{"id":125695,"date":"2021-02-15T17:53:28","date_gmt":"2021-02-16T01:53:28","guid":{"rendered":"https:\/\/www.paloaltonetworks.com\/blog\/?p=125695"},"modified":"2021-02-15T17:59:30","modified_gmt":"2021-02-16T01:59:30","slug":"u42-bendybear","status":"publish","type":"post","link":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/2021\/02\/u42-bendybear\/?lang=ja","title":{"rendered":"BendyBear\u306e\u540d\u3067\u77e5\u3089\u308c\u308b\u9ad8\u5ea6\u306a\u30b5\u30a4\u30d0\u30fc\u30b9\u30d1\u30a4\u30c4\u30fc\u30eb\u3092\u66b4\u304f"},"content":{"rendered":"<p>2021\u5e742\u67089\u65e5\u3001Unit 42\u306f\u3053\u308c\u307e\u3067\u306b\u77e5\u3089\u308c\u308b\u4e2d\u3067\u3082\u6700\u3082\u6d17\u7df4\u3055\u308c\u305f\u30b5\u30a4\u30d0\u30fc\u30b9\u30d1\u30a4\u30c4\u30fc\u30eb\u306e1\u3064\u3067\u3042\u308bBendyBear\u306e\u767a\u898b\u306b\u3064\u3044\u3066\u306e\u8a18\u4e8b\u3092\u516c\u958b\u3057\u307e\u3057\u305f\u3002\u540c\u30c4\u30fc\u30eb\u306f\u305d\u306e\u8a2d\u8a08\u4e0a<em>\u975e\u5e38\u306b<\/em>\u30b9\u30c6\u30eb\u30b9\u6027\u304c\u9ad8\u304f\u3001\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u88fd\u54c1\u306b\u3088\u308b\u691c\u51fa\u3084\u8105\u5a01\u30ea\u30b5\u30fc\u30c1\u30e3\u30fc\u306b\u3088\u308b\u30ea\u30d0\u30fc\u30b9\u30a8\u30f3\u30b8\u30cb\u30a2\u30ea\u30f3\u30b0\u304c\u975e\u5e38\u306b\u96e3\u3057\u3044\u3082\u306e\u3068\u306a\u3063\u3066\u3044\u307e\u3059\u3002Unit 42\u306f\u3001\u3053\u306e\u30c4\u30fc\u30eb\u306e\u6a5f\u80fd\u306b\u95a2\u3059\u308b\u8a73\u7d30\u306a\u30ec\u30dd\u30fc\u30c8\u3092\u516c\u958b\u3057\u307e\u3057\u305f\u3002\u305d\u308c\u304c\u300c<a href=\"https:\/\/unit42.paloaltonetworks.jp\/bendybear-shellcode-blacktech\/\" rel=\"nofollow,noopener\" >BendyBear: \u30b5\u30a4\u30d0\u30fc\u30b9\u30d1\u30a4\u30b0\u30eb\u30fc\u30d7BlackTech\u3068\u30ea\u30f3\u30af\u3055\u308c\u305f\u65b0\u3057\u3044\u4e2d\u56fd\u306e\u30b7\u30a7\u30eb\u30b3\u30fc\u30c9<\/a>\u300d\u3067\u3059\u3002<\/p>\n<p>BendyBear\u306f\u5225\u306e\u30de\u30eb\u30a6\u30a7\u30a2WaterBear\u306e\u4e9c\u7a2e\u306e\u3088\u3046\u3067\u3059\u3002\u30a2\u30af\u30c6\u30a3\u30d3\u30c6\u30a3\u3092\u96a0\u853d\u3057\u3066\u6a2a\u5c55\u958b\u3092\u884c\u3046\u5f8c\u8005\u3068\u306f\u5f37\u3044\u985e\u4f3c\u6027\u304c\u898b\u3089\u308c\u307e\u3059\u3002\u306a\u304a\u3001<a href=\"https:\/\/www.trendmicro.com\/en_us\/research\/19\/l\/waterbear-is-back-uses-api-hooking-to-evade-security-product-detection.html\" rel=\"nofollow,noopener\" >Trend Micro<\/a>\u3084<a