{"id":15708,"date":"2023-06-05T20:40:19","date_gmt":"2023-06-05T20:40:19","guid":{"rendered":"https:\/\/cybercrime.rs\/?p=15708"},"modified":"2023-07-24T21:40:14","modified_gmt":"2023-07-24T21:40:14","slug":"badusb-vs-windows-defender","status":"publish","type":"post","link":"https:\/\/cybercrime.rs\/en\/2023\/06\/05\/badusb-vs-windows-defender\/","title":{"rendered":"BadUSB vs. Windows Defender"},"content":{"rendered":"<div data-elementor-type=\"wp-post\" data-elementor-id=\"15708\" class=\"elementor elementor-15708\">\n\t\t\t\t\t\t\t\t\t<section class=\"has_ae_slider elementor-section elementor-top-section elementor-element elementor-element-594f89e6 elementor-section-boxed elementor-section-height-default elementor-section-height-default ae-bg-gallery-type-default\" data-id=\"594f89e6\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"has_ae_slider elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-61d48f2 ae-bg-gallery-type-default\" data-id=\"61d48f2\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-51f9417 elementor-widget elementor-widget-spacer\" data-id=\"51f9417\" data-element_type=\"widget\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor - v3.7.8 - 02-10-2022 *\/\n.elementor-column .elementor-spacer-inner{height:var(--spacer-size)}.e-container{--container-widget-width:100%}.e-container>.elementor-widget-spacer{width:var(--container-widget-width,var(--spacer-size));-ms-flex-item-align:stretch;align-self:stretch;-ms-flex-negative:0;flex-shrink:0}.e-container>.elementor-widget-spacer>.elementor-widget-container,.e-container>.elementor-widget-spacer>.elementor-widget-container>.elementor-spacer{height:100%}.e-container>.elementor-widget-spacer>.elementor-widget-container>.elementor-spacer>.elementor-spacer-inner{height:var(--container-widget-height,var(--spacer-size))}<\/style>\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-e5f9625 elementor-author-box--image-valign-top elementor-widget elementor-widget-author-box\" data-id=\"e5f9625\" data-element_type=\"widget\" data-widget_type=\"author-box.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<link rel=\"stylesheet\" href=\"https:\/\/cybercrime.rs\/wp-content\/plugins\/elementor-pro\/assets\/css\/widget-theme-elements.min.css\">\t\t<div class=\"elementor-author-box\">\n\t\t\t\t\t\t\t<a href=\"https:\/\/www.linkedin.com\/in\/antonio-gabor29\/\" target=\"_blank\" class=\"elementor-author-box__avatar\">\n\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/cybercrime.rs\/wp-content\/uploads\/2023\/06\/antonio-195x300.png\" alt=\"Antonio Gabor\">\n\t\t\t\t<\/a>\n\t\t\t\n\t\t\t<div class=\"elementor-author-box__text\">\n\t\t\t\t\t\t\t\t\t<a href=\"https:\/\/www.linkedin.com\/in\/antonio-gabor29\/\" target=\"_blank\">\n\t\t\t\t\t\t<h4 class=\"elementor-author-box__name\">\n\t\t\t\t\t\t\tAntonio Gabor\t\t\t\t\t\t<\/h4>\n\t\t\t\t\t<\/a>\n\t\t\t\t\n\t\t\t\t\t\t\t\t\t<div class=\"elementor-author-box__bio\">\n\t\t\t\t\t\t<p>Certified Ethical Hacker and Network Security Engineer<\/p>\n\t\t\t\t\t<\/div>\n\t\t\t\t\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3429c1d elementor-widget elementor-widget-spacer\" data-id=\"3429c1d\" data-element_type=\"widget\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-62d17788 elementor-widget elementor-widget-text-editor\" data-id=\"62d17788\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor - v3.7.8 - 02-10-2022 *\/\n.elementor-widget-text-editor.elementor-drop-cap-view-stacked .elementor-drop-cap{background-color:#818a91;color:#fff}.elementor-widget-text-editor.elementor-drop-cap-view-framed .elementor-drop-cap{color:#818a91;border:3px solid;background-color:transparent}.elementor-widget-text-editor:not(.elementor-drop-cap-view-default) .elementor-drop-cap{margin-top:8px}.elementor-widget-text-editor:not(.elementor-drop-cap-view-default) .elementor-drop-cap-letter{width:1em;height:1em}.elementor-widget-text-editor .elementor-drop-cap{float:left;text-align:center;line-height:1;font-size:50px}.elementor-widget-text-editor .elementor-drop-cap-letter{display:inline-block}<\/style>\t\t\t\t<p><!