{"id":6822,"date":"2026-02-03T18:03:32","date_gmt":"2026-02-03T18:03:32","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=6822"},"modified":"2026-02-03T18:03:32","modified_gmt":"2026-02-03T18:03:32","slug":"inside-cloud-malware-analysis-techniques-and-real-world-use-cases","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=6822","title":{"rendered":"Inside Cloud Malware Analysis: Techniques and Real-World Use Cases"},"content":{"rendered":"
\n
\n
\n
\n
\n

Key Takeaways<\/h2>\n<\/div>\n<\/div>\n
\n
\n

\t\t\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t\t<\/span>
\n\t\t\t\t\t\t\t\t\t\tCloud malware avoids files, running in memory and abusing cloud-native services to evade legacy antivirus<\/span><\/p>\n

\t\t\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t\t<\/span>
\n\t\t\t\t\t\t\t\t\t\tAttackers exploit misconfigured IAM, APIs, storage, and legitimate management tools for stealthy persistence<\/span><\/p>\n

\t\t\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t\t<\/span>
\n\t\t\t\t\t\t\t\t\t\tFileless execution, living-off-the-land techniques, and encrypted cloud C2 now dominate cloud attacks<\/span><\/p>\n

\t\t\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t\t<\/span>
\n\t\t\t\t\t\t\t\t\t\tStatic, dynamic, and behavioral analysis must work together for effective detection<\/span><\/p>\n

\t\t\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t\t<\/span>
\n\t\t\t\t\t\t\t\t\t\tMemory forensics and behavioral baselining are critical for uncovering hidden threats<\/span><\/p>\n

\t\t\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t\t<\/span>
\n\t\t\t\t\t\t\t\t\t\tLayered visibility across workloads, identities, and traffic is essential to stop modern cloud malware <\/span><\/p><\/div>\n<\/div>\n<\/div>\n<\/div>\n

\n
\n
\n
\n

Cloud environments power modern business, but they also attract sophisticated malware. Attackers target cloud storage, virtual machines, and APIs to hide malicious code and steal sensitive data.<\/span><\/p>\n

This guide explains cloud malware analysis in clear terms. It covers key techniques and real examples to help security teams spot and stop these threats.<\/span><\/p>\n<\/div>\n<\/div>\n

\n
\n

Why Cloud Malware Analysis Matters Now<\/h2>\n<\/div>\n<\/div>\n
\n
\n

Think about what\u2019s happened as companies rushed their operations into cloud environments. You\u2019ve got storage buckets left wide open with years of customer data sitting exposed. Teams share VMs across departments without proper isolation. APIs that should be locked down face constant automated attacks.<\/span><\/p>\n

The old antivirus approach crashes and burns here.\u00a0Cloud malware\u00a0doesn\u2019t\u00a0bother with files\u2014it runs straight from memory, blends into normal\u00a0cloud services\u00a0traffic, and jumps between systems without a trace on disk. Your tools just stare blankly while it happens.<\/span><\/p>\n

Security operations teams get the call too late: ransomware<\/a> has already encrypted the production database, or someone notices customer records trickling out through legitimate-looking uploads. IBM pegged the average breach at $4.88 million last year. That\u2019s not hypothetical\u2014that\u2019s payroll checks bouncing.<\/span><\/p>\n

Security leaders across enterprises demand real visibility now. Basic malware scanning catches yesterday\u2019s threats. Cloud malware analysis shows you the live attack happening across your cloud infrastructure today.<\/span><\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n

\n
\n
\n
\n
\n
No Blind Spots in the Public Cloud<\/div>\n<\/div>\n<\/div>\n
\n
\n

\t\t\t\t\t\t\t\t\t\tCloud malware exploits visibility gaps in public cloud environments.<\/span><\/p>\n

\t\t\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t\t<\/span>
\n\t\t\t\t\t\t\t\t\t\tMap hidden cloud assets and unmanaged services<\/span><\/p>\n

\t\t\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t\t<\/span>
\n\t\t\t\t\t\t\t\t\t\tExpose risky access paths and over-privileged identities<\/span><\/p>\n

\t\t\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t\t<\/span>
\n\t\t\t\t\t\t\t\t\t\tDetect abnormal workload and network behavior early<\/span><\/p><\/div>\n<\/div>\n

