{"id":24043,"date":"2026-04-07T09:30:18","date_gmt":"2026-04-07T02:30:18","guid":{"rendered":"https:\/\/fpt-is.com\/en\/?post_type=goc_nhin_so&#038;p=24043"},"modified":"2026-04-14T09:50:35","modified_gmt":"2026-04-14T02:50:35","slug":"ai-is-empowering-cybercrime-organizations-face-the-brink-of-global-scale-attacks","status":"publish","type":"goc_nhin_so","link":"https:\/\/fpt-is.com\/en\/insights\/ai-is-empowering-cybercrime-organizations-face-the-brink-of-global-scale-attacks\/","title":{"rendered":"AI is empowering cybercrime: Organizations face the brink of global-scale attacks"},"content":{"rendered":"<p><span style=\"font-family: arial, helvetica, sans-serif\">Amazon Threat Intelligence has noted a concerning trend: commercial AI services are lowering technical barriers, enabling even amateur attackers to launch global-scale campaigns. A recent investigation clearly demonstrated this when a financially motivated, Russian-speaking threat actor exploited multiple commercial GenAI services to compromise over\u00a0<strong>600 FortiGate devices<\/strong>\u00a0across more than\u00a0<strong>55 countries<\/strong>\u00a0from January 11 to February 18, 2026.<\/span><\/p>\n<p><span style=\"font-family: arial, helvetica, sans-serif\">No FortiGate vulnerabilities were exploited. The entire campaign relied on\u00a0<strong>internet-exposed management ports, weak passwords, and single-factor authentication &#8211; <\/strong>very basic vulnerabilities that were scaled up thanks to AI. Amazon confirmed that no AWS infrastructure was involved in this attack.<\/span><\/p>\n<p><span style=\"font-family: arial, helvetica, sans-serif\">The investigation results show that AI has become a force multiplier, allowing an individual or small group to achieve attack scales that previously required a team of experts.<\/span><\/p>\n<h2 id=\"ai-enables-amateur-attackers-to-achieve-attack-scales-typical-of-apt-groups\"><span style=\"font-family: arial, helvetica, sans-serif\">AI enables &#8220;amateur&#8221; attackers to achieve attack scales typical of APT groups<\/span><\/h2>\n<p><span style=\"font-family: arial, helvetica, sans-serif\">Although not part of any APT group or state organization, this actor &#8211; thanks to commercial language models has:<\/span><\/p>\n<ul>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">compromised multiple Active Directory systems<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">extracted entire credential databases<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">scanned and targeted backup infrastructure (a pre-ransomware indicator)<\/span><\/li>\n<\/ul>\n<p><span style=\"font-family: arial, helvetica, sans-serif\">When faced with strong defenses, the attacker doesn&#8217;t attempt to escalate but immediately shifts to an easier target. This shows their advantage lies in AI-supported speed and scale, not in-depth skills.<\/span><\/p>\n<h2 id=\"overview-of-the-campaign\"><span style=\"font-family: arial, helvetica, sans-serif\">Overview of the campaign<\/span><\/h2>\n<p><span style=\"font-family: arial, helvetica, sans-serif\">During routine monitoring, Amazon Threat Intelligence discovered infrastructure containing malware and operational files, including:<\/span><\/p>\n<ul>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">AI-generated attack plan<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">victim configuration<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">custom tool source code<\/span><\/li>\n<\/ul>\n<p><span style=\"font-family: arial, helvetica, sans-serif\">Poor OPSEC allowed analysts to trace the entire operational process &#8211; almost like an <strong>AI-driven cybercrime assembly line<\/strong>, where someone with limited skills can still produce, deploy, and manage mass attacks.<\/span><\/p>\n<p><span style=\"font-family: arial, helvetica, sans-serif\"><strong>Initial infiltration stage: Large-scale credential abuse<\/strong><\/span><\/p>\n<p><span style=\"font-family: arial, helvetica, sans-serif\">The attacker scanned numerous FortiGate management ports (443, 8443, 10443, 4443) and then attempted to log in using common passwords.