{"id":44,"date":"2026-03-07T06:17:34","date_gmt":"2026-03-07T06:17:34","guid":{"rendered":"https:\/\/blog.garlicshield.com\/?p=44"},"modified":"2026-03-11T06:18:02","modified_gmt":"2026-03-11T06:18:02","slug":"muddywater-iran-cyberattack-us-networks-2026","status":"publish","type":"post","link":"https:\/\/blog.garlicshield.com\/index.php\/2026\/03\/07\/muddywater-iran-cyberattack-us-networks-2026\/","title":{"rendered":"Iran’s MuddyWater Is No Longer Lurking. It’s Executing."},"content":{"rendered":"\n

Since early February 2026, a lot of noise has been made about geopolitical tensions between the U.S., Israel, and Iran. But while diplomats talk and headlines roll, something quieter and arguably more dangerous has been happening in the background. Iran’s state-sponsored hacking group, MuddyWater<\/strong>, has been actively breaking into organizations across North America, and they came prepared.<\/p>\n\n\n\n

\n\n\n\n

Who Is MuddyWater?<\/h2>\n\n\n\n

MuddyWater, also tracked as Seedworm and Mango Sandstorm, is a cyber espionage group affiliated with Iran’s Ministry of Intelligence and Security (MOIS)<\/strong>. They have been active since at least 2017 and have historically targeted government agencies, telecom companies, defense contractors, and critical infrastructure across the Middle East, Europe, and North America.<\/p>\n\n\n\n

They are not opportunistic script kiddies. They are a well-resourced, patient, and methodical threat actor with a clear mission: steal data, maintain persistent access, and position themselves for disruption when the time is right.<\/p>\n\n\n\n

\n\n\n\n

What’s Happening Right Now<\/h2>\n\n\n\n

Starting in early February 2026, MuddyWater launched a targeted campaign hitting organizations in the United States and Canada<\/strong>. The targets were not random. They included:<\/p>\n\n\n\n

    \n
  • A U.S. bank<\/li>\n\n\n\n
  • A major airport<\/li>\n\n\n\n
  • Multiple nonprofits<\/li>\n\n\n\n
  • A software supplier serving the defense and aerospace sectors, with ties to Israel<\/li>\n<\/ul>\n\n\n\n

    The timing is not a coincidence. Activity escalated following the February 28 U.S.-Israeli strike on Iran. But here is the part that should concern every security professional: the tools were already deployed and operational before that strike happened.<\/strong> This was not a reactive attack. It was a pre-planned operation that was simply waiting to be activated.<\/p>\n\n\n\n

    \n\n\n\n

    The New Weapon: Dindoor Backdoor<\/h2>\n\n\n\n

    MuddyWater introduced a previously unknown piece of malware in this campaign called Dindoor<\/strong>. Here is what makes it notable:<\/p>\n\n\n\n

      \n
    • It is built on the\u00a0Deno JavaScript runtime<\/strong>, an unconventional choice that makes it harder to detect with traditional endpoint tools tuned for more common malware runtimes.<\/li>\n\n\n\n
    • It uses\u00a0stolen digital certificates<\/strong>\u00a0to appear legitimate and blend into normal system activity.<\/li>\n\n\n\n
    • Alongside Dindoor, attackers used\u00a0Rclone<\/strong>\u00a0to quietly siphon data to a\u00a0Wasabi cloud storage bucket<\/strong>, a tactic that is increasingly common because outbound traffic to commercial cloud providers rarely raises alarms.<\/li>\n<\/ul>\n\n\n\n

      Certificate reuse across known MuddyWater malware families helped researchers confirm attribution, but the operational security on this campaign was noticeably tighter than previous efforts.<\/p>\n\n\n\n

      \n\n\n\n

      The Bigger Picture: 100+ Governments Hit in 2025<\/h2>\n\n\n\n

      This is not an isolated surge. In late 2025, MuddyWater ran a large-scale phishing campaign distributing the Phoenix v4 backdoor<\/strong> to over 100 governmental targets worldwide<\/strong>, with a heavy concentration across the Middle East and North Africa.<\/p>\n\n\n\n

