{"id":25074,"date":"2025-03-11T14:59:45","date_gmt":"2025-03-11T13:59:45","guid":{"rendered":"https:\/\/www.nextron-systems.com\/?p=25074"},"modified":"2025-04-11T14:53:00","modified_gmt":"2025-04-11T12:53:00","slug":"patching-is-not-enough","status":"publish","type":"post","link":"https:\/\/www.nextron-systems.com\/2025\/03\/11\/patching-is-not-enough\/","title":{"rendered":"Patching is Not Enough: Why You Must Search for Hidden Intrusions"},"content":{"rendered":"<p>[et_pb_section fb_built=&#8221;1&#8243; admin_label=&#8221;section&#8221; _builder_version=&#8221;4.16&#8243; da_disable_devices=&#8221;off|off|off&#8221; global_colors_info=&#8221;{}&#8221; da_is_popup=&#8221;off&#8221; da_exit_intent=&#8221;off&#8221; da_has_close=&#8221;on&#8221; da_alt_close=&#8221;off&#8221; da_dark_close=&#8221;off&#8221; da_not_modal=&#8221;on&#8221; da_is_singular=&#8221;off&#8221; da_with_loader=&#8221;off&#8221; da_has_shadow=&#8221;on&#8221;][et_pb_row admin_label=&#8221;row&#8221; _builder_version=&#8221;4.16&#8243; background_size=&#8221;initial&#8221; background_position=&#8221;top_left&#8221; background_repeat=&#8221;repeat&#8221; global_colors_info=&#8221;{}&#8221;][et_pb_column type=&#8221;4_4&#8243; _builder_version=&#8221;4.16&#8243; custom_padding=&#8221;|||&#8221; global_colors_info=&#8221;{}&#8221; custom_padding__hover=&#8221;|||&#8221;][et_pb_text admin_label=&#8221;Text&#8221; _builder_version=&#8221;4.27.4&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;]<\/p>\n<div>\n<p>Many organizations make a critical mistake when responding to actively exploited zero-day vulnerabilities: they patch but don\u2019t investigate.<\/p>\n<\/div>\n<div>\n<p>Think about it this way: If your front door was left wide open for weeks, would you just lock it and walk away? If attackers had unrestricted access to your environment, simply closing the door won\u2019t undo the damage. The real problem isn\u2019t the vulnerability itself &#8211; it\u2019s what happened while your systems were exposed.<\/p>\n<\/div>\n<div>\n<h2><strong>The Real Threat is What You Don&#8217;t See<\/strong><\/h2>\n<p style=\"font-weight: 400;\"><a href=\"https:\/\/support.broadcom.com\/web\/ecx\/support-content-notification\/-\/external\/content\/SecurityAdvisories\/0\/25390\" target=\"_blank\" rel=\"noopener\">VMware recently just confirmed three newly exploited zero-day vulnerabilities<\/a> (CVE-2025-22224, CVE-2025-22225, CVE-2025-22226) affecting ESXi products. As expected, VMware has released patches. But patching alone won\u2019t tell you if attackers already breached your systems.<\/p>\n<p style=\"font-weight: 400;\">The right question at this stage should be:\u00a0<strong>Did attackers already gain access to your IT environments?<\/strong><\/p>\n<p style=\"font-weight: 400;\">If your ESXi hosts were vulnerable, you must be able to answer the following:<\/p>\n<ul>\n<li><strong>Were attackers already inside?<\/strong><\/li>\n<li><strong>Did they steal credentials, sensitive configurations, or data?<\/strong><\/li>\n<li><strong>Have they installed backdoors or persistence mechanisms?<\/strong><\/li>\n<li><strong>Did they move laterally and escalate privileges?<\/strong><\/li>\n<li><strong>Are there hidden scripts, tools, or logs covering their tracks?<\/strong><\/li>\n<\/ul>\n<p style=\"font-weight: 400;\">A patch prevents future exploitation, but it doesn\u2019t reveal what happened before. If you don\u2019t investigate, you\u2019re operating on\u00a0<strong>blind trust<\/strong>. Simply locking the door doesn&#8217;t undo what might have already happened inside. If you rely on patching alone, you\u2019re leaving the hardest question unanswered:\u00a0<strong>Are they still inside?