<\/span><\/p>\n<p><span style=\"font-family: arial, helvetica, sans-serif\">The stolen FortiGate configuration file contained:<\/span><\/p>\n<ul>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">recoverable SSL-VPN passwords<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">admin accounts<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">internal network structure<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">firewall policies<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">IPsec VPN configuration<\/span><\/li>\n<\/ul>\n<p><span style=\"font-family: arial, helvetica, sans-serif\">They used Python scripts &#8211; developed with AI support &#8211; to decrypt and analyze these files.<\/span><\/p>\n<p><span style=\"font-family: arial, helvetica, sans-serif\">Custom Toolkit: AI-Generated Reconnaissance Framework<\/span><\/p>\n<p><span style=\"font-family: arial, helvetica, sans-serif\">After gaining VPN access to the victim&#8217;s network, the attacker deployed a reconnaissance tool (written in Go and Python). The source code clearly showed AI traces:<\/span><\/p>\n<ul>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">Excessive comments, repetitive function names<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">simple architecture, prioritizing form over function<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">JSON parsing using custom string tricks<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">undocumented compatible functions<\/span><\/li>\n<\/ul>\n<p><span style=\"font-family: arial, helvetica, sans-serif\">Execution tool:<\/span><\/p>\n<ul>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">Route VPN table \u2192 network segmentation<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">port scanning with\u00a0<strong>gogo<\/strong><\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">detect SMB\/DC<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">vulnerability scanning with\u00a0<strong>Nuclei<\/strong><\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">create a prioritized target list<\/span><\/li>\n<\/ul>\n<p><span style=\"font-family: arial, helvetica, sans-serif\"><strong>Post-infiltration activities<\/strong><\/span><\/p>\n<p><span style=\"font-family: arial, helvetica, sans-serif\">The attacker used a common toolkit:<\/span><\/p>\n<p><span style=\"font-family: arial, helvetica, sans-serif\">1. Domain takeover<\/span><\/p>\n<ul>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">use Meterpreter + mimikatz for DCSync<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">extract AD credential database<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">many instances of Domain Admin using weak passwords or ones identical to FortiGate<\/span><\/li>\n<\/ul>\n<p><span style=\"font-family: arial, helvetica, sans-serif\">2. Lateral movement<\/span><\/p>\n<ul>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">Pass-the-Hash \/ Pass-the-Ticket<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">NTLM relay<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">RCE on Windows machine<\/span><\/li>\n<\/ul>\n<p><span style=\"font-family: arial, helvetica, sans-serif\">3. Backup infrastructure attack (Veeam)<\/span><\/p>\n<ul>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">Use PowerShell, decryption tools, and attempt to exploit known CVEs<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">Objective: access credential backup \u2192 disrupt recovery capability \u2192 facilitate ransomware<\/span><\/li>\n<\/ul>\n<p><span style=\"font-family: arial, helvetica, sans-serif\">4. Limited vulnerability exploitation capability<\/span><\/p>\n<p><span style=\"font-family: arial, helvetica, sans-serif\">The attacker repeatedly failed when applying CVEs that required higher skills. They couldn&#8217;t compile exploits, handle edge cases, and when faced with well-protected systems, they left.<\/span><\/p>\n<p><span style=\"font-family: arial, helvetica, sans-serif\"><strong>Geographic distribution<\/strong><\/span><\/p>\n<p><span style=\"font-family: arial, helvetica, sans-serif\">The campaign was opportunistic, scanning a wide range of devices regardless of industry. However, Amazon noticed many clusters of devices from the same organization being compromised, indicating a large scale such as MSPs or multi-branch enterprises.