      Taken together, the pattern is clear. MuddyWater has been systematically expanding its footprint, testing new tooling, and building access across a wide range of sectors. The 2026 campaign targeting North American critical infrastructure looks like the next phase of that broader strategy.<\/p>\n\n\n\n

      \n\n\n\n

      Are You in Scope?<\/h2>\n\n\n\n

      If your organization operates in any of the following sectors, you should treat this as a direct warning:<\/p>\n\n\n\n

        \n
      • Financial services<\/li>\n\n\n\n
      • Defense and aerospace<\/li>\n\n\n\n
      • Transportation and aviation<\/li>\n\n\n\n
      • Government and public sector<\/li>\n\n\n\n
      • Healthcare<\/li>\n\n\n\n
      • Any organization with ties to Israel-related contracts or operations<\/li>\n<\/ul>\n\n\n\n
        \n\n\n\n

        What You Should Do Right Now<\/h2>\n\n\n\n

        The good news is that MuddyWater’s tactics, while sophisticated, leave detectable traces. Here is where to focus your defensive energy:<\/p>\n\n\n\n

          \n
        1. Hunt for anomalous RMM tool usage.<\/strong>\u00a0MuddyWater frequently abuses legitimate remote management tools. Flag any RMM activity that does not match expected behavior or authorized change windows.<\/li>\n\n\n\n
        2. Audit outbound connections to cloud storage providers.<\/strong>\u00a0Rclone syncing to Wasabi, Backblaze, or similar services from endpoints that have no business doing so is a major red flag.<\/li>\n\n\n\n
        3. Monitor for unexpected or stolen certificate usage.<\/strong>\u00a0Certificate-signed binaries from unusual directories or processes are worth investigating immediately.<\/li>\n\n\n\n
        4. Restrict privileges aggressively.<\/strong>\u00a0Lateral movement is how a foothold becomes a catastrophe. Limit what compromised credentials can actually reach.<\/li>\n\n\n\n
        5. Review your threat intel feeds for Dindoor and Deno-based indicators of compromise (IOCs).<\/strong>\u00a0Vendors including Broadcom\/Symantec have published detection signatures. Make sure yours are updated.<\/li>\n<\/ol>\n\n\n\n
          \n\n\n\n

          The Bottom Line<\/h2>\n\n\n\n

          The pre-positioning phase is over. MuddyWater is not casing the building anymore. They are inside it.<\/p>\n\n\n\n

          Cyber defense has always required thinking ahead of adversaries, but that window gets smaller when a nation-state actor is doing the planning. The organizations that will weather this wave are the ones that already have visibility into their environments, not the ones that start building it after the breach notification arrives.<\/p>\n\n\n\n

          If you have questions about how to assess your exposure or want help reviewing your detection coverage for MuddyWater-specific tactics, feel free to reach out.<\/p>\n\n\n\n

          \n\n\n\n

          Sources: Broadcom Threat Intelligence, Symantec Security Research, published IOC reports, March 2026.<\/em><\/p>\n\n\n\n

          <\/p>\n","protected":false},"excerpt":{"rendered":"