<\/strong><\/p>\n<div>\n<h2><strong>Compromise Assessments: The Missing Piece in Zero-Day Response<\/strong><\/h2>\n<p style=\"font-weight: 400;\">A\u00a0<strong>compromise assessment<\/strong>\u00a0is not a routine security scan\u2014it\u2019s a deep forensic analysis designed to uncover hidden intrusions. Unlike traditional EDRs or antivirus tools, it searches for traces of past exploitation, persistence, and lateral movement.<\/p>\n<p style=\"font-weight: 400;\">With a\u00a0<strong>compromise assessment<\/strong>, you can:<\/p>\n<ul>\n<li><strong>Identify attacker tools and backdoors<\/strong>\u2013 Hidden scripts, web shells, or credential dumps<\/li>\n<li><strong>Detect lateral movement<\/strong>\u2013 Signs of compromised accounts or unusual connections<\/li>\n<li><strong>Uncover persistence mechanisms<\/strong>\u2013 Registry changes, scheduled tasks, or rogue services<\/li>\n<li><strong>Analyze system integrity<\/strong>\u2013 Detect data exfiltration, file modifications, or deleted logs<\/li>\n<\/ul>\n<p style=\"font-weight: 400;\">Simply put:\u00a0<strong>A compromise assessment answers the questions that patching ignores.<\/strong><\/p>\n<h2><strong>How to Investigate ESXi Compromises with THOR<\/strong><\/h2>\n<p style=\"font-weight: 400;\">VMware ESXi hosts are high-value targets for attackers due to their central role in virtualized environments and lack of built-in security tooling. Since traditional endpoint detection solutions cannot be deployed directly on ESXi, a specialized approach is required for forensic investigation and compromise assessment. <a href=\"https:\/\/www.nextron-systems.com\/thor\/\" target=\"_blank\" rel=\"noopener\">THOR<\/a> provides two effective methods for this purpose.<\/p>\n<h3><strong>1. THOR Thunderstorm: File-Based Live Scanning on ESXi<\/strong><\/h3>\n<p style=\"font-weight: 400;\"><a href=\"https:\/\/www.nextron-systems.com\/thor-thunderstorm\/\" target=\"_blank\" rel=\"noopener\">THOR Thunderstorm<\/a> enables agentless forensic scanning by collecting and analyzing forensic artifacts from ESXi hosts.<\/p>\n<ul style=\"font-weight: 400;\">\n<li><strong>One-time assessments<\/strong>: The Python-based <strong>Thunderstorm Collector<\/strong> is deployed to an ESXi system and executed locally to collect relevant files, such as configuration files and logs. The collector applies default filtering criteria but can be customized to collect files based on parameters like modification date, size, and type (e.g., all files modified within the last 30 days).<\/li>\n<li><strong>Periodic compromise assessments<\/strong>: If <strong>Secure Boot is disabled<\/strong>, a persistent job can be configured to regularly collect artifacts from the ESXi host. If <strong>Secure Boot is enabled<\/strong>, periodic collection must be configured using <strong>Ansible<\/strong>, following Nextron\u2019s implementation guidelines.<\/li>\n<li><strong>Forensic analysis<\/strong>: Collected files are automatically uploaded to <a href=\"https:\/\/www.nextron-systems.com\/thor-thunderstorm\/\" target=\"_blank\" rel=\"noopener\">THOR Thunderstorm<\/a> for real-time analysis, leveraging YARA and Sigma rules to detect hidden attacker activity, unauthorized changes, and persistence mechanisms.<\/li>\n<\/ul>\n<p style=\"font-weight: 400;\"><strong>Best for:<\/strong><\/p>\n<ul style=\"font-weight: 400;\">\n<li>Agent-less, forensic collection from ESXi hosts.<\/li>\n<li>Environments requiring continuous or scheduled compromise assessments.<\/li>\n<li>Situations where Secure Boot settings impact persistent collection methods.<\/li>\n<\/ul>\n<h3><strong>2. THOR with SSHFS: Remote File System Scanning<\/strong><\/h3>\n<p style=\"font-weight: 400;\"><a href=\"https:\/\/www.nextron-systems.com\/thor\/\" target=\"_blank\" rel=\"noopener\">THOR<\/a> can be used to scan an ESXi system remotely by mounting its file system via SSHFS and analyzing files from a separate scanning host.