Some interesting info about popular exploits that are being used by hackers: https://www.recordedfuture.com/russian-apt-toolkits/
Article states: "Using Recorded Future, we analyzed information published to the web linking Russian APTs to exploited vulnerabilities from January 1, 2012 to July 31, 2016." They 'repurpose' research from other parties and don't provide any new intelligence. And their table of CVE's is wrong: CVE-2013-0641 was combined with CVE-2013-0640 and thus an exploit is available CVE-2014-3897 is a typo of CVE-2013-3897 (CVE-2013-3897 is already in their table) Exploit code for CVE-2014-1776 is publically available Exploit sample for CVE-2015-2424 can be obtained from public sources Exploit for CVE-2016-4117 was not used by APT28, but by ScarCruft and a sample is available online.