href=\"https:\/\/blogs.jpcert.or.jp\/ja\/2020\/02\/japan-security-analyst-conference-2020-1.html\" rel=\"nofollow,noopener\" >TeamT5<\/a>\u306a\u3069\u3092\u306f\u3058\u3081\u3068\u3059\u308b\u30ea\u30b5\u30fc\u30c1\u30e3\u30fc\u306f\u3001WaterBear\u3092\u653b\u6483\u30b0\u30eb\u30fc\u30d7BlackTech\u306b\u5e30\u5c5e\u3055\u305b\u3066\u3044\u308b\u306e\u3067\u3059\u304c\u3001\u3053\u306eBlackTech\u306f<a href=\"https:\/\/www.taiwannews.com.tw\/en\/news\/3991160\" rel=\"nofollow,noopener\" >\u4e2d\u56fd\u653f\u5e9c<\/a>\u3068\u30ea\u30f3\u30af\u3057\u3066\u3044\u308b\u3068\u8a55\u4fa1\u3055\u308c\u3066\u3044\u308b\u653b\u6483\u30b0\u30eb\u30fc\u30d7\u3067\u3001\u65e9\u3051\u308c\u30702009\u5e74\u306b\u3055\u304b\u306e\u307c\u3063\u3066\u3001\u6771\u30a2\u30b8\u30a2\u306e\u653f\u5e9c\u3084\u6280\u8853\u7d44\u7e54\u3078\u306e\u653b\u6483\u306b\u8cac\u4efb\u304c\u3042\u308b\u3068\u8003\u3048\u3089\u308c\u3066\u3044\u307e\u3059\u3002<\/p>\n<p>BendyBear\u306f\u3001RC4\u6697\u53f7\u306e\u4fee\u6b63\u7248\u3092\u4f7f\u7528\u3057\u307e\u3059\u3002\u3053\u308c\u306b\u3088\u308a\u6697\u53f7\u5f37\u5ea6\u304c\u5897\u3057\u3001\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u901a\u4fe1\u906e\u65ad\u306f\u3044\u3063\u305d\u3046\u56f0\u96e3\u306b\u306a\u308a\u307e\u3059\u3002\u307e\u305fBendyBear\u306f\u30de\u30eb\u30a6\u30a7\u30a2\u306b\u30ab\u30e1\u30ec\u30aa\u30f3\u306e\u3088\u3046\u306a\u6a5f\u80fd\u3092\u4e0e\u3048\u308b\u30dd\u30ea\u30e2\u30fc\u30d5\u30a3\u30c3\u30af\u30b3\u30fc\u30c9\u3092\u4f7f\u7528\u3057\u3066\u304a\u308a\u3001\u30e9\u30f3\u30bf\u30a4\u30e0\u5b9f\u884c\u4e2d\u306b\u30d0\u30a4\u30c8\u64cd\u4f5c\u3092\u884c\u3046\u3053\u3068\u3067\u3001\u8aad\u307f\u53d6\u308a\u304c\u3067\u304d\u305a\u3001\u8aad\u307f\u53d6\u3063\u3066\u3082\u5185\u5bb9\u304c\u308f\u304b\u3089\u305a\u3001\u691c\u51fa\u304c\u975e\u5e38\u306b\u96e3\u3057\u3044\u3082\u306e\u306b\u306a\u3063\u3066\u3044\u307e\u3059\u3002\u540c\u30de\u30eb\u30a6\u30a7\u30a2\u306f\u30da\u30a4\u30ed\u30fc\u30c9\u3092\u30d5\u30a1\u30a4\u30eb\u30b7\u30b9\u30c6\u30e0\u3067\u306f\u306a\u304f\u30e1\u30e2\u30ea\u306b\u76f4\u63a5\u30ed\u30fc\u30c9\u3059\u308b\u306e\u3067\u5f93\u6765\u578b\u306e\u30d5\u30a3\u30f3\u30ac\u30fc\u30d7\u30ea\u30f3\u30c8\u3082\u6b8b\u3089\u305a\u3001\u8105\u5a01\u30ea\u30b5\u30fc\u30c1\u30e3\u30fc\u3084\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u88fd\u54c1\u304c\u3053\u3046\u3057\u305f\u30d5\u30a3\u30f3\u30ac\u30fc\u30d7\u30ea\u30f3\u30c8\u3092\u3082\u3068\u306b\u898b\u3064\u3051\u308b\u3053\u3068\u304c\u3067\u304d\u306a\u3044\u3088\u3046\u306b\u306a\u3063\u3066\u3044\u307e\u3059\u3002\u3053\u308c\u3089\u306e\u6a5f\u80fd\u306e\u304a\u304b\u3052\u3067\u540c\u30de\u30eb\u30a6\u30a7\u30a2\u306e\u691c\u51fa\u306f\u975e\u5e38\u306b\u56f0\u96e3\u3067\u3059\u3002<\/p>\n<p>Unit 