The Report
-
Name the supply chain attack related to Java logging library in the end of 2021 (Format: AttackNickname) (1 points)
Answer:
Log4j -
Mention the MITRE Technique ID which effected more than 50% of the customers (Format: TXXXX) (1 points)
Answer:
T1059 -
Submit the names of 2 vulnerabilities belonging to Exchange Servers (Format: VulnNickname, VulnNickname) (1 points)
Answer:
ProxyLogon, ProxyShell -
Submit the CVE of the zero day vulnerability of a driver which led to RCE and gain SYSTEM privileges (Format: CVE-XXXX-XXXXX) (1 points)
Answer:
CVE-2021-34527 -
Mention the 2 adversary groups that leverage SEO to gain initial access (Format: Group1, Group2) (1 points)
Answer:
Gootkit, Yellow Cockatoo -
In the detection rule, what should be mentioned as parent process if we are looking for execution of malicious js files [Hint: Not CMD] (Format: ParentProcessName.exe) (1 points)
Answer:
wscript.exe -
Ransomware gangs started using affiliate model to gain initial access. Name the precursors used by affiliates of Conti ransomware group (Format: Affiliate1, Affiliate2, Afilliate3) (1 points)
Source: Page 22 of the report.
Answer:
Qbot, Bazar, IcedID -
The main target of coin miners was outdated software. Mention the 2 outdated software mentioned in the report (Format: Software1, Software2) (1 points)
Answer:
JBoss, WebLogic -
Name the ransomware group which threatened to conduct DDoS if they didn't pay ransom (Format: GroupName) (1 points)
Answer:
Fancy Lazarus -
What is the security measure we need to enable for RDP connections in order to safeguard from ransomware attacks? (Format: XXX) (1 points)
Answer:
MFA