CVE-2015-5122: Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and…

CVE-2015-5122 [CRITICAL] Adobe Flash Player 18.0.0.203/18.0.0.204 ActionScript 3 opaqueBackground use after free (APSA15-04 / VU#338736) A vulnerability was found in Adobe Flash Player 18.0.0.203/18.0.0.204. It has been rated as critical. This affects the function opaqueBackground of the component ActionScript 3. Performing a manipulation results in use after free. This vulnerability is cataloged as CVE-2015-5122. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. Upgrading the affected component is advised.

CVE-2015-5122 [HIGH] CWE-416 GHSA-9h3m-vp3m-35pw: Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13 Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that leverages improper handling of the opaqueBackground property, as exploited in the wild in July 2015.

CVE-2013-0765 [CRITICAL] Attacking ECMAScript Engines with Redefinition - Project Zero Posted by Natalie Silvanovich = function () { return n; } ECMAScript has a property where almost all functions and variables can be dynamically redefined. This can lead to vulnerabilities in situations where native code assumes a function or variable behaves a certain way when accessed or does not have certain side effects when it can in fact be redefined. Project Zero has discovered 24 vulnerabilities involving ECMAScript redefinition in Adobe Flash in the past few months and similar issues have also been discovered in the wild. This post describes how this class of bugs works, alongside some examples of interesting bugs that have been recently patched. ECMAScript Redefinition Being a dynamically typed language, ECMAScript allows all functions to be redefined. For example, the JavaSc

CVE-2015-5122 [CRITICAL] CVE-2015-5122: Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13 Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that leverages improper handling of the opaqueBackground property, as exploited in the wild in July 2015.

CVE-2015-5122 [CRITICAL] CWE-416 Adobe Flash Player Use-After-Free Vulnerability Adobe Flash Player Use-After-Free Vulnerability Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player allows remote attackers to execute code or cause a denial-of-service (DoS). Affected: Adobe Flash Player Required Action: The impacted product is end-of-life and should be disconnected if still in use. Known Ransomware Campaign Use: Known Exploitation References: https://docs.google.com/spreadsheets/d/1lkNJ0uQwbeC1ZTRrxdtuPLCIl7mlUreoKfSIgajnSyY/edit; https://www.cve.org/CVERecord?id=CVE-2015-5122; https://resources.infosecinstitute.com/topic/the-hacking-team-hack-when-hackers-have-become-the-target/; https://www.trendmicro.com/en_us/research/15/g/hacking-team-leak-uncovers-another-windows-zero-day-ms-releases-patch.ht

CVE-2015-5122 [CRITICAL] CWE-416 Adobe Flash Player Use-After-Free Vulnerability Vulnerability: Adobe Flash Player Use-After-Free Vulnerability Affected: Adobe Flash Player Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player allows remote attackers to execute code or cause a denial-of-service (DoS). Required Action: The impacted product is end-of-life and should be disconnected if still in use. Notes: https://nvd.nist.gov/vuln/detail/CVE-2015-5122 Remediation Due Date: 2022-05-04

CVE-2015-5122 [CRITICAL] flash-plugin: two code execution issues in APSA15-04 / APSB15-18 flash-plugin: two code execution issues in APSA15-04 / APSB15-18 Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that leverages improper handling of the opaqueBackground property, as exploited in the wild in July 2015.

CVE-2015-5122 Adobe Flash - opaqueBackground Use-After-Free (Metasploit) Adobe Flash - opaqueBackground Use-After-Free (Metasploit) --- ## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 'Adobe Flash opaqueBackground Use After Free', 'Description' => %q{ This module exploits an use after free on Adobe Flash Player. The vulnerability, discovered by Hacking Team and made public on its July 2015 data leak, was described as an Use After Free while handling the opaqueBackground property 7 setter of the flash.display.DisplayObject class. This module is an early release tested on: Windows 7 SP1 (32-bit), IE11 and Adobe Flash 18.0.0.203, Windows 7 SP1 (32-bit), Firefox 38.0.5 and Adobe Flash 18.0.0.194, Windows 7 SP1 (32-bit), IE9 and Adobe Fl