42\u306f\u3053\u306eBendyBear\u306b\u95a2\u3059\u308b\u60c5\u5831\u3092Cyber ThreatAlliance\u3092\u542b\u3080\u4fe1\u983c\u3067\u304d\u308b\u653f\u5e9c\u304a\u3088\u3073\u696d\u754c\u30d1\u30fc\u30c8\u30ca\u30fc\u3068\u3059\u3067\u306b\u5171\u6709\u6e08\u307f\u3067\u3059\u3002\u5171\u6709\u30c7\u30fc\u30bf\u306b\u306f\u3001\u7d44\u7e54\u304cBendyBear\u306b\u3088\u3063\u3066\u4fb5\u5bb3\u3055\u308c\u305f\u304b\u3069\u3046\u304b\u3092\u5224\u65ad\u3057\u3001\u5c06\u6765\u306e\u653b\u6483\u3092\u30d6\u30ed\u30c3\u30af\u3059\u308b\u305f\u3081\u306b\u4f7f\u7528\u3067\u304d\u308b\u4fb5\u5165\u306e\u75d5\u8de1\uff08IoC\uff09\u304c\u542b\u307e\u308c\u3066\u3044\u307e\u3059\u3002<\/p>\n<p>\u30d1\u30ed\u30a2\u30eb\u30c8\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u30b9\u306f\u3001\u3053\u306e\u60c5\u5831\u516c\u958b\u306b\u3088\u3063\u3066\u3001BendyBear\u304c\u5341\u5206\u306a\u6ce8\u76ee\u3092\u96c6\u3081\u3001\u30b5\u30a4\u30d0\u30fc\u30b9\u30d1\u30a4\u6d3b\u52d5\u4e0a\u3001\u3044\u307e\u3088\u308a\u305a\u3063\u3068\u52b9\u679c\u306e\u4f4e\u3044\u30c4\u30fc\u30eb\u3068\u306a\u308b\u3053\u3068\u3092\u671f\u5f85\u3057\u3066\u3044\u307e\u3059\u3002\u305d\u306e\u3046\u3048\u3067\u3001\u5404\u7d44\u7e54\u306e\u7686\u3055\u307e\u306f\u9ad8\u5ea6\u306a\u6226\u8853\u3067\u691c\u51fa\u3092\u56de\u907f\u3057\u3066\u304f\u308b<a href=\"https:\/\/www.crn.com\/news\/security\/solarwinds-should-have-been-more-vigilant-palo-alto-networks-ceo\" rel=\"nofollow,noopener\" >SolarWinds\u306e\u653b\u6483<\/a>\u306e\u3088\u3046\u306a\u653b\u6483\u8005\u306b\u5bfe\u3059\u308b\u8b66\u6212\u3092\u6020\u3089\u306a\u3044\u3088\u3046\u306b\u304a\u9858\u3044\u3044\u305f\u3057\u307e\u3059\u3002<\/p>\n<p>\u30d1\u30ed\u30a2\u30eb\u30c8\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u30b9\u306f\u3001\u672c\u7a3f\u306b\u6982\u8aac\u3057\u305fBendyBear\u306e\u653b\u6483\u304b\u3089\u306e\u4fdd\u8b77\u3092<a href=\"https:\/\/www.paloaltonetworks.jp\/cortex\/cortex-xdr\" rel=\"nofollow,noopener\" >Cortex XDR<\/a>\u3001<a href=\"https:\/\/www.paloaltonetworks.jp\/products\/threat-detection-and-prevention\/dns-security\" rel=\"nofollow,noopener\" >DNS\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3<\/a>\u3001<a href=\"https:\/\/www.paloaltonetworks.jp\/products\/threat-detection-and-prevention\/web-security\" rel=\"nofollow,noopener\" >URL\u30d5\u30a3\u30eb\u30bf\u30ea\u30f3\u30b0<\/a>\u3001<a href=\"https:\/\/www.paloaltonetworks.jp\/products\/secure-the-network\/wildfire\" rel=\"nofollow,noopener\" >WildFire<\/a>\u30b5\u30d6\u30b9\u30af\u30ea\u30d7\u30b7\u30e7\u30f3\u3092\u5099\u3048\u305f<a