\n
\n
\n\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t\t\t\tDownload the eBook<\/span>
\n\t\t\t\t\t<\/span>
\n\t\t\t\t\t<\/a>\n\t\t\t\t<\/div>\n<\/div>\n<\/div>\n<\/div>\n
\n
\n
\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n
\n
\n
\n
\n

How Cloud Malware Differs from Traditional Malware<\/h2>\n<\/div>\n<\/div>\n
\n
\n

Traditional malware drops files on disks. Antivirus tools scan them with signatures and block execution.<\/span><\/p>\n

Cloud malware works differently. It exploits cloud-native features like object storage and serverless functions. Attackers upload seemingly legitimate files packed with malicious code, as documented in the Verizon 2025 Data Breach Investigations Report.<\/span><\/p>\n

Fileless<\/a> variants run entirely in memory. They inject into running processes on virtual machines, mimicking normal user behavior to evade disk-based detection, according to FBI IC3 and CISA\u2019s joint advisory.<\/span><\/p>\n

Cloud threats also\u00a0leverage\u00a0legitimate software. Attackers repurpose built-in cloud management tools for discovery and lateral movement<\/a>\u2014no new binaries needed, per CISA Cybersecurity Performance Goals.<\/span><\/p>\n<\/div>\n<\/div>\n

\n
\n

Cloud vs Traditional Malware: Key Differences<\/h3>\n<\/div>\n<\/div>\n
\n
\n

\t\t\t\t\tAspectTraditional MalwareCloud Malware\t\t\t\t<\/p>\n

\t\t\t\t\tExecution EnvironmentLocal disk, endpointsMemory, VMs, serverless functionsPropagationFile sharing, USBAPI calls, storage buckets, lateral VM movementPersistenceRegistry keys, scheduled tasksStolen session tokens, misconfigured IAM rolesEvasion TechniquesPacking, polymorphismFileless execution, living-off-the-land binariesDetection ChallengesSignature gapsEncrypted C2, legitimate tool abuseImpact RadiusSingle hostEntire cloud account, multi-tenant spread\t\t\t\t<\/p><\/div>\n<\/div>\n

\n
\n

These differences demand cloud-specific analysis approaches over traditional endpoint methods.<\/span><\/span><\/p>\n<\/div>\n<\/div>\n

\n
\n

Key Trends Driving Cloud Malware Attacks<\/h2>\n<\/div>\n<\/div>\n
\n
\n

Attackers shifted focus to cloud in 2025, according to multiple US government and industry reports. Infostealer malware surged 84%, grabbing browser-stored cloud credentials for persistent access, as reported by IBM X-Force. This gives attackers weeks of undetected access.<\/span><\/p>\n

Ransomware groups now target cloud backups first. They encrypt VMs and delete snapshots, leaving organizations unable to recover without paying, per CrowdStrike\u2019s 2025 threat landscape analysis. The impact compounds when attackers also steal data first.<\/span><\/p>\n

Phishing evolved too. Attackers use social engineering to trick helpdesks into resetting multi-factor authentication<\/a> for cloud portals, as detailed in FBI\/CISA advisories. One phone call often bypasses technical controls.<\/span><\/p>\n

The Verizon DBIR 2025 found exploited vulnerabilities caused 32% of breaches. Misconfigured APIs and open buckets let malware spread unchecked across networks. Prevention starts with understanding these patterns.<\/span><\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n

\n
\n
\n
\n

Latest Cloud Malware Trends and Prevention<\/h2>\n<\/div>\n<\/div>\n
\n
\n

Trend 1: Fileless Malware Dominance<\/h3>\n<\/div>\n<\/div>\n
\n
\n

Attackers ditched disk files when they realized memory-only execution beats every traditional scanner. Mandiant\u2019s 2025 report caught the 60% drop in file payloads\u2014cloud malware\u00a0now lives entirely in RAM across your\u00a0VMs.<\/span><\/p>\n

Prevention:<\/strong> Run memory forensics on suspicious cloud workloads and set behavioral baselines that flag weird process behavior.<\/span><\/p>\n<\/div>\n<\/div>\n