Adobe Flash opaqueBackground Use After Free Adobe Flash opaqueBackground Use After Free This module exploits an use after free on Adobe Flash Player. The vulnerability, discovered by Hacking Team and made public as part of the July 2015 data leak, was described as an Use After Free while handling the opaqueBackground property 7 setter of the flash.display.DisplayObject class. This module is an early release tested on: Windows XP SP3, IE8 and Flash 18.0.0.194, Windows XP SP3, IE 8 and Flash 18.0.0.203, Windows XP SP3, Firefox and Flash 18.0.0.203, Windows Vista SP2 + IE 9 and Flash 18.0.0.203, Windows Vista SP2 + Firefox 39.0 and Flash 18.0.0.203, Windows 7 SP1 (32-bit), IE11 and Adobe Flash 18.0.0.203, Windows 7 SP1 (32-bit), Firefox 38.0.5 and Adobe Flash 18.0.0.194, Windows 7 SP1 (32-bit), IE9 and Adobe Flash 18.0.0.203, Windows

Cybersecurity Snapshot: 6 Things That Matter Right Now ## Cloud Exposure Tenable Cloud Security (CNAPP) Request a demo Tenable Cloud Vulnerability Management Request a demo Tenable CIEM Request a demo Secure your cloud ## Vulnerability Exposure Tenable Vulnerability Management Try for free Tenable Security Center Request a demo Tenable Web App Scanning Try for free Tenable Patch Management Request a demo Tenable Enclave Security Request a demo Tenable Attack Surface Management Request a demo Tenable Nessus Try for free ## AI Exposure Tenable AI Exposure Request a demo ## OT/IoT Exposure Tenable OT Security Request a demo ## Identity Exposure Tenable Identity Exposure Request a demo ## Business needs Active Directory AI Security Posture Management (AI-SPM) AWS security Azure security Cloud Security Posture Man

Analyzing the Vulnerabilities Associated with the Top Malware Strains of 2021 ## Cloud Exposure Tenable Cloud Security (CNAPP) Request a demo Tenable Cloud Vulnerability Management Request a demo Tenable CIEM Request a demo Secure your cloud ## Vulnerability Exposure Tenable Vulnerability Management Try for free Tenable Security Center Request a demo Tenable Web App Scanning Try for free Tenable Patch Management Request a demo Tenable Enclave Security Request a demo Tenable Attack Surface Management Request a demo Tenable Nessus Try for free ## AI Exposure Tenable AI Exposure Request a demo ## OT/IoT Exposure Tenable OT Security Request a demo ## Identity Exposure Tenable Identity Exposure Request a demo ## Business needs Active Directory AI Security Posture Management (AI-SPM) AWS security Azure security Cloud Security Posture Man

[CRITICAL] Web-based Threats-2018 Q3: Malicious URLs and Domains take a Dip # Executive Summary Our Email Link Analysis (ELINK) system is routinely reviewed by our Unit 42 research team. In examining the data it collects, patterns and trends are discovered which helps us discern prevalent web threats. This blog is the third (3rd quarter of 2018) in a series of posts tracking web-based threats throughout the year, specifically statistics pertaining to malicious URLs, domains, exploit kits, and CVEs. During Quarter 3 (Q3), July – September, a notable shift occurred with the malicious URL and domain data; there was a significant drop in the number of malicious URLs as well as a drop in malicious domains that will be discussed below. In addition, we will be covering an interesting malicious Flash SWF that exploits CVE-2015-5119. # URLs Based on our analysis of dat