-- wp:paragraph --><!-- \/wp:paragraph --><!-- wp:image {\"id\":15709,\"sizeSlug\":\"large\",\"linkDestination\":\"none\"} --><\/p>\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"683\" class=\"wp-image-15709\" src=\"https:\/\/cybercrime.rs\/wp-content\/uploads\/2023\/06\/4-1024x683.jpg\" alt=\"\" \/><\/figure>\n<p><!-- \/wp:image --><!-- wp:paragraph --><\/p>\n<p>Photo: <span style=\"color: #ead181;\"><a style=\"color: #ead181;\" href=\"https:\/\/www.csoonline.com\/article\/3647173\/badusb-explained-how-rogue-usbs-threaten-your-organization.html\" target=\"_blank\" rel=\"noopener\">CSO<\/a><\/span><\/p>\n<p><!-- \/wp:paragraph --><!-- wp:paragraph --><\/p>\n<p>\u00a0<\/p>\n<p>Have you ever wondered how secure preinstalled security applications truly are? Can attackers bypass or disable them? How can we protect ourselves from such attacks?<\/p>\n<p><!-- \/wp:paragraph --><!-- wp:paragraph --><\/p>\n<p>Recently, I had the opportunity to explore several methods of bypassing Windows Defender EDR (Endpoint Detection and Response), and undoubtedly the easiest and fastest method is to use a USB device that includes a micro SD card reader and a programmable controller to emulate an HID device.<\/p>\n<p><!-- \/wp:paragraph --><!-- wp:paragraph --><\/p>\n<p>You might be wondering what HID (<span style=\"color: #ead181;\"><a style=\"color: #ead181;\" href=\"https:\/\/en.wikipedia.org\/wiki\/Human_interface_device\">Human Interface Device<\/a><\/span>) devices are. Simply put, they are devices that inherently gain trust from the operating system, such as a keyboard in this case. When a new keyboard is connected to a computer, the system automatically installs the necessary drivers, and the keyboard starts functioning magically.<\/p>\n<p><!-- \/wp:paragraph --><!-- wp:paragraph --><\/p>\n<p>\u00a0<\/p>\n<p>In our case, the attack being used exploits this trust disposition by recognizing the <span style=\"color: #ead181;\"><a style=\"color: #ead181;\" href=\"https:\/\/www.comparitech.com\/net-admin\/what-is-badusb\/\">BadUSB<\/a><\/span> as an HID keyboard, which then executes a script stored on the micro SD card. Needless to say, these devices cannot be visually distinguished from ordinary USBs, and they are easily accessible and affordable.<\/p>\n<p><!-- \/wp:paragraph --><!-- wp:image {\"id\":15711,\"sizeSlug\":\"full\",\"linkDestination\":\"none\"} --><\/p>\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-15711\" src=\"https:\/\/cybercrime.rs\/wp-content\/uploads\/2023\/06\/44.jpg\" alt=\"\" width=\"873\" height=\"873\" \/><\/figure>\n<p><!-- \/wp:image --><!-- wp:paragraph --><\/p>\n<p>\u00a0<\/p>\n<p>There is a special language dedicated to these devices called <span style=\"color: #ffffff;\">DUCKY SCRIPT<\/span>I won't go deep into the specifics of that standard here, but you can explore it yourself at the<span style=\"color: #ead181;\"> <a style=\"color: #ead181;\" href=\"https:\/\/github.com\/hak5\/usbrubberducky-payloads#about-the-new-usb-rubber-ducky\">&gt;&gt;<\/a>.<\/span><\/p>\n<p><!-- \/wp:paragraph --><!-- wp:paragraph --><\/p>\n<p>Using the script, we can create desired outcomes and, by employing various tricks and shortcuts available on the Windows operating system, we can cause damage ranging from harmless to complete system destruction and data loss.