<\/p>\n<ul style=\"font-weight: 400;\">\n<li><strong>Setup<\/strong>: The scanning host requires a direct and <strong>permanent SSH connection<\/strong> to the ESXi system.<\/li>\n<li><strong>File transfer overhead<\/strong>: Unlike <a href=\"https:\/\/www.nextron-systems.com\/thor-thunderstorm\/\" target=\"_blank\" rel=\"noopener\">Thunderstorm<\/a>, where only selected forensic artifacts are uploaded for analysis, SSHFS scanning transfers all files over SSH, resulting in higher network load.<\/li>\n<li><strong>Deep forensic analysis<\/strong>: <a href=\"https:\/\/www.nextron-systems.com\/thor\/\" target=\"_blank\" rel=\"noopener\">THOR<\/a> is used to scan logs, binaries, and other suspicious files with custom YARA and Sigma rules, providing a comprehensive compromise assessment.<\/li>\n<\/ul>\n<p style=\"font-weight: 400;\"><strong>Best for:<\/strong><\/p>\n<ul style=\"font-weight: 400;\">\n<li>Thorough post-compromise forensic investigations.<\/li>\n<li>Cases where SSH access to ESXi is available and sustained network load is acceptable.<\/li>\n<li>Advanced hunting for persistence mechanisms and hidden threats.<\/li>\n<\/ul>\n<p style=\"font-weight: 400;\">For more details on ESXi compromise assessments using THOR, refer to: <a href=\"https:\/\/www.nextron-systems.com\/2023\/02\/14\/how-to-scan-esxi-systems-using-thor\/\">How to Scan ESXi Systems Using THOR<\/a>.<\/p>\n<div>\n<h2><strong>Patching Alone Won\u2019t Tell You If You\u2019ve Been Breached \u2013 THOR Will<\/strong><\/h2>\n<\/div>\n<div>\n<p>Patching is essential, but it must be combined with a<span class=\"apple-converted-space\">\u00a0<\/span><strong>compromise assessment<\/strong><span class=\"apple-converted-space\">\u00a0<\/span>to ensure your environment is truly secure. Instead of assuming you\u2019re safe just because a patch is applied, leverage a<span class=\"apple-converted-space\">\u00a0<\/span><strong>deep forensic investigation<\/strong><span class=\"apple-converted-space\">\u00a0<\/span>to uncover any traces of an attacker\u2019s presence.<\/p>\n<\/div>\n<div>\n<p>If your security plan relies solely on<span class=\"apple-converted-space\">\u00a0<\/span><strong>waiting for patches<\/strong>, you\u2019re always reacting too late &#8211; plus, you may already have an<span class=\"apple-converted-space\">\u00a0<\/span><strong>active breach<\/strong>.<\/p>\n<\/div>\n<div>\n<p><strong>Don&#8217;t leave your security to chance.<\/strong><span class=\"apple-converted-space\">\u00a0<\/span><a href=\"https:\/\/www.nextron-systems.com\/get-started\/\">Contact us<\/a> to learn how <a href=\"https:\/\/www.nextron-systems.com\/thor\/\">THOR<\/a> can help you verify whether attackers have already compromised your infrastructure.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<p>[\/et_pb_text][\/et_pb_column][\/et_pb_row][\/et_pb_section]<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Many organizations make a critical mistake when responding to actively exploited zero-day vulnerabilities: they patch but don\u2019t investigate. Think about it this way: If your front door was left wide open for weeks, would you just lock it and walk away? If attackers had unrestricted access to your environment, simply closing the door won\u2019t undo the damage. The real problem isn\u2019t the vulnerability itself &#8211; it\u2019s what happened while your systems were exposed. The Real Threat is What You Don&#8217;t See VMware recently just confirmed three newly exploited zero-day vulnerabilities (CVE-2025-22224, CVE-2025-22225, CVE-2025-22226) affecting ESXi products. As expected, VMware has released patches. But patching alone won\u2019t tell you if attackers already breached your systems. The right question at this stage