZKVhE2LBcDZbjhq4x9x74oJeq2Fkr5Uh0adAe1idmcibAlzQFbs-YrqhVf-3fGCU\/s1600\/SideCopy%20APT%20Exploit%20WinRAR%20Zero-Day-1.webp?w=1600&resize=1600,900&ssl=1","width":"1600","height":"900","caption":"SideCopy APT group Exploiting WinRAR Zero-Day to Deliver Ares RAT"},{"@type":"BreadcrumbList","@id":"https:\/\/cybersecuritynews.com\/sidecopy-winrar-zero-day\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/cybersecuritynews.com\/"},{"@type":"ListItem","position":2,"name":"SideCopy APT group Exploiting WinRAR Zero-Day to Deliver Ares RAT"}]},{"@type":"WebSite","@id":"https:\/\/cybersecuritynews.com\/#website","url":"https:\/\/cybersecuritynews.com\/","name":"Cyber Security News","description":"World&#039;s #1 Premier Cybersecurity and Hacking News Portal","publisher":{"@id":"https:\/\/cybersecuritynews.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/cybersecuritynews.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/cybersecuritynews.com\/#organization","name":"Cyber Security News","url":"https:\/\/cybersecuritynews.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/cybersecuritynews.com\/#\/schema\/logo\/image\/","url":"https:\/\/cybersecuritynews.com\/wp-content\/uploads\/2021\/06\/Cyber-security.jpg","contentUrl":"https:\/\/cybersecuritynews.com\/wp-content\/uploads\/2021\/06\/Cyber-security.jpg","width":200,"height":200,"caption":"Cyber Security News"},"image":{"@id":"https:\/\/cybersecuritynews.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/Hackingtutorialsandnews","https:\/\/x.com\/The_Cyber_News","https:\/\/www.linkedin.com\/company\/cybersecurity-news\/"]},{"@type":"Person","@id":"https:\/\/cybersecuritynews.com\/#\/schema\/person\/1250c3caccf177ebfc4eb55c51c60b4d","name":"Eswar","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/cybersecuritynews.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/b0d2cd5680f86ade7f6ace70e2841faee83185516f4bdec59bceb8a0a15fae7e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/b0d2cd5680f86ade7f6ace70e2841faee83185516f4bdec59bceb8a0a15fae7e?s=96&d=mm&r=g","caption":"Eswar"},"description":"Eswar is a Cyber security reporter with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is reporting data breach, Privacy and APT Threats.","sameAs":["https:\/\/cybersecuritynews.com\/","https:\/\/www.linkedin.com\/in\/eswar-v-3b8938111"],"url":"https:\/\/cybersecuritynews.com\/author\/eswar\/"}]}},"jetpack_featured_media_url":"https:\/\/i2.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjvKjEBL1lI0YveYPwqVJTSGBQ4EoCVL0EdVWPEWGReXy8Nwe2E0bV8ZfhPaOEIeBPJygY9GTD7KR28SmhPmj6BOXIXlsaEG2pyilKWH9dbjOB6B7xs-ZPHY20Ww9XGZKVhE2LBcDZbjhq4x9x74oJeq2Fkr5Uh0adAe1idmcibAlzQFbs-YrqhVf-3fGCU\/s1600\/SideCopy%20APT%20Exploit%20WinRAR%20Zero-Day-1.webp?w=1600&resize=1600,900&ssl=1","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/posts\/49595","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/comments?post=49595"}],"version-history":[{"count":5,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/posts\/49595\/revisions"}],"predecessor-version":[{"id":49641,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/posts\/49595\/revisions\/49641"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/media\/49619"}],"wp:attachment":[{"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/media?parent=49595"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/categories?post=49595"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/tags?post=49595"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}