          Since early February 2026, a lot of noise has been made about geopolitical tensions between the U.S., Israel, and Iran. But while diplomats talk and […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11,10],"tags":[],"class_list":["post-44","post","type-post","status-publish","format-standard","hentry","category-cybersecurity-news","category-malware"],"yoast_head":"\nIran's MuddyWater Is No Longer Lurking. It's Executing. - GarlicShield TLDR Cybersecurity Blog<\/title>\n<meta name=\"description\" content=\"Iranian state-sponsored group MuddyWater has breached U.S. banks, airports, and defense suppliers using a new backdoor called Dindoor. Reported by Thanmay Sarath.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.garlicshield.com\/index.php\/2026\/03\/07\/muddywater-iran-cyberattack-us-networks-2026\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Iran's MuddyWater Is No Longer Lurking. It's Executing. - GarlicShield TLDR Cybersecurity Blog\" \/>\n<meta property=\"og:description\" content=\"Iranian state-sponsored group MuddyWater has breached U.S. banks, airports, and defense suppliers using a new backdoor called Dindoor. Reported by Thanmay Sarath.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/blog.garlicshield.com\/index.php\/2026\/03\/07\/muddywater-iran-cyberattack-us-networks-2026\/\" \/>\n<meta property=\"og:site_name\" content=\"GarlicShield TLDR Cybersecurity Blog\" \/>\n<meta property=\"article:published_time\" content=\"2026-03-07T06:17:34+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-03-11T06:18:02+00:00\" \/>\n<meta name=\"author\" content=\"Thanmay Sarath\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Thanmay Sarath\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/blog.garlicshield.com\\\/index.php\\\/2026\\\/03\\\/07\\\/muddywater-iran-cyberattack-us-networks-2026\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/blog.garlicshield.com\\\/index.php\\\/2026\\\/03\\\/07\\\/muddywater-iran-cyberattack-us-networks-2026\\\/\"},\"author\":{\"name\":\"Thanmay Sarath\",\"@id\":\"https:\\\/\\\/blog.garlicshield.com\\\/#\\\/schema\\\/person\\\/daa81170228349a5ba27e24d9ffd6d1d\"},\"headline\":\"Iran’s MuddyWater Is No Longer Lurking. It’s Executing.\",\"datePublished\":\"2026-03-07T06:17:34+00:00\",\"dateModified\":\"2026-03-11T06:18:02+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/blog.garlicshield.com\\\/index.php\\\/2026\\\/03\\\/07\\\/muddywater-iran-cyberattack-us-networks-2026\\\/\"},\"wordCount\":770,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/blog.garlicshield.com\\\/#organization\"},\"articleSection\":[\"Cybersecurity News\",\"malware\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/blog.garlicshield.com\\\/index.php\\\/2026\\\/03\\\/07\\\/muddywater-iran-cyberattack-us-networks-2026\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/blog.garlicshield.com\\\/index.php\\\/2026\\\/03\\\/07\\\/muddywater-iran-cyberattack-us-networks-2026\\\/\",\"url\":\"https:\\\/\\\/blog.garlicshield.com\\\/index.php\\\/2026\\\/03\\\/07\\\/muddywater-iran-cyberattack-us-networks-2026\\\/\",\"name\":\"Iran's MuddyWater Is No Longer Lurking. It's Executing. - GarlicShield TLDR Cybersecurity Blog\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/blog.garlicshield.com\\\/#website\"},\"datePublished\":\"2026-03-07T06:17:34+00:00\",\"dateModified\":\"2026-03-11T06:18:02+00:00\",\"description\":\"Iranian state-sponsored group MuddyWater has breached U.S. banks, airports, and defense suppliers using a new backdoor called Dindoor. Reported by Thanmay Sarath.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/blog.garlicshield.com\\\/index.php\\\/2026\\\/03\\\/07\\\/muddywater-iran-cyberattack-us-networks-2026\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/blog.garlicshield.com\\\/index.php\\\/2026\\\/03\\\/07\\\/muddywater-iran-cyberattack-us-networks-2026\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/blog.garlicshield.com\\\/index.php\\\/2026\\\/03\\\/07\\\/muddywater-iran-cyberattack-us-networks-2026\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/blog.garlicshield.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Iran’s MuddyWater Is No Longer Lurking. It’s Executing.