\n
\n

Trend 2: Living-Off-the-Land (LOTL) Explosion<\/h3>\n<\/div>\n<\/div>\n
\n
\n

CISA keeps flagging AWS Systems Manager and Azure Runbooks as attacker favorites. These legit\u00a0cloud management tools\u00a0execute malicious commands under admin privileges, looking completely normal.<\/span><\/p>\n

Prevention:<\/strong> Lock privileged APIs with strict allowlists and monitor every management tool execution pattern.<\/span><\/p>\n<\/div>\n<\/div>\n

\n
\n

Trend 3: Encrypted C2 via Legitimate Cloud Services<\/h3>\n<\/div>\n<\/div>\n
\n
\n

FBI IC3 called out MEGA.NZ and OneDrive masking data exfiltration<\/a>. Attackers pipe stolen sensitive data through TLS-encrypted \u201cnormal\u201d cloud storage syncs that content scanners can\u2019t read.<\/span><\/p>\n

Prevention:<\/strong> Watch encrypted traffic metadata<\/a> at cloud gateways\u2014transfer sizes, timing spikes, destination patterns.<\/span><\/p>\n<\/div>\n<\/div>\n

\n
\n

Trend 4: Supply Chain via Cloud Storage<\/h3>\n<\/div>\n<\/div>\n
\n
\n

IBM X-Force flagged public\u00a0container registries\u00a0spreading\u00a0malware\u00a0across clusters. One compromised base image infects every deployment built from it.<\/span><\/p>\n

Prevention:<\/strong> Hit every container with\u00a0static analysis\u00a0+\u00a0vulnerability scanning<\/a>\u00a0before it reaches production.<\/span><\/p>\n

Attackers aren\u2019t breaking in anymore\u2014they\u2019re hiding inside legitimate cloud operations. Layered detection across your cloud infrastructure catches what single tools miss.<\/span><\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n

\n
\n
\n
\n

Core Cloud Malware Analysis Techniques<\/h2>\n<\/div>\n<\/div>\n
\n
\n

Security\u00a0<\/span>teams\u2019<\/span>\u00a0layer three main approaches: static, dynamic, and behavioral. Each targets different malware behaviors in cloud setups.<\/span><\/p>\n<\/div>\n<\/div>\n

\n
\n

Static Analysis Spots Known Threats Fast<\/h3>\n<\/div>\n<\/div>\n
\n
\n

Static analysis examines files and code without running them. It checks for known malware signatures<\/a>, suspicious strings, or vulnerable libraries in uploads.<\/span><\/p>\n

Run it on cloud storage objects, container images, and VM snapshots. This catches common viruses and trojans before they execute, as validated in USENIX Security 2025 research.<\/span><\/p>\n

Pair with vulnerability scanning. Flag outdated operating systems or unpatched cloud services that malware could exploit.<\/span><\/p>\n

It provides quick wins but struggles with obfuscated or fileless threats.<\/span><\/p>\n<\/div>\n<\/div>\n

\n
\n

Dynamic Analysis Reveals Real Behavior<\/h3>\n<\/div>\n<\/div>\n
\n
\n

Dynamic analysis detonates suspicious files in isolated cloud-based malware sandboxes. Watch what happens: Does it call out to C2 servers<\/a>? Modify other files? Escalate privileges?<\/span><\/p>\n

This method uncovers evasion tactics static analysis misses\u2014like memory injection or API abuse. Simulate your exact cloud environment for accurate results, per USENIX findings.<\/span><\/p>\n

Security teams gain deeper analysis into spread patterns. How does it move from one VM to another? What data does it target?<\/span><\/p>\n

Resource-intensive, so use it selectively on high-risk samples.<\/span><\/p>\n<\/div>\n<\/div>\n

\n
\n

Behavioral and Memory Forensics for Hidden Threats<\/h3>\n<\/div>\n<\/div>\n
\n
\n

Behavioral analysis<\/a> baselines normal activity. Alert on anomalies like unusual data uploads from legitimate users or spikes in API calls.<\/span><\/p>\n

Memory forensics digs into RAM dumps from infected VMs. Fileless malware leaves traces here\u2014injected code, stolen credentials, or process hollowing, according to Mandiant analysis.<\/span><\/p>\n

Network monitoring<\/a> complements both. Track traffic for exfiltration or connections to known bad domains, even\u00a0through\u00a0proxies.<\/span><\/p>\n