<\/span><\/p>\n<p><span style=\"font-family: arial, helvetica, sans-serif\">Affected devices were concentrated in:<\/span><\/p>\n<ul>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">Southeast Asia<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">Latin America<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">Caribbean<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">West Africa<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">Northern Europe<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">Southeast Asia<\/span><\/li>\n<\/ul>\n<h2 id=\"ai-became-the-main-driver-of-the-campaign\"><span style=\"font-family: arial, helvetica, sans-serif\">AI became the main driver of the campaign<\/span><\/h2>\n<p><span style=\"font-family: arial, helvetica, sans-serif\">Investigations revealed the attacker used at least two commercial LLM services, each serving different roles.<\/span><\/p>\n<p><span style=\"font-family: arial, helvetica, sans-serif\"><strong>AI planned the attack<\/strong><\/span><\/p>\n<p><span style=\"font-family: arial, helvetica, sans-serif\">AI creates:<\/span><\/p>\n<ul>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">step-by-step instructions<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">estimate success rate<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">priority task tree<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">pivot plan within the internal network<\/span><\/li>\n<\/ul>\n<p><span style=\"font-family: arial, helvetica, sans-serif\">The attacker copied almost verbatim and clearly lacked the deep understanding needed to make adjustments.<\/span><\/p>\n<p><span style=\"font-family: arial, helvetica, sans-serif\"><strong>AI created mass tools<\/strong><\/span><\/p>\n<p><span style=\"font-family: arial, helvetica, sans-serif\">Dozens of scripts in various languages were generated by AI:<\/span><\/p>\n<ul>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">Configuration parser<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">credential collection tool<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">automatic VPN connection<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">large-scale scanning<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">dashboard for summarizing results<\/span><\/li>\n<\/ul>\n<h2 id=\"threat-actor-assessment\"><span style=\"font-family: arial, helvetica, sans-serif\">Threat actor assessment<\/span><\/h2>\n<ul>\n<li><span style=\"font-family: arial, helvetica, sans-serif\"><strong>Motivation<\/strong>: financial.<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\"><strong>Language<\/strong>: Russian.<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\"><strong>Skill level<\/strong>: low to medium, significantly enhanced by AI.<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\"><strong>AI dependency<\/strong>: extremely high, from planning to tool development.<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\"><strong>Scale of operation<\/strong>: broad, multinational.<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\"><strong>Post-exploitation depth<\/strong>: shallow, quick to abandon when blocked.<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\"><strong>OPSEC<\/strong>: poor, internal data stored publicly without encryption.<\/span><\/li>\n<\/ul>\n<h2 id=\"defense-recommendations\"><span style=\"font-family: arial, helvetica, sans-serif\">Defense recommendations<\/span><\/h2>\n<p><span style=\"font-family: arial, helvetica, sans-serif\">The campaign exploited the simplest mistakes &#8211; but AI enabled them to do so on a global scale. Therefore, basic defense remains the strongest line of defense.<\/span><\/p>\n<p><span style=\"font-family: arial, helvetica, sans-serif\"><strong>1. Comprehensive inspection of FortiGate devices<\/strong><\/span><\/p>\n<ul>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">Do not expose management ports to the internet.<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">Limit IP addresses for management access.