should be:\u00a0Did attackers already gain access to your IT environments? If your ESXi hosts were vulnerable, you must be able to answer the following: Were attackers already inside? Did they steal credentials, sensitive configurations, or data? Have they installed backdoors or persistence mechanisms? Did they move laterally and escalate privileges? Are there hidden scripts, tools, or logs covering their tracks? A patch prevents future exploitation, but it doesn\u2019t reveal what happened before. If you don\u2019t investigate, you\u2019re operating on\u00a0blind trust. [&hellip;]<\/p>\n","protected":false},"author":21,"featured_media":16537,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"on","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[749,1,760,32,574],"tags":[69,5,787],"class_list":["post-25074","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-homepage","category-nextron","category-recommended","category-thor","category-thunderstorm","tag-compromise-assessment","tag-thor","tag-thor-thunderstorm"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v24.9 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Patching is Not Enough: Why You Must Search for Hidden Intrusions<\/title>\n<meta name=\"description\" content=\"Patching isn\u2019t enough\u2014verify ESXi breaches with THOR. Detect hidden threats, persistence, and unauthorized access.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.nextron-systems.com\/2025\/03\/11\/patching-is-not-enough\/\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.nextron-systems.com\/2025\/03\/11\/patching-is-not-enough\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.nextron-systems.com\/2025\/03\/11\/patching-is-not-enough\/\"},\"author\":{\"name\":\"Nextron Threat Research Team\",\"@id\":\"https:\/\/www.nextron-systems.com\/#\/schema\/person\/c85023b02fb7500513bb7464c4d36a96\"},\"headline\":\"Patching is Not Enough: Why You Must Search for Hidden Intrusions\",\"datePublished\":\"2025-03-11T13:59:45+00:00\",\"dateModified\":\"2025-04-11T12:53:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.nextron-systems.com\/2025\/03\/11\/patching-is-not-enough\/\"},\"wordCount\":955,\"publisher\":{\"@id\":\"https:\/\/www.nextron-systems.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.nextron-systems.com\/2025\/03\/11\/patching-is-not-enough\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2023\/03\/cyb3rops_Thor_checking_a_desktop_computer_for_viruses_blue_ligh_15545217-6bf0-4dc9-9f39-f45e8a270236.png\",\"keywords\":[\"compromise assessment\",\"thor\",\"THOR Thunderstorm\"],\"articleSection\":[\"Homepage\",\"Nextron\",\"Recommended\",\"THOR\",\"Thunderstorm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.nextron-systems.com\/2025\/03\/11\/patching-is-not-enough\/\",\"url\":\"https:\/\/www.nextron-systems.com\/2025\/03\/11\/patching-is-not-enough\/\",\"name\":\"Patching is Not Enough: Why You Must Search for Hidden Intrusions\",\"isPartOf\":{\"@id\":\"https:\/\/www.nextron-systems.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.nextron-systems.com\/2025\/03\/11\/patching-is-not-enough\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.nextron-systems.com\/2025\/03\/11\/patching-is-not-enough\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2023\/03\/cyb3rops_Thor_checking_a_desktop_computer_for_viruses_blue_ligh_15545217-6bf0-4dc9-9f39-f45e8a270236.png\",\"datePublished\":\"2025-03-11T13:59:45+00:00\",\"dateModified\":\"2025-04-11T12:53:00+00:00\",\"description\":\"Patching isn\u2019t enough\u2014verify ESXi breaches with THOR. Detect hidden threats, persistence, and unauthorized access.