CVE-2015-5119 [CRITICAL] Web-based Threats-2018 Q3: Malicious URLs and Domains take a Dip Threat Research Center Trend Reports Malware ## Web-based Threats-2018 Q3: Malicious URLs and Domains take a Dip Bo Qu Tao Yan Rongbo Shao Zhanglin He Xingyu Jin Published: December 27, 2018 Malware Trend Reports Vulnerabilities CVE-2015-5119 ELink ## Executive Summary Our Email Link Analysis (ELINK) system is routinely reviewed by our Unit 42 research team. In examining the data it collects, patterns and trends are discovered which helps us discern prevalent web threats. This blog is the third (3rd quarter of 2018) in a series of posts tracking web-based threats throughout the year, specifically statistics pertaining to malicious URLs, domains, exploit kits, and CVEs. During Quarter 3 (Q3), July – September, a notable shift occurred with the malicious URL and domain d

CVE-2018-8174 [HIGH] Web-based Threats-2018 Q2: U.S. Remains #1 in Malicious Web Addresses, China Falls from #2 to #7 Threat Research Center Trend Reports Vulnerabilities ## Web-based Threats-2018 Q2: U.S. Remains #1 in Malicious Web Addresses, China Falls from #2 to #7 Bo Qu Tao Yan Rongbo Shao Zhanglin He Published: September 5, 2018 Malware Trend Reports Vulnerabilities CVE-2018-8174 ELink Executive Summary In Q2, the United States was number one for hosting malicious domains and exploit kits. Unit 42 regularly analyzes statistical data from our Email Link Analysis (ELINK) to understand the patterns and trends in current web threats. This blog outlines our analysis for April – June (Q2) 2018 and follows up our previous blog analyzing web-based threats for January – March (Q1) 2018 that can be found here . We also provide detailed analysis of attacks against CVE-2018-8174 (a vulnerabil

CVE-2018-8174 [HIGH] Web-based Threats-2018 Q2: U.S. Remains #1 in Malicious Web Addresses, China Falls from #2 to #7 Executive Summary In Q2, the United States was number one for hosting malicious domains and exploit kits. Unit 42 regularly analyzes statistical data from our Email Link Analysis (ELINK) to understand the patterns and trends in current web threats. This blog outlines our analysis for April – June (Q2) 2018 and follows up our previous blog analyzing web-based threats for January – March (Q1) 2018 that can be found here. We also provide detailed analysis of attacks against CVE-2018-8174 (a vulnerability we discuss below) using the Double Kill exploit. What we found this quarter was that vulnerabilities under attack remained consistent, including very old vulnerabilities. One new vulnerability used zero-day attacks did rocket to near the top of the list. The United States remained the num

[CRITICAL] The Old and New: Current Trends in Web-based Threats Summary In this blog, Unit 42 is sharing analysis and statistics from our Email Link Analysis (ELINK) from the first quarter of 2018 and highlighting interesting findings of current web threats. We will first describe statistical information about CVEs, malicious URLs and Exploit Kits (EKs), then discuss the current life cycle of these web-based threats, and wrap up with two case studies about evolving EKs and a cryptocurrency miner. Statistics analysis CVEs In the first quarter of 2018, we found 1583 malicious URLs across 496 different domains. Attackers used at least 8 old and public vulnerabilities as shown in Figure 1. The Top 3 CVEs used are 1. CVE-2014-6332: exploited by 774 malicious URLs 2. CVE-2016-0189: exploited by 219 malicious URLs 3. CVE-2015-5122: exploited by 85 malici

CVE-2014-6332 [CRITICAL] The Old and New: Current Trends in Web-based Threats Threat Research Center Trend Reports Vulnerabilities ## The Old and New: Current Trends in Web-based Threats Tao Yan Bo Qu Zhanglin He Rongbo Shao Published: June 20, 2018 Malware Trend Reports Vulnerabilities CVE-2014-6332 CVE-2016-0189 EK Exploit kit KaiXin Rig Sundown Summary In this blog, Unit 42 is sharing analysis and statistics from our Email Link Analysis (ELINK) from the first quarter of 2018 and highlighting interesting findings of current web threats. We will first describe statistical information about CVEs, malicious URLs and Exploit Kits (EKs), then discuss the current life cycle of these web-based threats, and wrap up with two case studies about evolving EKs and a cryptocurrency miner. Statistics analysis CVEs In the first quarter of 2018, we found 1