\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/blog.garlicshield.com\\\/#website\",\"url\":\"https:\\\/\\\/blog.garlicshield.com\\\/\",\"name\":\"GarlicShield TLDR Cybersecurity Blog\",\"description\":\"Peeling back the layers of cybersecurity : fast facts, real threats & scam alerts\",\"publisher\":{\"@id\":\"https:\\\/\\\/blog.garlicshield.com\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/blog.garlicshield.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/blog.garlicshield.com\\\/#organization\",\"name\":\"GarlicShield TLDR Cybersecurity Blog\",\"url\":\"https:\\\/\\\/blog.garlicshield.com\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/blog.garlicshield.com\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/blog.garlicshield.com\\\/wp-content\\\/uploads\\\/2025\\\/06\\\/gs-logo-96x96-1.png\",\"contentUrl\":\"https:\\\/\\\/blog.garlicshield.com\\\/wp-content\\\/uploads\\\/2025\\\/06\\\/gs-logo-96x96-1.png\",\"width\":96,\"height\":96,\"caption\":\"GarlicShield TLDR Cybersecurity Blog\"},\"image\":{\"@id\":\"https:\\\/\\\/blog.garlicshield.com\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/blog.garlicshield.com\\\/#\\\/schema\\\/person\\\/daa81170228349a5ba27e24d9ffd6d1d\",\"name\":\"Thanmay Sarath\",\"pronouns\":\"he\\\/him\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/036077fa8b8216287d1f50ece7333c1c04672e74eaec8dd87e70832cb9552d33?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/036077fa8b8216287d1f50ece7333c1c04672e74eaec8dd87e70832cb9552d33?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/036077fa8b8216287d1f50ece7333c1c04672e74eaec8dd87e70832cb9552d33?s=96&d=mm&r=g\",\"caption\":\"Thanmay Sarath\"},\"description\":\"Thanmay Sarath is a Mensa member, ethical hacker, entrepreneur, and technologist passionate about cybersecurity and innovation. A researcher, international speaker, and published author, he works at the intersection of technology, security, and social impact, helping organizations and communities stay safe in an increasingly digital world.\",\"sameAs\":[\"https:\\\/\\\/blog.garlicshield.com\",\"https:\\\/\\\/www.linkedin.com\\\/in\\\/thanmaysarath\"],\"url\":\"https:\\\/\\\/blog.garlicshield.com\\\/index.php\\\/author\\\/thanmay\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Iran's MuddyWater Is No Longer Lurking. It's Executing. - GarlicShield TLDR Cybersecurity Blog","description":"Iranian state-sponsored group MuddyWater has breached U.S. banks, airports, and defense suppliers using a new backdoor called Dindoor. Reported by Thanmay Sarath.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.garlicshield.com\/index.php\/2026\/03\/07\/muddywater-iran-cyberattack-us-networks-2026\/","og_locale":"en_US","og_type":"article","og_title":"Iran's MuddyWater Is No Longer Lurking. It's Executing. - GarlicShield TLDR Cybersecurity Blog","og_description":"Iranian state-sponsored group MuddyWater has breached U.S. banks, airports, and defense suppliers using a new backdoor called Dindoor. Reported by Thanmay Sarath.","og_url":"https:\/\/blog.garlicshield.com\/index.php\/2026\/03\/07\/muddywater-iran-cyberattack-us-networks-2026\/","og_site_name":"GarlicShield TLDR Cybersecurity Blog","article_published_time":"2026-03-07T06:17:34+00:00","article_modified_time":"2026-03-11T06:18:02+00:00","author":"Thanmay Sarath","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Thanmay Sarath","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/blog.garlicshield.com\/index.php\/2026\/03\/07\/muddywater-iran-cyberattack-us-networks-2026\/#article","isPartOf":{"@id":"https:\/\/blog.garlicshield.com\/index.php\/2026\/03\/07\/muddywater-iran-cyberattack-us-networks-2026\/"},"author":{"name":"Thanmay Sarath","@id":"https:\/\/blog.garlicshield.com\/#\/schema\/person\/daa81170228349a5ba27e24d9ffd6d1d"},"headline":"Iran’s MuddyWater Is No Longer Lurking. It’s Executing.","datePublished":"2026-03-07T06:17:34+00:00","dateModified":"2026-03-11T06:18:02+00:00","mainEntityOfPage":{"@id":"https:\/\/blog.garlicshield.com\/index.php\/2026\/03\/07\/muddywater-iran-cyberattack-us-networks-2026\/"},"wordCount":770,"commentCount":0,"publisher":{"@id":"https:\/\/blog.garlicshield.com\/#organization"},"articleSection":["Cybersecurity News","malware"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/blog.garlicshield.com\/index.php\/2026\/03\/07\/muddywater-iran-cyberattack-us-networks-2026\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/blog.garlicshield.com\/index.php\/2026\/03\/07\/muddywater-iran-cyberattack-us-networks-2026\/","url":"https:\/\/blog.garlicshield.com\/index.php\/2026\/03\/07\/muddywater-iran-cyberattack-us-networks-2026\/","name":"Iran's