Exploits

Adversaries may develop or acquire exploits to be used during targeting. An exploit takes advantage of a bug or vulnerability in order to cause unintended or unanticipated behavior to occur on computer hardware or software. For example, an adversary may develop or purchase a zero-day exploit for use against specific targeted systems. The exploitation of zero-day vulnerabilities provides a significant tactical advantage to adversaries, as the targeted organization typically has no prior knowledge of the vulnerability and thus no established defenses against it. These exploits may target various system components including applications, operating system services, hardware drivers, or firmware interfaces and may be used in conjunction with other techniques to gain initial access, elevate privileges, or bypass security controls. Sophisticated threat actors often maintain libraries of exploits for common vulnerabilities alongside custom exploits developed for specific target environments, enabling them to adapt their attack methodologies based on the defensive posture encountered during operations.