Threat Vectors

RaaS leverages Cobalt Strike, beaconing via DNS A records (CVE-2021-26855). Qakbot drops via VBS (WScript.Shell). Spring4Shell (CVE-2022-22965) hits unpatched JVMs. IoT worms—Mirai—exploit TR-069 flaws. Consult flags exposure; paid hunts with Bro IDS.