Top Exploit Kit Activity Roundup - Summer 2017 | Zscaler Provide users with seamless, secure, reliable access to applications and data. Build and run secure cloud apps, enable zero trust cloud connectivity, and protect workloads from data center to cloud. Provide zero trust connectivity for IoT and OT devices and secure remote access to OT systems. Provide zero trust site-to-site connectivity and reliable access to B2B apps for partners. Industry Report Zscaler: A Leader in the 2025 Gartner® Magic Quadrant™ for Security Service Edge (SSE) USE CASES INDUSTRY & MARKET SOLUTIONS PARTNERS TECHNOLOGY PARTNERS Resource Center Events & Trainings Security Research & Services Tools Community & Support CXO REVOLUTIONARIES Amplifying the voices of real-world digital and zero trust pioneers Discover how it began and where it’s going Meet o

[HIGH] CNACOM Open Source Exploitation via Strategic Web Compromise Provide users with seamless, secure, reliable access to applications and data. Build and run secure cloud apps, enable zero trust cloud connectivity, and protect workloads from data center to cloud. Provide zero trust connectivity for IoT and OT devices and secure remote access to OT systems. Provide zero trust site-to-site connectivity and reliable access to B2B apps for partners. Industry Report Zscaler: A Leader in the 2025 Gartner® Magic Quadrant™ for Security Service Edge (SSE) USE CASES INDUSTRY & MARKET SOLUTIONS PARTNERS TECHNOLOGY PARTNERS Resource Center Events & Trainings Security Research & Services Tools Community & Support CXO REVOLUTIONARIES Amplifying the voices of real-world digital and zero trust pioneers Discover how it began and where it’s going Meet o

A Case Of Keitaro (featuring RIG And Nuclear) | Zscaler Provide users with seamless, secure, reliable access to applications and data. Build and run secure cloud apps, enable zero trust cloud connectivity, and protect workloads from data center to cloud. Provide zero trust connectivity for IoT and OT devices and secure remote access to OT systems. Provide zero trust site-to-site connectivity and reliable access to B2B apps for partners. Industry Report Zscaler: A Leader in the 2025 Gartner® Magic Quadrant™ for Security Service Edge (SSE) USE CASES INDUSTRY & MARKET SOLUTIONS PARTNERS TECHNOLOGY PARTNERS Resource Center Events & Trainings Security Research & Services Tools Community & Support CXO REVOLUTIONARIES Amplifying the voices of real-world digital and zero trust pioneers Discover how it began and where it’s going Meet o

[CRITICAL] Bad Actors On GMHOST Alexander Mulgin Serginovic | Zscaler Provide users with seamless, secure, reliable access to applications and data. Build and run secure cloud apps, enable zero trust cloud connectivity, and protect workloads from data center to cloud. Provide zero trust connectivity for IoT and OT devices and secure remote access to OT systems. Provide zero trust site-to-site connectivity and reliable access to B2B apps for partners. Industry Report Zscaler: A Leader in the 2025 Gartner® Magic Quadrant™ for Security Service Edge (SSE) USE CASES INDUSTRY & MARKET SOLUTIONS PARTNERS TECHNOLOGY PARTNERS Resource Center Events & Trainings Security Research & Services Tools Community & Support CXO REVOLUTIONARIES Amplifying the voices of real-world digital and zero trust pioneers Discover how it began and where it’s going Meet o

