BlackOasis - description
- Last Updated: May 1, 2026
- 1 minute read
- Flowmon Products
- Flowmon Anomaly Detection System
- Documentation
Sources:
- BlackOasis APT and targeted attacks leveraging zero-day exploit
- APT28 Racing to exploit CVE-2017-11292 Flash vulnerability before patches are deployed
Researchers identified an Adobe Flash zero-day exploit that attackers delivered through a Microsoft Office document. The final payload was the latest version of FinSpy malware. Attackers likely delivered the Microsoft Office document as an email attachment.
Flowmon ADS detects when systems download the payload and communicate with the command and control (C&C) servers.