<\/p>\n<p><!-- \/wp:paragraph --><!-- wp:paragraph --><\/p>\n<p>You probably cherish those vacation photos from Greece, right? Well, they are gone forever. Of course, this is just one example of how this USB can be misused, and there are countless others.<\/p>\n<p><!-- \/wp:paragraph --><!-- wp:paragraph --><\/p>\n<p>\u00a0<\/p>\n<p>Here's a short example of a Ducky script:<\/p>\n<p><!-- \/wp:paragraph --><!-- wp:paragraph --><\/p>\n<p><!-- \/wp:paragraph --><!-- wp:paragraph --><\/p>\n<p><!-- \/wp:paragraph --><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5776d2c elementor-widget elementor-widget-text-editor\" data-id=\"5776d2c\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>GUI r<\/p>\n<p><!-- \/wp:paragraph --><!-- wp:paragraph --><\/p>\n<p>DELAY 50<\/p>\n<p><!-- \/wp:paragraph --><!-- wp:paragraph --><\/p>\n<p>STRING notepad.exe<\/p>\n<p><!-- \/wp:paragraph --><!-- wp:paragraph --><\/p>\n<p>ENTER<\/p>\n<p><!-- \/wp:paragraph --><!-- wp:paragraph --><\/p>\n<p>DELAY 100<\/p>\n<p><!-- \/wp:paragraph --><!-- wp:paragraph --><\/p>\n<p>STRING Hello World<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-8d3b061 elementor-widget elementor-widget-spacer\" data-id=\"8d3b061\" data-element_type=\"widget\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-8f48d36 elementor-widget elementor-widget-text-editor\" data-id=\"8f48d36\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p><!-- wp:paragraph --><!-- \/wp:paragraph --><!-- wp:image {\"id\":15709,\"sizeSlug\":\"large\",\"linkDestination\":\"none\"} --><!-- \/wp:paragraph --><!-- wp:paragraph --><!-- \/wp:paragraph --><!-- wp:paragraph --><\/p>\n<p>Completely harmless, you'd agree...<\/p>\n<p>\u00a0<\/p>\n<p><!-- \/wp:paragraph --><!-- wp:paragraph --><\/p>\n<p>The first step of the attack is to input the shortcut for opening the run application: Win+R.<\/p>\n<p><!-- \/wp:paragraph --><!-- wp:paragraph --><\/p>\n<p>This allows us to launch any application available on our operating system.<\/p>\n<p><!-- \/wp:paragraph --><!-- wp:paragraph --><\/p>\n<p>It's crucial to record the precise keystrokes used on the keyboard, including the commands to disable Windows Defender protection and the necessary delays between each command to ensure their successful execution and achieve the desired result.<\/p>\n<p><!-- \/wp:paragraph --><!-- wp:paragraph --><\/p>\n<p>And this is what it looks like when everything is successfully executed.<\/p>\n<p>\u00a0<\/p>\n<p><!-- \/wp:paragraph --><!-- wp:image {\"id\":15716,\"sizeSlug\":\"full\",\"linkDestination\":\"none\"} --><\/p>\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-15716\" src=\"https:\/\/cybercrime.rs\/wp-content\/uploads\/2023\/06\/f-1.png\" alt=\"\" width=\"851\" height=\"568\" \/><\/figure>\n<p><!-- \/wp:image --><!-- wp:paragraph --><\/p>\n<p>\u00a0<\/p>\n<p>This is just the starting point for compromising the system after the initial access, but it is undoubtedly one of the more critical steps in the Cyber Kill Chain. If our primary defense mechanism is disabled, the attacker can later install various malicious applications like <span style=\"color: #ead181;\"><a style=\"color: #ead181;\" href=\"https:\/\/github.com\/ParrotSec\/mimikatz\">mimikatz<\/a><\/span>, gather the local administrator's passwords, and continue to compromise the computer network through lateral movement to other systems in the Windows Active Directory, all the way up to the domain admin.<\/p>\n<p><!-- \/wp:paragraph --><!