open-menu
closeme
CVE-2021-26858 Exchange Exploitation
calendar
Oct 26, 2023
·
attack.t1203
attack.execution
cve.2021.26858
detection.emerging_threats
·
Share on:
twitter
facebook
linkedin
copy
CVE-2021-31979 CVE-2021-33771 Exploits by Sourgum
calendar
Oct 26, 2023
·
attack.credential_access
attack.t1566
attack.t1203
cve.2021.33771
cve.2021.31979
detection.emerging_threats
·
Share on:
twitter
facebook
linkedin
copy
CVE-2023-38331 Exploitation Attempt - Suspicious WinRAR Child Process
calendar
Oct 18, 2023
·
detection.emerging_threats
attack.execution
attack.t1203
cve.2023.38331
·
Share on:
twitter
facebook
linkedin
copy
OMIGOD HTTP No Authentication RCE
calendar
Oct 18, 2023
·
attack.privilege_escalation
attack.initial_access
attack.execution
attack.lateral_movement
attack.t1068
attack.t1190
attack.t1203
attack.t1021.006
attack.t1210
·
Share on:
twitter
facebook
linkedin
copy
Potentially Suspicious Child Process Of WinRAR.EXE
calendar
Oct 18, 2023
·
attack.execution
attack.t1203
·
Share on:
twitter
facebook
linkedin
copy
Audit CVE Event
calendar
Oct 17, 2023
·
attack.execution
attack.t1203
attack.privilege_escalation
attack.t1068
attack.defense_evasion
attack.t1211
attack.credential_access
attack.t1212
attack.lateral_movement
attack.t1210
attack.impact
attack.t1499.004
·
Share on:
twitter
facebook
linkedin
copy
Equation Editor Network Connection
calendar
Oct 17, 2023
·
attack.execution
attack.t1203
·
Share on:
twitter
facebook
linkedin
copy
Excel Network Connections
calendar
Oct 17, 2023
·
attack.execution
attack.t1203
·
Share on:
twitter
facebook
linkedin
copy
OMIGOD SCX RunAsProvider ExecuteScript
calendar
Oct 17, 2023
·
attack.privilege_escalation
attack.initial_access
attack.execution
attack.t1068
attack.t1190
attack.t1203
·
Share on:
twitter
facebook
linkedin
copy
OMIGOD SCX RunAsProvider ExecuteShellCommand
calendar
Oct 17, 2023
·
attack.privilege_escalation
attack.initial_access
attack.execution
attack.t1068
attack.t1190
attack.t1203
·
Share on:
twitter
facebook
linkedin
copy
OMIGOD SCX RunAsProvider ExecuteShellCommand - Auditd
calendar
Oct 17, 2023
·
attack.privilege_escalation
attack.initial_access
attack.execution
attack.t1068
attack.t1190
attack.t1203
·
Share on:
twitter
facebook
linkedin
copy
CVE-2021-31979 CVE-2021-33771 Exploits
calendar
Aug 17, 2023
·
attack.credential_access
attack.t1566
attack.t1203
cve.2021.33771
cve.2021.31979
detection.emerging_threats
·
Share on:
twitter
facebook
linkedin
copy
Droppers Exploiting CVE-2017-11882
calendar
Jun 20, 2023
·
attack.execution
attack.t1203
attack.t1204.002
attack.initial_access
attack.t1566.001
cve.2017.11882
detection.emerging_threats
·
Share on:
twitter
facebook
linkedin
copy
Exploit for CVE-2017-0261
calendar
Jun 20, 2023
·
attack.execution
attack.t1203
attack.t1204.002
attack.initial_access
attack.t1566.001
cve.2017.0261
detection.emerging_threats
·
Share on:
twitter
facebook
linkedin
copy
Exploit for CVE-2017-8759
calendar
Jun 20, 2023
·
attack.execution
attack.t1203
attack.t1204.002
attack.initial_access
attack.t1566.001
cve.2017.8759
detection.emerging_threats
·
Share on:
twitter
facebook
linkedin
copy
Potential CVE-2021-26857 Exploitation Attempt
calendar
Jun 20, 2023
·
attack.t1203
attack.execution
cve.2021.26857
detection.emerging_threats
·
Share on:
twitter
facebook
linkedin
copy
Dfsvc.EXE Network Connection To Uncommon Ports
calendar
Jun 12, 2023
·
attack.execution
attack.t1203
·
Share on:
twitter
facebook
linkedin
copy
Download From Suspicious TLD - Blacklist
calendar
May 18, 2023
·
attack.initial_access
attack.t1566
attack.execution
attack.t1203
attack.t1204.002
·
Share on:
twitter
facebook
linkedin
copy
Download From Suspicious TLD - Whitelist
calendar
May 18, 2023
·
attack.initial_access
attack.t1566
attack.execution
attack.t1203
attack.t1204.002
·
Share on:
twitter
facebook
linkedin
copy
OMIGOD SCX RunAsProvider ExecuteScript
calendar
Apr 21, 2023
·
attack.privilege_escalation
attack.initial_access
attack.execution
attack.t1068
attack.t1190
attack.t1203
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Browser Child Process - MacOS
calendar
Apr 5, 2023
·
attack.initial_access
attack.execution
attack.t1189
attack.t1203
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
Java Running with Remote Debugging
calendar
Mar 5, 2023
·
attack.t1203
attack.execution
·
Share on:
twitter
facebook
linkedin
copy
Antivirus Exploitation Framework Detection
calendar
Feb 1, 2023
·
attack.execution
attack.t1203
attack.command_and_control
attack.t1219
·
Share on:
twitter
facebook
linkedin
copy
iOS Implant URL Pattern
calendar
Feb 1, 2023
·
attack.execution
attack.t1203
attack.collection
attack.t1005
attack.t1119
attack.credential_access
attack.t1528
attack.t1552.001
·
Share on:
twitter
facebook
linkedin
copy
Suspicious HWP Sub Processes
calendar
Feb 1, 2023
·
attack.initial_access
attack.t1566.001
attack.execution
attack.t1203
attack.t1059.003
attack.g0032
·
Share on:
twitter
facebook
linkedin
copy
to-top