<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">Change all default\/common passwords.<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">Enable MFA for management and VPN.<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">Check configuration for any unusual admin accounts.<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">Review VPN logs for access from unusual geographic locations.<\/span><\/li>\n<\/ul>\n<p><span style=\"font-family: arial, helvetica, sans-serif\"><strong>2. Enhance credential hygiene<\/strong><\/span><\/p>\n<ul>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">Check for password duplication between FortiGate and AD.<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">Enforce strong passwords + MFA for VPN.<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">Rotate service account credentials, especially in backup systems.<\/span><\/li>\n<\/ul>\n<p><span style=\"font-family: arial, helvetica, sans-serif\"><strong>3. Monitor for signs of post-exploitation<\/strong><\/span><\/p>\n<ul>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">Event ID 4662 with GUID replication (DCSync indication).<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">Suspicious scheduled task.<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">Administrative connection from VPN IP range.<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">Signs of LLMNR\/NBT-NS poisoning.<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">Unauthorized access to credential backup store.<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">New account &#8220;disguised&#8221; as a legitimate account.<\/span><\/li>\n<\/ul>\n<p><span style=\"font-family: arial, helvetica, sans-serif\"><strong>4. Protect the backup system<\/strong><\/span><\/p>\n<ul>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">Isolate the backup server.<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">Patch all Veeam vulnerabilities.<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">Monitor for unusual PowerShell activity.<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">Use immutable backups.<\/span><\/li>\n<\/ul>\n<p><span style=\"font-family: arial, helvetica, sans-serif\"><strong>5. Recommendations for AWS environments<\/strong><\/span><\/p>\n<ul>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">Enable\u00a0<strong>Amazon GuardDuty<\/strong>.<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">Use\u00a0<strong>Amazon Inspector<\/strong>\u00a0to detect exposure and vulnerabilities.<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">Monitor posture through\u00a0<strong>AWS Security Hub<\/strong>.<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">Maintain network device patching via\u00a0<strong>Systems Manager Patch Manager<\/strong>.<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">Review unusual IAM behavior related to credential leaks.<\/span><\/li>\n<\/ul>\n<h2 id=\"ioc\"><span style=\"font-family: arial, helvetica, sans-serif\"><strong>IOC<\/strong><\/span><\/h2>\n<ul>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">212[.]11.64.250<\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\">185[.]196.11.225<\/span><\/li>\n<\/ul>\n<h2 id=\"references\"><span style=\"font-family: arial, helvetica, sans-serif\">References<\/span><\/h2>\n<ul>\n<li><span style=\"font-family: arial, helvetica, sans-serif\"><a href=\"https:\/\/aws.amazon.com\/it\/blogs\/security\/ai-augmented-threat-actor-accesses-fortigate-devices-at-scale\/\" target=\"_blank\" rel=\"noopener ugc nofollow\">AI-augmented threat actor accesses FortiGate devices at scale | AWS Security Blog<\/a><\/span><\/li>\n<li><span style=\"font-family: arial, helvetica, sans-serif\"><a href=\"https:\/\/securityaffairs.com\/188351\/hacking\/ai-powered-campaign-compromises-600-fortigate-systems-worldwide.html\" target=\"_blank\" rel=\"noopener ugc nofollow\">AI-powered campaign compromises 600 FortiGate systems worldwide<\/a><\/span><\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<table style=\"border-collapse: collapse;width: 100%\">\n<tbody>\n<tr>\n<td style=\"width: 