-- wp:paragraph --><\/p>\n<p>Understanding such types of attacks is essential for defense ant to ensure the security of our systems and protect personal data from exfiltration. The technique for circumventing security systems, according to the Mitre Attack Matrix, falls under T1562 Impair Defenses, specifically<span style=\"color: #ead181;\"> <strong><a style=\"color: #ead181;\" href=\"https:\/\/attack.mitre.org\/techniques\/T1562\/001\/\">T1562.001 Disable or Modify Tools<\/a><\/strong> <\/span>.<\/p>\n<p><!-- \/wp:paragraph --><!-- wp:paragraph --><!-- \/wp:paragraph --><!-- wp:paragraph --><!-- \/wp:paragraph --><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-4e1e0af elementor-widget elementor-widget-spacer\" data-id=\"4e1e0af\" data-element_type=\"widget\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-49e8182 elementor-widget elementor-widget-heading\" data-id=\"49e8182\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor - v3.7.8 - 02-10-2022 *\/\n.elementor-heading-title{padding:0;margin:0;line-height:1}.elementor-widget-heading .elementor-heading-title[class*=elementor-size-]>a{color:inherit;font-size:inherit;line-height:inherit}.elementor-widget-heading .elementor-heading-title.elementor-size-small{font-size:15px}.elementor-widget-heading .elementor-heading-title.elementor-size-medium{font-size:19px}.elementor-widget-heading .elementor-heading-title.elementor-size-large{font-size:29px}.elementor-widget-heading .elementor-heading-title.elementor-size-xl{font-size:39px}.elementor-widget-heading .elementor-heading-title.elementor-size-xxl{font-size:59px}<\/style><h2 class=\"elementor-heading-title elementor-size-default\">How can we prevent attackers from successfully executing this attack?<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-88ff0c6 elementor-widget elementor-widget-spacer\" data-id=\"88ff0c6\" data-element_type=\"widget\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2ea9200 elementor-widget elementor-widget-text-editor\" data-id=\"2ea9200\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>We have a few options available that would be suitable for this purpose.<\/p>\n<p><!-- \/wp:paragraph --><!-- wp:paragraph --><\/p>\n<p>One approach is to implement security policies and group policies, together with modifying Windows Registries or using applications to block USB ports.<\/p>\n<p><!-- \/wp:paragraph --><!-- wp:paragraph --><\/p>\n<p class=\" translation-block\">You can find useful information on how to protect against these attacks at the <a href=\"https:\/\/www.windowscentral.com\/how-disable-access-removable-storage-devices-windows-10\" target=\"_self\">link<\/a> provided.<\/p>\n<p>\u00a0<\/p>\n<p>\u00a0<\/p>\n<p><!-- \/wp:paragraph --><!-- wp:paragraph --><\/p>\n<p>Working at the Central Bank of Ireland, a similar approach was applied.<\/p>\n<p><!-- \/wp:paragraph --><!-- wp:paragraph --><\/p>\n<p>Naturally, this also prevented the exfiltration of sensitive and confidential documents through removable media.<\/p>\n<p>\u00a0<\/p>\n<p>\u00a0<\/p>\n<p><!-- \/wp:paragraph --><!-- wp:paragraph --><\/p>\n<p class=\" translation-block\">To remove the possibility of running portable devices, follow <span style=\"color: #ffffff\">these steps<\/span>:<\/p>\n<p><!-- \/wp:paragraph --><!-- wp:list {\"ordered\":true,\"type\":\"1\"} --><\/p>\n<ol type=\"1\"><!-- wp:list-item -->\n<li>Open Start.<\/li>\n<!-- \/wp:list-item --><!-- wp:list-item -->\n<li>Pretra\u017eite &#8220;gpedit.msc&#8221; i kliknite OK da otvorite Local Group Policy Editor.<\/li>\n<!-- \/wp:list-item --><!-- wp:list-item -->\n<li>Navigate to the following path: Computer Configuration &gt; Administrative Templates &gt; System &gt; Removable Storage Access.<\/li>\n<!-- \/wp:list-item --><!-- wp:list-item -->\n<li>Double-click the \"Deny all access policy\" policy on the right side twice.