APT Group Wekby Leveraging Adobe Flash Exploit
概要
As if the recent breach and subsequent public data dump involving the Italian company Hacking Team wasn’t bad enough, it all gets just a little bit worse. Emerging from the bowels of Hacking Team data dump was a Flash 0-day exploit (CVE-2015-5119) that was just patched today by Adobe as covered in APSB15-16. The exploit has since been added into the Angler Exploit Kit and integrated into Metasploit. However, not to be out done, APT attackers have also started leveraging the exploit in targeted spear phishing attacks as well. Before we start dishing the details, there is going to be one main takeaway from this blog post: If you haven’t already, update/patch your Adobe Flash now.
Created: 2026-02-23
Indicators
類似Pulses
このPulseに関連する脅威アクター (事実ベース)
Score: 6.14
Matched TTPs:
- T1586.003 - Cloud Accounts
- T1547.008 - LSASS Driver
MITREへのリンク →
Score: 8.89
Matched TTPs:
- T1586.003 - Cloud Accounts
- T1547.008 - LSASS Driver
- T1556 - Modify Authentication Process
MITREへのリンク →
Score: 11.60
Matched TTPs:
- T1586.003 - Cloud Accounts
- T1197 - BITS Jobs
- T1146 - Clear Command History
MITREへのリンク →
Score: 3.62
Matched TTPs:
- T1586.003 - Cloud Accounts
MITREへのリンク →
Score: 6.88
Matched TTPs:
- T1567.001 - Exfiltration to Code Repository
- T1556 - Modify Authentication Process
MITREへのリンク →
Score: 6.88
Matched TTPs:
- T1567.001 - Exfiltration to Code Repository
- T1556 - Modify Authentication Process
MITREへのリンク →
Score: 5.49
Matched TTPs:
- T1027.014 - Polymorphic Code
- T1128 - Netsh Helper DLL
MITREへのリンク →
Score: 10.32
Matched TTPs:
- T1027.014 - Polymorphic Code
- T1197 - BITS Jobs
- T1003.003 - NTDS
MITREへのリンク →
Score: 5.49
Matched TTPs:
- T1027.014 - Polymorphic Code
- T1556 - Modify Authentication Process
MITREへのリンク →
Score: 8.02
Matched TTPs:
- T1128 - Netsh Helper DLL
- T1547.008 - LSASS Driver
- T1556 - Modify Authentication Process
MITREへのリンク →
Score: 8.02
Matched TTPs:
- T1128 - Netsh Helper DLL
- T1547.008 - LSASS Driver
- T1556 - Modify Authentication Process
MITREへのリンク →
Score: 5.49
Matched TTPs:
- T1128 - Netsh Helper DLL
- T1556 - Modify Authentication Process
MITREへのリンク →
Score: 5.96
Matched TTPs:
- T1197 - BITS Jobs
- T1547.008 - LSASS Driver
MITREへのリンク →
Score: 4.13
Matched TTPs:
- T1130 - Install Root Certificate
MITREへのリンク →
Score: 4.13
Matched TTPs:
- T1130 - Install Root Certificate
MITREへのリンク →
Score: 4.54
Matched TTPs:
- T1686 - Disable or Modify System Firewall
MITREへのリンク →
Score: 5.27
Matched TTPs:
- T1547.008 - LSASS Driver
- T1556 - Modify Authentication Process
MITREへのリンク →
このPulseに関連する脅威アクター (推論ベース)
Score: 0.82
Matched TTPs:
- T1197 - BITS Jobs
- T1146 - Clear Command History
- T1586.003 - Cloud Accounts
MITREへのリンク →
Score: 0.73
Matched TTPs:
- T1003.003 - NTDS
- T1027.014 - Polymorphic Code
- T1197 - BITS Jobs
MITREへのリンク →
Score: 0.62
Matched TTPs:
- T1547.008 - LSASS Driver
- T1556 - Modify Authentication Process
- T1586.003 - Cloud Accounts
MITREへのリンク →
Score: 0.61
Matched TTPs:
- T1547.008 - LSASS Driver
- T1556 - Modify Authentication Process
- T1128 - Netsh Helper DLL
MITREへのリンク →
Score: 0.59
Matched TTPs:
- T1547.008 - LSASS Driver
- T1556 - Modify Authentication Process
- T1128 - Netsh Helper DLL
MITREへのリンク →
Score: 0.56
Matched TTPs:
- T1567.001 - Exfiltration to Code Repository
- T1556 - Modify Authentication Process
MITREへのリンク →
Related CVEs
Pulse – 脅威アクター グラフ
← Pulse一覧に戻る
Trusted Design