A recent Windows Defender Advanced Threat Protection (ATP) alert described an Adobe Flash zero-day vulnerability (CVE-2018-15982) that was used in a spear-phishing attack against a medical institution in Russia. Adobe released a patch on December 5, 2018. This vulnerability and attack sequence highlighted a number of mitigations that you can use to block such attacks.
The attack started with a spear-phishing campaign. In this instance, the spear-phishing email consisted of a RAR archive file containing two files. The first was a lure document. The second was a another RAR archive file disguised as a .jpg file.