<\/li>\n<!-- \/wp:list-item --><!-- wp:list-item -->\n<li>Access to removable storage<\/li>\n<!-- \/wp:list-item --><!-- wp:list-item -->\n<li>Izaberite opciju &#8220;Omogu\u0107eno&#8221;.<\/li>\n<!-- \/wp:list-item --><!-- wp:list-item -->\n<li>All removable storage classes deny all access policy<\/li>\n<!-- \/wp:list-item --><!-- wp:list-item -->\n<li>Kliknite na dugme &#8220;Primeni&#8221;.<\/li>\n<!-- \/wp:list-item --><!-- wp:list-item -->\n<li>Kliknite na dugme &#8220;U redu&#8221;.<\/li>\n<!-- \/wp:list-item --><!-- wp:list-item -->\n<li>Restart the computer.<\/li>\n<!-- \/wp:list-item --><\/ol>\n<p><!-- \/wp:list --><!-- wp:paragraph --><\/p>\n<p>Although this may not be the best option, there are specialized devices designed to be connected to open USB ports and locked with a small padlock. <span style=\"color: #ead181;\"><a style=\"color: #ead181;\" href=\"https:\/\/www.huntoffice.ie\/kensington-usb-port-lock-with-blockers-usb-port-blocker-k67913ww-3640169.html?gclid=EAIaIQobChMI4L-x6Mmf_wIVmwUGAB2rJgSZEAQYBiABEgLuM_D_BwE\">Kensignton<\/a> <\/span>is a well-known manufacturer of physical security devices.<\/p>\n<p><!-- \/wp:paragraph --><!-- wp:paragraph --><\/p>\n<p><br \/><br \/>Last but not least, <span style=\"color: #ffffff;\">the Cyber Security Awareness training.<\/span>User security training for using corporate devices and systems is invaluable, and it is desirable for all companies to implement it in some form or other. By emphasizing the importance of paying attention to details and the reality of these attacks, we can prevent them to a large extent. \nJust one USB device planted in front of an office can potentially compromise the entire computer network and information systems, leading to bussiness disruption or sometime total loss of bussiness.<br \/><br \/><br \/><\/p>\n<p>\u00a0<\/p>\n<p><!-- \/wp:paragraph --><!-- wp:paragraph --><\/p>\n<p>Stay vigilant and stay safe!<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t\t\t<\/div>","protected":false},"excerpt":{"rendered":"<p>How to Bypass Windows Defender Protection Using BadUSB and Compromise a Computer Network?<\/p>","protected":false},"author":1,"featured_media":9976,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"site-sidebar-layout":"default","site-content-layout":"default","ast-global-header-display":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","footnotes":""},"categories":[30],"tags":[],"class_list":["post-15708","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity"],"acf":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cybercrime.rs\/en\/wp-json\/wp\/v2\/posts\/15708","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cybercrime.rs\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybercrime.rs\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cybercrime.rs\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cybercrime.rs\/en\/wp-json\/wp\/v2\/comments?post=15708"}],"version-history":[{"count":39,"href":"https:\/\/cybercrime.rs\/en\/wp-json\/wp\/v2\/posts\/15708\/revisions"}],"predecessor-version":[{"id":16596,"href":"https:\/\/cybercrime.rs\/en\/wp-json\/wp\/v2\/posts\/15708\/revisions\/16596"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybercrime.rs\/en\/wp-json\/wp\/v2\/media\/9976"}],"wp:attachment":[{"href":"https:\/\/cybercrime.rs\/en\/wp-json\/wp\/v2\/media?parent=15708"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybercrime.rs\/en\/wp-json\/wp\/v2\/categories?post=15708"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybercrime.rs\/en\/wp-json\/wp\/v2\/tags?post=15708"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}