MuddyWater Is No Longer Lurking. It's Executing. - GarlicShield TLDR Cybersecurity Blog","isPartOf":{"@id":"https:\/\/blog.garlicshield.com\/#website"},"datePublished":"2026-03-07T06:17:34+00:00","dateModified":"2026-03-11T06:18:02+00:00","description":"Iranian state-sponsored group MuddyWater has breached U.S. banks, airports, and defense suppliers using a new backdoor called Dindoor. Reported by Thanmay Sarath.","breadcrumb":{"@id":"https:\/\/blog.garlicshield.com\/index.php\/2026\/03\/07\/muddywater-iran-cyberattack-us-networks-2026\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.garlicshield.com\/index.php\/2026\/03\/07\/muddywater-iran-cyberattack-us-networks-2026\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/blog.garlicshield.com\/index.php\/2026\/03\/07\/muddywater-iran-cyberattack-us-networks-2026\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/blog.garlicshield.com\/"},{"@type":"ListItem","position":2,"name":"Iran’s MuddyWater Is No Longer Lurking. It’s Executing."}]},{"@type":"WebSite","@id":"https:\/\/blog.garlicshield.com\/#website","url":"https:\/\/blog.garlicshield.com\/","name":"GarlicShield TLDR Cybersecurity Blog","description":"Peeling back the layers of cybersecurity : fast facts, real threats & scam alerts","publisher":{"@id":"https:\/\/blog.garlicshield.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blog.garlicshield.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/blog.garlicshield.com\/#organization","name":"GarlicShield TLDR Cybersecurity Blog","url":"https:\/\/blog.garlicshield.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.garlicshield.com\/#\/schema\/logo\/image\/","url":"https:\/\/blog.garlicshield.com\/wp-content\/uploads\/2025\/06\/gs-logo-96x96-1.png","contentUrl":"https:\/\/blog.garlicshield.com\/wp-content\/uploads\/2025\/06\/gs-logo-96x96-1.png","width":96,"height":96,"caption":"GarlicShield TLDR Cybersecurity Blog"},"image":{"@id":"https:\/\/blog.garlicshield.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/blog.garlicshield.com\/#\/schema\/person\/daa81170228349a5ba27e24d9ffd6d1d","name":"Thanmay Sarath","pronouns":"he\/him","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/036077fa8b8216287d1f50ece7333c1c04672e74eaec8dd87e70832cb9552d33?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/036077fa8b8216287d1f50ece7333c1c04672e74eaec8dd87e70832cb9552d33?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/036077fa8b8216287d1f50ece7333c1c04672e74eaec8dd87e70832cb9552d33?s=96&d=mm&r=g","caption":"Thanmay Sarath"},"description":"Thanmay Sarath is a Mensa member, ethical hacker, entrepreneur, and technologist passionate about cybersecurity and innovation. A researcher, international speaker, and published author, he works at the intersection of technology, security, and social impact, helping organizations and communities stay safe in an increasingly digital world.","sameAs":["https:\/\/blog.garlicshield.com","https:\/\/www.linkedin.com\/in\/thanmaysarath"],"url":"https:\/\/blog.garlicshield.com\/index.php\/author\/thanmay\/"}]}},"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/blog.garlicshield.com\/index.php\/wp-json\/wp\/v2\/posts\/44","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.garlicshield.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.garlicshield.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.garlicshield.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.garlicshield.com\/index.php\/wp-json\/wp\/v2\/comments?post=44"}],"version-history":[{"count":1,"href":"https:\/\/blog.garlicshield.com\/index.php\/wp-json\/wp\/v2\/posts\/44\/revisions"}],"predecessor-version":[{"id":45,"href":"https:\/\/blog.garlicshield.com\/index.php\/wp-json\/wp\/v2\/posts\/44\/revisions\/45"}],"wp:attachment":[{"href":"https:\/\/blog.garlicshield.com\/index.php\/wp-json\/wp\/v2\/media?parent=44"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.garlicshield.com\/index.php\/wp-json\/wp\/v2\/categories?post=44"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.garlicshield.com\/index.php\/wp-json\/wp\/v2\/tags?post=44"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}