100%\">\n<div class=\"flex flex-col text-sm pb-25\">\n<section class=\"text-token-text-primary w-full focus:outline-none [--shadow-height:45px] has-data-writing-block:pointer-events-none has-data-writing-block:-mt-(--shadow-height) has-data-writing-block:pt-(--shadow-height) [&amp;:has([data-writing-block])&gt;*]:pointer-events-auto scroll-mt-[calc(var(--header-height)+min(200px,max(70px,20svh)))]\" dir=\"auto\" data-turn-id=\"request-69af8f06-4638-8324-b086-21f085626490-16\" data-testid=\"conversation-turn-152\" data-scroll-anchor=\"true\" data-turn=\"assistant\">\n<div class=\"text-base my-auto mx-auto pb-10 [--thread-content-margin:var(--thread-content-margin-xs,calc(var(--spacing)*4))] @w-sm\/main:[--thread-content-margin:var(--thread-content-margin-sm,calc(var(--spacing)*6))] @w-lg\/main:[--thread-content-margin:var(--thread-content-margin-lg,calc(var(--spacing)*16))] px-(--thread-content-margin)\">\n<div class=\"[--thread-content-max-width:40rem] @w-lg\/main:[--thread-content-max-width:48rem] mx-auto max-w-(--thread-content-max-width) flex-1 group\/turn-messages focus-visible:outline-hidden relative flex w-full min-w-0 flex-col agent-turn\">\n<div class=\"flex max-w-full flex-col gap-4 grow\">\n<div class=\"min-h-8 text-message relative flex w-full flex-col items-end gap-2 text-start break-words whitespace-normal outline-none keyboard-focused:focus-ring [.text-message+&amp;]:mt-1\" dir=\"auto\" data-message-author-role=\"assistant\" data-message-id=\"d59be920-fa1d-4187-a3bd-f1283c4e5039\" data-message-model-slug=\"gpt-5-3\" data-turn-start-message=\"true\">\n<div class=\"flex w-full flex-col gap-1 empty:hidden\">\n<div class=\"markdown prose dark:prose-invert w-full wrap-break-word light markdown-new-styling\">\n<p data-start=\"0\" data-end=\"93\" data-is-last-node=\"\" data-is-only-node=\"\"><span style=\"font-family: arial, helvetica, sans-serif\"><strong data-start=\"0\" data-end=\"41\" data-is-only-node=\"\">Exclusive article by an FPT IS expert<\/strong><\/span><br data-start=\"41\" data-end=\"44\" \/><span style=\"font-family: arial, helvetica, sans-serif\"><strong data-start=\"44\" data-end=\"93\" data-is-last-node=\"\">Vu Nhat Lam &#8211; FPT Information Security Center, FPT Corp<\/strong><\/span><\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/section>\n<\/div>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n","protected":false},"author":21,"featured_media":24044,"parent":0,"template":"","nang_luc":[821],"danh_muc_goc_nhin_so":[],"dich_vu":[537],"linh_vuc":[],"platform":[],"san_pham":[],"the_goc_nhin_so":[],"class_list":["post-24043","goc_nhin_so","type-goc_nhin_so","status-publish","has-post-thumbnail","hentry","nang_luc-security","dich_vu-insights-data-ai"],"acf":[],"_links":{"self":[{"href":"https:\/\/fpt-is.com\/en\/wp-json\/wp\/v2\/goc_nhin_so\/24043","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/fpt-is.com\/en\/wp-json\/wp\/v2\/goc_nhin_so"}],"about":[{"href":"https:\/\/fpt-is.com\/en\/wp-json\/wp\/v2\/types\/goc_nhin_so"}],"author":[{"embeddable":true,"href":"https:\/\/fpt-is.com\/en\/wp-json\/wp\/v2\/users\/21"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/fpt-is.com\/en\/wp-json\/wp\/v2\/media\/24044"}],"wp:attachment":[{"href":"https:\/\/fpt-is.com\/en\/wp-json\/wp\/v2\/media?parent=24043"}],"wp:term":[{"taxonomy":"nang_luc","embeddable":true,"href":"https:\/\/fpt-is.com\/en\/wp-json\/wp\/v2\/nang_luc?post=24043"},{"taxonomy":"danh_muc_goc_nhin_so","embeddable":true,"href":"https:\/\/fpt-is.com\/en\/wp-json\/wp\/v2\/danh_muc_goc_nhin_so?post=24043"},{"taxonomy":"dich_vu","embeddable":true,"href":"https:\/\/fpt-is.com\/en\/wp-json\/wp\/v2\/dich_vu?post=24043"},{"taxonomy":"linh_vuc","embeddable":true,"href":"https:\/\/fpt-is.com\/en\/wp-json\/wp\/v2\/linh_vuc?post=24043"},{"taxonomy":"platform","embeddable":true,"href":"https:\/\/fpt-is.com\/en\/wp-json\/wp\/v2\/platform?post=24043"},{"taxonomy":"san_pham","embeddable":true,"href":"https:\/\/fpt-is.com\/en\/wp-json\/wp\/v2\/san_pham?post=24043"},{"taxonomy":"the_goc_nhin_so","embeddable":true,"href":"https:\/\/fpt-is.com\/en\/wp-json\/wp\/v2\/the_goc_nhin_so?post=24043"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}