Malicious

Confluence and WebLogic abuse

As early as April 10, 2019, unidentified attackers began leveraging new vulnerabilities in popular enterprise applications to deliver a wide variety of malware, including ransomware,…

Read more

CVE-2018-15982 exploit attacks

In late November 2018, a targeted attack against a medical institution in Russia exploited CVE-2018-15982, a zero-day remote code execution vulnerability in Adobe Flash Player. Adobe…

Read more

BARIUM targets gaming supply chains

Enterprise security personnel often assume that legitimate software products are inherently trustworthy. If an attacker takes over a legitimate app or service, they gain a…

Read more

WinRAR CVE-2018-20250 exploit

On February 20, 2019, researchers from Check Point Software Technologies revealed a flaw in WinRAR, a popular third-party compression app. The flaw (CVE-2018-20250) had existed…

Read more

SQL Server abuse

Attacks involving SQL Server can be difficult to respond to because SQL Server comes with vast array of tools for automation, scheduling, and data import…

Read more

Msiexec abuse

Attackers are opportunistic in that they will operate with any available tools and resources, resulting in overlapping tactics, techniques, and procedures (TTPs). Many well-known, highly…

Read more