Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
This query was originally published in the threat analytics report, CVE-2018-15982 exploit attacks. CVE-2018-15982 is an exploit of Adobe Flash Player, that allows for remote execution of arbitrary code. It has since been patched. Actors have been observed using this vulnerability in targeted attacks. Exploits for CVE-2018-15982 have also been included in several exploit kits. In some initial attacks exploiting CVE-2018-15982, attackers sent targets spear-phishing emails. The emails would includ
| Attribute | Value |
|---|---|
| Type | Hunting Query |
| Solution | GitHub Only |
| ID | dac6bcd8-35c9-4937-88e8-3b1c00dcebe2 |
| Tactics | Initial access, Execution, Persistence, Command and control |
| Required Connectors | MicrosoftThreatProtection |
| Source | [View on GitHub](https://github.com/Azure/Azure-Sentinel/blob/master/Hunting Queries/Microsoft%20365%20Defender/Execution/detect-malicious-rar-extraction.yaml) |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