href=\"https:\/\/www.paloaltonetworks.jp\/network-security\/next-generation-firewall\" rel=\"nofollow,noopener\" >\u6b21\u4e16\u4ee3\u30d5\u30a1\u30a4\u30a2\u30a6\u30a9\u30fc\u30eb<\/a>\u3092\u901a\u3058\u3066\u63d0\u4f9b\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>2021\u5e742\u67089\u65e5\u3001Unit 42\u306f\u3053\u308c\u307e\u3067\u306b\u77e5\u3089\u308c\u308b\u4e2d\u3067\u3082\u6700\u3082\u6d17\u7df4\u3055\u308c\u305f\u30b5\u30a4\u30d0\u30fc\u30b9\u30d1\u30a4\u30c4\u30fc\u30eb\u306e1\u3064\u3067\u3042\u308bBendyBear\u306e\u767a\u898b\u306b\u3064\u3044\u3066\u306e\u8a18\u4e8b\u3092\u516c\u958b\u3057\u307e\u3057\u305f\u3002\u540c\u30c4\u30fc\u30eb\u306f\u305d\u306e\u8a2d\u8a08\u4e0a\u975e\u5e38\u306b\u30b9\u30c6\u30eb\u30b9\u6027\u304c\u9ad8\u304f\u3001\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u88fd\u54c1\u306b\u3088\u308b\u691c\u51fa\u3084\u8105\u5a01\u30ea\u30b5\u30fc\u30c1\u30e3\u30fc\u306b\u3088\u308b\u30ea\u30d0\u30fc\u30b9\u30a8\u30f3\u30b8\u30cb\u30a2\u30ea\u30f3\u30b0\u304c\u975e\u5e38\u306b\u96e3\u3057\u3044\u3082\u306e\u3068\u306a\u3063\u3066\u3044\u307e\u3059\u3002Unit 42\u306f\u3001\u3053\u306e\u30c4\u30fc\u30eb\u306e\u6a5f\u80fd\u306b\u95a2\u3059\u308b\u8a73\u7d30\u306a\u30ec\u30dd\u30fc\u30c8\u3092\u516c\u958b\u3057\u307e\u3057\u305f\u3002\u305d\u308c\u304c\u300cBendyBear: \u30b5\u30a4\u30d0\u30fc\u30b9\u30d1\u30a4\u30b0\u30eb\u30fc\u30d7BlackTech\u3068\u30ea\u30f3\u30af\u3055\u308c\u305f\u65b0\u3057\u3044\u4e2d\u56fd\u306e\u30b7\u30a7\u30eb\u30b3\u30fc\u30c9\u300d\u3067\u3059\u3002 BendyBear\u306f\u5225\u306e\u30de\u30eb\u30a6\u30a7\u30a2WaterBear\u306e\u4e9c\u7a2e\u306e\u3088\u3046\u3067\u3059\u3002\u30a2\u30af\u30c6\u30a3\u30d3\u30c6\u30a3\u3092\u96a0\u853d\u3057\u3066\u6a2a\u5c55\u958b\u3092\u884c\u3046\u5f8c\u8005\u3068\u306f\u5f37\u3044\u985e\u4f3c\u6027\u304c\u898b\u3089\u308c\u307e\u3059\u3002\u306a\u304a\u3001Trend Micro\u3084TeamT5\u306a\u3069\u3092\u306f\u3058\u3081\u3068\u3059\u308b\u30ea\u30b5\u30fc\u30c1\u30e3\u30fc\u306f\u3001WaterBear\u3092\u653b\u6483\u30b0\u30eb\u30fc\u30d7BlackTech\u306b\u5e30\u5c5e\u3055\u305b\u3066\u3044\u308b\u306e\u3067\u3059\u304c\u3001\u3053\u306eBlackTech\u306f\u4e2d\u56fd\u653f\u5e9c\u3068\u30ea\u30f3\u30af\u3057\u3066\u3044\u308b\u3068\u8a55\u4fa1\u3055\u308c\u3066\u3044\u308b\u653b\u6483\u30b0\u30eb\u30fc\u30d7\u3067\u3001\u65e9\u3051\u308c\u30702009\u5e74\u306b\u3055\u304b\u306e\u307c\u3063\u3066\u3001\u6771\u30a2\u30b8\u30a2\u306e\u653f\u5e9c\u3084\u6280\u8853\u7d44\u7e54\u3078\u306e\u653b\u6483\u306b\u8cac\u4efb\u304c\u3042\u308b\u3068\u8003\u3048\u3089\u308c\u3066\u3044\u307e\u3059\u3002 