\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.nextron-systems.com\/2025\/03\/11\/patching-is-not-enough\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.nextron-systems.com\/2025\/03\/11\/patching-is-not-enough\/#primaryimage\",\"url\":\"https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2023\/03\/cyb3rops_Thor_checking_a_desktop_computer_for_viruses_blue_ligh_15545217-6bf0-4dc9-9f39-f45e8a270236.png\",\"contentUrl\":\"https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2023\/03\/cyb3rops_Thor_checking_a_desktop_computer_for_viruses_blue_ligh_15545217-6bf0-4dc9-9f39-f45e8a270236.png\",\"width\":1536,\"height\":1024},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.nextron-systems.com\/#website\",\"url\":\"https:\/\/www.nextron-systems.com\/\",\"name\":\"Nextron Systems\",\"description\":\"We Detect Hackers\",\"publisher\":{\"@id\":\"https:\/\/www.nextron-systems.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.nextron-systems.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.nextron-systems.com\/#organization\",\"name\":\"Nextron Systems GmbH\",\"url\":\"https:\/\/www.nextron-systems.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.nextron-systems.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2017\/11\/Nextron_0.2s_inv_symbol_only.png\",\"contentUrl\":\"https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2017\/11\/Nextron_0.2s_inv_symbol_only.png\",\"width\":260,\"height\":260,\"caption\":\"Nextron Systems GmbH\"},\"image\":{\"@id\":\"https:\/\/www.nextron-systems.com\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.nextron-systems.com\/#\/schema\/person\/c85023b02fb7500513bb7464c4d36a96\",\"name\":\"Nextron Threat Research Team\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.nextron-systems.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/93ef820b74086420190263e5fff9169f?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/93ef820b74086420190263e5fff9169f?s=96&d=mm&r=g\",\"caption\":\"Nextron Threat Research Team\"},\"url\":\"https:\/\/www.nextron-systems.com\/author\/threat_research\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Patching is Not Enough: Why You Must Search for Hidden Intrusions","description":"Patching isn\u2019t enough\u2014verify ESXi breaches with THOR. Detect hidden threats, persistence, and unauthorized access.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.nextron-systems.com\/2025\/03\/11\/patching-is-not-enough\/","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.nextron-systems.com\/2025\/03\/11\/patching-is-not-enough\/#article","isPartOf":{"@id":"https:\/\/www.nextron-systems.com\/2025\/03\/11\/patching-is-not-enough\/"},"author":{"name":"Nextron Threat Research Team","@id":"https:\/\/www.nextron-systems.com\/#\/schema\/person\/c85023b02fb7500513bb7464c4d36a96"},"headline":"Patching is Not Enough: Why You Must Search for Hidden Intrusions","datePublished":"2025-03-11T13:59:45+00:00","dateModified":"2025-04-11T12:53:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.nextron-systems.com\/2025\/03\/11\/patching-is-not-enough\/"},"wordCount":955,"publisher":{"@id":"https:\/\/www.nextron-systems.com\/#organization"},"image":{"@id":"https:\/\/www.nextron-systems.com\/2025\/03\/11\/patching-is-not-enough\/#primaryimage"},"thumbnailUrl":"https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2023\/03\/cyb3rops_Thor_checking_a_desktop_computer_for_viruses_blue_ligh_15545217-6bf0-4dc9-9f39-f45e8a270236.png","keywords":["compromise assessment","thor","THOR Thunderstorm"],"articleSection":["Homepage","Nextron","Recommended","THOR","Thunderstorm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.nextron-systems.com\/2025\/03\/11\/patching-is-not-enough\/","url":"https:\/\/www.nextron-systems.com\/2025\/03\/11\/patching-is-not-enough\/","name":"Patching is Not Enough: Why You Must Search for Hidden Intrusions","isPartOf":{"@id":"https:\/\/www.nextron-systems.