CVE-2015-5122 [CRITICAL] Watering Hole Attack on Aerospace Firm Exploits CVE-2015-5122 to Install IsSpace Backdoor On July 16, 2015, the Palo Alto Networks Unit 42 threat intelligence team discovered a watering hole attack on the website of a well-known aerospace firm. The website was compromised to launch an apparent watering-hole attack against the company's customers. It was hosting an Adobe Flash exploit targeting one of the newly disclosed vulnerabilities from the Hacking Team data breach, CVE-2015-5122. This attack yet again showcases the opportunistic tendencies of adversary groups and bad actors. The malware deployed by this exploit has been seen in a number of targeted attacks and provides attackers with a foothold on the victim’s machine and/or network. The exploit file, movie.swf, was ZWS compressed, a tactic that has been observed to evade anti-virus programs. Once uncompressed, a binary

CVE-2015-5122 [CRITICAL] Watering Hole Attack on Aerospace Firm Exploits CVE-2015-5122 to Install IsSpace Backdoor Threat Research Center Threat Research Malware ## Watering Hole Attack on Aerospace Firm Exploits CVE-2015-5122 to Install IsSpace Backdoor Bryan Lee Josh Grunzweig Published: July 20, 2015 Malware Threat Research Adobe Flash Aerospace Hacking Team IsSpace NFlog Watering Hole Attack On July 16, 2015, the Palo Alto Networks Unit 42 threat intelligence team discovered a watering hole attack on the website of a well-known aerospace firm. The website was compromised to launch an apparent watering-hole attack against the company's customers. It was hosting an Adobe Flash exploit targeting one of the newly disclosed vulnerabilities from the Hacking Team data breach, CVE-2015-5122. This attack yet again showcases the opportunistic tendencies of adversary groups and bad actors. T

[CRITICAL] Update2: Patch Tuesday July 2015 | Qualys Update2: Microsoft released a critical bulletin MS15-078 for a font problem that affects all versions of Windows and allows Remote Code Execution. Microsoft credits Google’s Project Zero, Fireeye and TrendMicro. TrendMicro indicates that the vulnerability came out of the HackingTeam data breach. Google’s entry for the bug indicates that they are aware of exploit code avaliable in the wild, which explains Microsoft’s out-of-band release. Patch as quickly as possible. Update : Oracle’s CPU July 2015 fixes the 0-day vulnerability CVE-2015-2590 in Java reported by Trend Micro. We recommend treating this patch with high priority. Note: if you think you cannot use new Java due to requirements for old versions, have you looked at Oracle’s deployment rulesets? Original : When we started preparin

[CRITICAL] Update2: Patch Tuesday July 2015 | Qualys Update2: Microsoft released a critical bulletin MS15-078 for a font problem that affects all versions of Windows and allows Remote Code Execution. Microsoft credits Google’s Project Zero, Fireeye and TrendMicro. TrendMicro indicates that the vulnerability came out of the HackingTeam data breach. Google’s entry for the bug indicates that they are aware of exploit code avaliable in the wild, which explains Microsoft’s out-of-band release. Patch as quickly as possible. Update: Oracle’s CPU July 2015 fixes the 0-day vulnerability CVE-2015-2590 in Java reported by Trend Micro. We recommend treating this patch with high priority. Note: if you think you cannot use new Java due to requirements for old versions, have you looked at Oracle’s deployment rulesets? Original: When we started preparing

[CRITICAL] Hacking Team Leak, Flash 0day, Exploit Payloads | Zscaler Provide users with seamless, secure, reliable access to applications and data. Build and run secure cloud apps, enable zero trust cloud connectivity, and protect workloads from data center to cloud. Provide zero trust connectivity for IoT and OT devices and secure remote access to OT systems. Provide zero trust site-to-site connectivity and reliable access to B2B apps for partners. Industry Report Zscaler: A Leader in the 2025 Gartner® Magic Quadrant™ for Security Service Edge (SSE) USE CASES INDUSTRY & MARKET SOLUTIONS PARTNERS TECHNOLOGY PARTNERS Resource Center Events & Trainings Security Research & Services Tools Community & Support CXO REVOLUTIONARIES Amplifying the voices of real-world digital and zero trust pioneers Discover how it began and where it’s going Meet o