These techniques together provide comprehensive cloud malware detection.<\/span><\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n

\n
\n
\n
\n

Technique Comparison at a Glance<\/h2>\n<\/div>\n<\/div>\n
\n
\n

Each technique serves a different purpose at\u00a0<\/span>different stages<\/span>\u00a0of detection.<\/span><\/p>\n<\/div>\n<\/div>\n

\n
\n

\t\t\t\t\tTechniqueBest ForSpeedCloud FitLimitations\t\t\t\t<\/p>\n

\t\t\t\t\tStatic AnalysisKnown signatures, uploadsFastestStorage scanningMisses fileless codeDynamic AnalysisEvasion tactics, zero-daysMediumSandbox in cloudExecution riskBehavioral\/MemorySuspicious behavior, persistenceOngoingReal-time VMsNeeds baselines\t\t\t\t<\/p><\/div>\n<\/div>\n

\n
\n

Use static first for volume, dynamic for unknowns, behavioral for production monitoring.<\/span><\/span><\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n

\n
\n
\n
\n

Real-World Cloud Malware Examples<\/h2>\n<\/div>\n<\/div>\n
\n
\n

Case 1: Retailer Supply Chain Breach (FBI\/CISA Scattered Spider)<\/h3>\n<\/div>\n<\/div>\n
\n
\n

Attackers used social engineering<\/a> against helpdesk staff to gain initial cloud access. They deployed credential stealers that harvested session tokens for data warehouse access. Attackers exfiltrated large volumes of sensitive customer data to external cloud storage before encrypting virtualization servers with ransomware.\u00a0<\/span>FBI and CISA detailed this exact attack chain in their July 2025 joint advisory\u00a0<\/span>\u2014including specific tools like TeamViewer for persistence and\u00a0<\/span>DragonForce<\/span>\u00a0ransomware.<\/span><\/p>\n<\/div>\n<\/div>\n

\n
\n

Case 2: Nation-State Data Exfiltration<\/h3>\n<\/div>\n<\/div>\n
\n
\n

State-sponsored actors abused legitimate SaaS applications for persistence after\u00a0<\/span>initial<\/span>\u00a0compromise. They ran excessive database queries through misconfigured APIs, staging sensitive data in cloud object storage for bulk download. Behavioral monitoring detected the unusual query patterns before full exfiltration\u00a0<\/span>completed<\/span>.\u00a0<\/span>Mandiant M-Trends 2025 documented these exact tactics<\/span>\u00a0in nation-state campaigns.<\/span><\/p>\n<\/div>\n<\/div>\n

\n
\n

Case 3: Healthcare Ransomware Evolution<\/h3>\n<\/div>\n<\/div>\n
\n
\n

Ransomware operators targeted cloud backup systems directly. They deleted recovery snapshots after encrypting primary VMs, forcing organizations to restore from months-old copies. Post-incident memory analysis revealed fileless loaders that bypassed traditional endpoint detection. CrowdStrike 2025 threat reports confirm this pattern across multiple healthcare targets.<\/span><\/p>\n

These examples\u2014all drawn from verified 2025 government and industry reports\u2014show common patterns: credential abuse first, legitimate tool misuse second, rapid data theft third.<\/span><\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n

\n
\n
\n
\n

Best Practices to Protect Cloud Environments from Malware<\/h2>\n<\/div>\n<\/div>\n
\n
\n

Here are the\u00a0proven steps\u00a0that\u00a0<\/span>actually stop<\/span>\u00a0cloud malware\u2014straight from real-world\u00a0CISA\u00a0and\u00a0NIST\u00a0guidance:<\/span><\/p>\n<\/div>\n<\/div>\n

\n
\n

\t\t\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t\t<\/span>
\n\t\t\t\t\t\t\t\t\t\tContinuous Runtime Protection: Drop agents or serverless functions on every cloud workload. They catch malicious processes the second they start acting strange\u2014no waiting for alerts.<\/span><\/p>\n

\t\t\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t\t<\/span>
\n\t\t\t\t\t\t\t\t\t\tLeast-Privilege IAM: Hunt standing privileges daily across all cloud services. Just-in-time access kills the persistent footholds attackers love.<\/span><\/p>\n