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.nextron-systems.com\/2025\/03\/11\/patching-is-not-enough\/#primaryimage"},"image":{"@id":"https:\/\/www.nextron-systems.com\/2025\/03\/11\/patching-is-not-enough\/#primaryimage"},"thumbnailUrl":"https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2023\/03\/cyb3rops_Thor_checking_a_desktop_computer_for_viruses_blue_ligh_15545217-6bf0-4dc9-9f39-f45e8a270236.png","datePublished":"2025-03-11T13:59:45+00:00","dateModified":"2025-04-11T12:53:00+00:00","description":"Patching isn\u2019t enough\u2014verify ESXi breaches with THOR. Detect hidden threats, persistence, and unauthorized access.","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.nextron-systems.com\/2025\/03\/11\/patching-is-not-enough\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.nextron-systems.com\/2025\/03\/11\/patching-is-not-enough\/#primaryimage","url":"https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2023\/03\/cyb3rops_Thor_checking_a_desktop_computer_for_viruses_blue_ligh_15545217-6bf0-4dc9-9f39-f45e8a270236.png","contentUrl":"https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2023\/03\/cyb3rops_Thor_checking_a_desktop_computer_for_viruses_blue_ligh_15545217-6bf0-4dc9-9f39-f45e8a270236.png","width":1536,"height":1024},{"@type":"WebSite","@id":"https:\/\/www.nextron-systems.com\/#website","url":"https:\/\/www.nextron-systems.com\/","name":"Nextron Systems","description":"We Detect Hackers","publisher":{"@id":"https:\/\/www.nextron-systems.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.nextron-systems.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.nextron-systems.com\/#organization","name":"Nextron Systems GmbH","url":"https:\/\/www.nextron-systems.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.nextron-systems.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2017\/11\/Nextron_0.2s_inv_symbol_only.png","contentUrl":"https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2017\/11\/Nextron_0.2s_inv_symbol_only.png","width":260,"height":260,"caption":"Nextron Systems GmbH"},"image":{"@id":"https:\/\/www.nextron-systems.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.nextron-systems.com\/#\/schema\/person\/c85023b02fb7500513bb7464c4d36a96","name":"Nextron Threat Research Team","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.nextron-systems.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/93ef820b74086420190263e5fff9169f?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/93ef820b74086420190263e5fff9169f?s=96&d=mm&r=g","caption":"Nextron Threat Research Team"},"url":"https:\/\/www.nextron-systems.com\/author\/threat_research\/"}]}},"_links":{"self":[{"href":"https:\/\/www.nextron-systems.com\/wp-json\/wp\/v2\/posts\/25074","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.nextron-systems.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.nextron-systems.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.nextron-systems.com\/wp-json\/wp\/v2\/users\/21"}],"replies":[{"embeddable":true,"href":"https:\/\/www.nextron-systems.com\/wp-json\/wp\/v2\/comments?post=25074"}],"version-history":[{"count":6,"href":"https:\/\/www.nextron-systems.com\/wp-json\/wp\/v2\/posts\/25074\/revisions"}],"predecessor-version":[{"id":25096,"href":"https:\/\/www.nextron-systems.com\/wp-json\/wp\/v2\/posts\/25074\/revisions\/25096"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.nextron-systems.com\/wp-json\/wp\/v2\/media\/16537"}],"wp:attachment":[{"href":"https:\/\/www.nextron-systems.com\/wp-json\/wp\/v2\/media?parent=25074"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.nextron-systems.com\/wp-json\/wp\/v2\/categories?post=25074"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.nextron-systems.com\/wp-json\/wp\/v2\/tags?post=25074"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}