Analyzing Attack Vector Trends by Industry, Country, and More # Analyzing Attack Vector Trends by Industry, Country, and More Cyber security professionals are flooded with issues requiring their attention. Identifying the most significant risks can be challenging, which makes choosing where to allocate resources even more difficult. This applies to both short term tactical decisions (e.g., Which vulnerabilities do I prioritize this week?) and longer term strategic decisions (e.g., Where do I invest in technology?) for the organization. Recorded Future provides real-time situational awareness of trending information security topics to support those critical choices. This is done by analyzing millions of documents from the Web daily. The unstructured text from security blogs, threat researchers, mainstream media, and much more is mined and given stru

[HIGH] New Kit, Same Player: Top 10 Vulnerabilities Used by Exploit Kits in 2016 # Gone in a Flash: Top 10 Vulnerabilities Used by Exploit Kits ### Analysis Summary - Adobe Flash Player provided eight of the top 10 vulnerabilities used by exploit kits in 2015. - Vulnerabilities in Microsoft’s Internet Explorer and Silverlight are also major targets. - Angler is currently the most popular exploit kit, regularly tied to malware including Cryptolocker. - Identifying targeted vulnerabilities can better inform patch management functions within organizations. - Some security professionals suggest uninstalling Adobe Flash Player. Enabling “Click to Play” is a stop-gap. Recorded Future threat intelligence analysis of over 100 exploit kits (EKs) and known vulnerabilities identified Adobe Flash Player as the most frequently exploited product. While the role of Adobe Flash vul

Analyzing Attack Vector Trends by Industry, Country, and More ## Analyzing Attack Vector Trends by Industry, Country, and More Cyber security professionals are flooded with issues requiring their attention. Identifying the most significant risks can be challenging, which makes choosing where to allocate resources even more difficult. This applies to both short term tactical decisions (e.g., Which vulnerabilities do I prioritize this week?) and longer term strategic decisions (e.g., Where do I invest in technology?) for the organization. Recorded Future provides real-time situational awareness of trending information security topics to support those critical choices. This is done by analyzing millions of documents from the Web daily. The unstructured text from security blogs, threat researchers, mainstream media, and much more is mined and given str

Zscaler discovers Flash Player Vulnerabilities | 07-21-2015 Provide users with seamless, secure, reliable access to applications and data. Build and run secure cloud apps, enable zero trust cloud connectivity, and protect workloads from data center to cloud. Provide zero trust connectivity for IoT and OT devices and secure remote access to OT systems. Provide zero trust site-to-site connectivity and reliable access to B2B apps for partners. Industry Report Zscaler: A Leader in the 2025 Gartner® Magic Quadrant™ for Security Service Edge (SSE) USE CASES INDUSTRY & MARKET SOLUTIONS PARTNERS TECHNOLOGY PARTNERS Resource Center Events & Trainings Security Research & Services Tools Community & Support CXO REVOLUTIONARIES Amplifying the voices of real-world digital and zero trust pioneers Discover how it began and where it’s going Meet o

[HIGH] New Kit, Same Player: Top 10 Vulnerabilities Used by Exploit Kits in 2016 | Recorded Future ## Gone in a Flash: Top 10 Vulnerabilities Used by Exploit Kits ## Analysis Summary Adobe Flash Player provided eight of the top 10 vulnerabilities used by exploit kits in 2015. Vulnerabilities in Microsoft’s Internet Explorer and Silverlight are also major targets. Angler is currently the most popular exploit kit, regularly tied to malware including Cryptolocker. Identifying targeted vulnerabilities can better inform patch management functions within organizations. Some security professionals suggest uninstalling Adobe Flash Player. Enabling “Click to Play” is a stop-gap. Recorded Future threat intelligence analysis of over 100 exploit kits (EKs) and known vulnerabilities identified Adobe Flash Player as the most frequently exploited product. While the role of Adobe Flash vulnerabi