\t\t\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t\t<\/span>
\n\t\t\t\t\t\t\t\t\t\tEast-West Traffic Inspection: Slice up workloads into segments. Scan internal cloud traffic for those sneaky C2 patterns<\/a> that perimeter defenses miss completely.<\/span><\/p>\n

\t\t\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t\t<\/span>
\n\t\t\t\t\t\t\t\t\t\tContainer\/Image Scanning: Hammer every container registry with static analysis + vulnerability scanning before anything deploys. Tainted images never reach production.<\/span><\/p>\n

\t\t\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t\t<\/span>
\n\t\t\t\t\t\t\t\t\t\tEncrypted Traffic Analysis: Forget decrypting everything. Watch metadata patterns\u2014transfer spikes, weird timing, odd destinations. Data exfiltration lights up like a Christmas tree.<\/span><\/p>\n

\t\t\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t\t<\/span>
\n\t\t\t\t\t\t\t\t\t\tImmutable Backups: Keep air-gapped recovery copies completely offline. Test them quarterly against ransomware delete attempts. No test, no trust.<\/span><\/p>\n

\t\t\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t\t<\/span>
\n\t\t\t\t\t\t\t\t\t\tBehavioral Baselines: Map normal patterns for each workload type. When API calls spike or data uploads look wrong, your alerts fire instantly.<\/span><\/p>\n

\t\t\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t\t<\/span>
\n\t\t\t\t\t\t\t\t\t\tAutomated Threat Hunting: Search 90+ days of logs for stealth malware that slipped past first-line defenses. Attackers hate this one most.<\/span><\/p><\/div>\n<\/div>\n

\n
\n

These practices address the full attack lifecycle, from prevention through response.<\/span><\/span><\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n

\n
\n
\n
\n

Capabilities Needed for Strong Cloud Defense<\/h2>\n<\/div>\n<\/div>\n
\n
\n

Modern platforms deliver behavioral detection across hybrid cloud setups. They provide retrospective visibility\u2014search past events to hunt threats that slipped initial scans.<\/span><\/p>\n

Expect real-time alerts on ransomware patterns, even fileless ones. Automated\u00a0forensics\u00a0speeds investigations without manual dumps.<\/span><\/p>\n

Such capabilities align with core cloud security needs: scale, speed, and depth, as outlined in authoritative frameworks like CISA CPGs.<\/span><\/p>\n<\/div>\n<\/div>\n

\n
\n

Stay Ahead of Evolving Threats<\/h2>\n<\/div>\n<\/div>\n
\n
\n

Cloud malware analysis techniques work best as a layered system. FBI, CISA, Mandiant, Verizon, IBM, and CrowdStrike reports confirm these patterns persist into 2026\u2014infostealers enable persistent access, social engineering bypasses MFA, vulnerabilities provide footholds.<\/span><\/p>\n

Organizations ignoring cloud-specific analysis face growing risks as workloads\u00a0consolidate\u00a0further. Master static scanning for uploads, dynamic analysis for unknowns, and behavioral monitoring for production.<\/span><\/p>\n

This layered approach\u2014validated\u00a0by government advisories and industry research\u2014delivers the\u00a0visibility\u00a0modern cloud infrastructure demands.<\/span><\/p>\n<\/div>\n<\/div>\n

\n
\n

References:<\/p>\n<\/div>\n<\/div>\n

\n
\n\t\t\t\t\t\t\t\t\tScattered Spider<\/a>IBM X-Force 2025 Threat Intelligence Index | IBM<\/a>\t\t\t\t\t\t\t\t<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n

The post Inside Cloud Malware Analysis: Techniques and Real-World Use Cases<\/a> appeared first on Fidelis Security<\/a>.<\/p>","protected":false},"excerpt":{"rendered":"

Key Takeaways Cloud malware avoids files, running in memory and abusing cloud-native services to evade legacy antivirus Attackers exploit misconfigured IAM, APIs, storage, and legitimate management tools for stealthy persistence Fileless execution, living-off-the-land techniques, and encrypted cloud C2 now dominate cloud attacks Static, dynamic, and behavioral analysis must work together for effective detection Memory forensics […]<\/p>\n","protected":false},"author":0,"featured_media":6823,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[],"class_list":["post-6822","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/6822"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=6822"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/6822\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/6823"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=6822"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=6822"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=6822"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}