BendyBear\u306f\u3001RC4\u6697\u53f7\u306e\u4fee\u6b63\u7248\u3092\u4f7f\u7528\u3057\u307e\u3059\u3002\u3053\u308c\u306b\u3088\u308a\u6697\u53f7\u5f37\u5ea6\u304c\u5897\u3057\u3001\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u901a\u4fe1\u906e\u65ad\u306f\u3044\u3063\u305d\u3046\u56f0\u96e3\u306b\u306a\u308a\u307e\u3059\u3002\u307e\u305fBendyBear\u306f\u30de\u30eb\u30a6\u30a7\u30a2\u306b\u30ab\u30e1\u30ec\u30aa\u30f3\u306e\u3088\u3046\u306a\u6a5f\u80fd\u3092\u4e0e\u3048\u308b\u30dd\u30ea\u30e2\u30fc\u30d5\u30a3\u30c3\u30af\u30b3\u30fc\u30c9\u3092\u4f7f\u7528\u3057\u3066\u304a\u308a\u3001\u30e9\u30f3\u30bf\u30a4\u30e0\u5b9f\u884c\u4e2d\u306b\u30d0\u30a4\u30c8\u64cd\u4f5c\u3092\u884c\u3046\u3053\u3068\u3067\u3001\u8aad\u307f\u53d6\u308a\u304c\u3067\u304d\u305a\u3001\u8aad\u307f\u53d6\u3063\u3066\u3082\u5185\u5bb9\u304c\u308f\u304b\u3089\u305a\u3001\u691c\u51fa\u304c\u975e\u5e38\u306b\u96e3\u3057\u3044\u3082\u306e\u306b\u306a\u3063\u3066\u3044\u307e\u3059\u3002\u540c\u30de\u30eb\u30a6\u30a7\u30a2\u306f\u30da\u30a4\u30ed\u30fc\u30c9\u3092\u30d5\u30a1\u30a4\u30eb\u30b7\u30b9\u30c6\u30e0\u3067\u306f\u306a\u304f\u30e1\u30e2\u30ea\u306b\u76f4\u63a5\u30ed\u30fc\u30c9\u3059\u308b\u306e\u3067\u5f93\u6765\u578b\u306e\u30d5\u30a3\u30f3\u30ac\u30fc\u30d7\u30ea\u30f3\u30c8\u3082\u6b8b\u3089\u305a\u3001\u8105\u5a01\u30ea\u30b5\u30fc\u30c1\u30e3\u30fc\u3084\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u88fd\u54c1\u304c\u3053\u3046\u3057\u305f\u30d5\u30a3\u30f3\u30ac\u30fc\u30d7\u30ea\u30f3\u30c8\u3092\u3082\u3068\u306b\u898b\u3064\u3051\u308b\u3053\u3068\u304c\u3067\u304d\u306a\u3044\u3088\u3046\u306b\u306a\u3063\u3066\u3044\u307e\u3059\u3002\u3053\u308c\u3089\u306e\u6a5f\u80fd\u306e\u304a\u304b\u3052\u3067\u540c\u30de\u30eb\u30a6\u30a7\u30a2\u306e\u691c\u51fa\u306f\u975e\u5e38\u306b\u56f0\u96e3\u3067\u3059\u3002 Unit 42\u306f\u3053\u306eBendyBear\u306b\u95a2\u3059\u308b\u60c5\u5831\u3092Cyber ThreatAlliance\u3092\u542b\u3080\u4fe1\u983c\u3067\u304d\u308b\u653f\u5e9c\u304a\u3088\u3073\u696d\u754c\u30d1\u30fc\u30c8\u30ca\u30fc\u3068\u3059\u3067\u306b\u5171\u6709\u6e08\u307f\u3067\u3059\u3002\u5171\u6709\u30c7\u30fc\u30bf\u306b\u306f\u3001\u7d44\u7e54\u304cBendyBear\u306b\u3088\u3063\u3066\u4fb5\u5bb3\u3055\u308c\u305f\u304b\u3069\u3046\u304b\u3092\u5224\u65ad\u3057\u3001\u5c06\u6765\u306e\u653b\u6483\u3092\u30d6\u30ed\u30c3\u30af\u3059\u308b\u305f\u3081\u306b\u4f7f\u7528\u3067\u304d\u308b\u4fb5\u5165\u306e\u75d5\u8de1\uff08IoC\uff09\u304c\u542b\u307e\u308c\u3066\u3044\u307e\u3059\u3002 \u30d1\u30ed\u30a2\u30eb\u30c8\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u30b9\u306f\u3001\u3053\u306e\u60c5\u5831\u516c\u958b\u306b\u3088\u3063\u3066\u3001BendyBear\u304c\u5341\u5206\u306a\u6ce8\u76ee\u3092\u96c6\u3081\u3001\u30b5\u30a4\u30d0\u30fc\u30b9\u30d1\u30a4\u6d3b\u52d5\u4e0a\u3001\u3044\u307e\u3088\u308a\u305a\u3063\u3068\u52b9\u679c\u306e\u4f4e\u3044\u30c4\u30fc\u30eb\u3068\u306a\u308b\u3053\u3068\u3092\u671f\u5f85\u3057\u3066\u3044\u307e\u3059\u3002\u305d\u306e\u3046\u3048\u3067\u3001\u5404\u7d44\u7e54\u306e\u7686\u3055\u307e\u306f\u9ad8\u5ea6\u306a\u6226\u8853\u3067\u691c\u51fa\u3092\u56de\u907f\u3057\u3066\u304f\u308bSolarWinds\u306e\u653b\u6483\u306e\u3088\u3046\u306a\u653b\u6483\u8005\u306b\u5bfe\u3059\u308b\u8b66\u6212\u3092\u6020\u3089\u306a\u3044\u3088\u3046\u306b\u304a\u9858\u3044\u3044\u305f\u3057\u307e\u3059\u3002 \u30d1\u30ed\u30a2\u30eb\u30c8\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u30b9\u306f\u3001\u672c\u7a3f\u306b\u6982\u8aac\u3057\u305fBendyBear\u306e\u653b\u6483\u304b\u3089\u306e\u4fdd\u8b77\u3092Cortex XDR\u3001DNS\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u3001URL\u30d5\u30a3\u30eb\u30bf\u30ea\u30f3\u30b0\u3001WildFire\u30b5\u30d6\u30b9\u30af\u30ea\u30d7\u30b7\u30e7\u30f3\u3092\u5099\u3048\u305f\u6b21\u4e16\u4ee3\u30d5\u30a1\u30a4\u30a2\u30a6\u30a9\u30fc\u30eb\u3092\u901a\u3058\u3066\u63d0\u4f9b\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n","protected":false},"author":65,"featured_media":125404,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[7486],"tags":[7483,6955,7484,7485,7028],"coauthors":[704],"class_list":["post-125695","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-announcement-ja","tag-apt-ja","tag-cortex-xdr-ja","tag-cyber-espionage-ja","tag-malware-ja","tag-ngfw-ja"],"jetpack_featured_media_url":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-content\/uploads\/2021\/02\/Espionage-r3d3.png","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/125695","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/users\/65"}],"replies":[{"embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/comments?post=125695"}],"version-history":[{"count":1,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/125695\/revisions"}],"predecessor-version":[{"id":125696,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/125695\/revisions\/125696"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/media\/125404"}],"wp:attachment":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/media?parent=125695"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/categories?post=125695"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/tags?post=125695"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/coauthors?post=125695"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}