CVE-2026-20929 [HIGH] Falcon Zero-Day Flash Detection STARDUST CHOLLIMA Likely Compromises Axios npm Package Apr 01, 2026 Falcon for IT Supports Windows Secure Boot Certificate Lifecycle Management Apr 01, 2026 Detecting CVE-2026-20929: Kerberos Authentication Relay via CNAME Abuse Mar 31, 2026 How Charlotte AI AgentWorks Fuels Security's Agentic Ecosystem Mar 25, 2026 STARDUST CHOLLIMA Likely Compromises Axios npm Package Apr 01, 2026 Falcon for IT Supports Windows Secure Boot Certificate Lifecycle Management Apr 01, 2026 Detecting CVE-2026-20929: Kerberos Authentication Relay via CNAME Abuse Mar 31, 2026 How Charlotte AI AgentWorks Fuels Security's Agentic Ecosystem Mar 25, 2026 Video Highlights the 4 Key Steps to Successful Incident Response Dec 02, 2019 Helping Non-Security Stakeholders Understand ATT&CK in 10 Minutes or Less [VI

CVE-2015-5122 [CRITICAL] CVE-2015-5122 CVE-2015-5123 flash-plugin: two code execution issues in APSA15-04 / APSB15-18 CVE-2015-5122 CVE-2015-5123 flash-plugin: two code execution issues in APSA15-04 / APSB15-18 Adobe Security Advisory APSA15-04 for Adobe Flash Player documents two flaws that can possibly lead to arbitrary code execution when Flash Player is used to play a specially crafted SWF file. Quoting from the APSA15-04: Critical vulnerabilities (CVE-2015-5122, CVE-2015-5123) have been identified in Adobe Flash Player 18.0.0.204 and earlier versions for Windows, Macintosh and Linux. Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system. Adobe is aware of reports that exploits targeting these vulnerabilities have been published publicly. Adobe expects to make updates available during the week of July 12, 2015. https://helpx.adobe.com

CLIProv: A Contrastive Log-to-Intelligence Multimodal Approach for Threat Detection and Provenance Analysis 1 .001 [mode = title]CLIProv: A Contrastive Log-to-Intelligence Multimodal Approach for Threat Detection and Provenance Analysis [1]. [1]Jingwen Li[style=chinese] Conceptualization, Methodology, Writing–original draft [1]organization=Beijing University of Posts and Telecommunications, city=Beijing, postcode=100876, country=China [1]Ru Zhang[style=chinese, orcid=0000-0001-6641-3236] [1] [email protected] Supervision, Writing-Review & Editing [1]Jianyi Liu[style=chinese] Methodology, Writing-Review & Editing, Resources [2]WanGuo Zhao[style=chinese] Data curation, Resources [2]organization=Beijing Anheng Xin'an Technology Co., Ltd, city=Beijing, postcode=100089, country=China [1]Corresponding author ## Abstract With the increasing complexity of cyberattacks, the proactive and f

MAAC: Novel Alert Correlation Method To Detect Multi-step Attack MAAC: Novel Alert Correlation Method To Detect Multi-step Attack This work was supported by the National Natural Science Foundation of China (Grant No. 61802394 and 61902396) and the Youth Innovation Promotion Association. This work is also supported by the Program of Key Laboratory of Network Assessment Technology, the Chinese Academy of Sciences and Program of Beijing Key Laboratory of Network Security and Protection Technology. comment 1st Xiaoyu Wang dept. name of organization (of Aff.) name of organization (of Aff.) City, Country email address or ORCID 2nd Given Name Surname dept. name of organization (of Aff.) name of organization (of Aff.) City, Country email address or ORCID 3rd Given Name Surname dept. name of organization (of Aff.) name of organization (of Aff.) City,