The Report

Answer

Log4j

Mention the MITRE Technique ID which effected more than 50% of the customers (Format: TXXXX)

Answer

T1059

Submit the names of 2 vulnerabilities belonging to Exchange Servers (Format: VulnNickname, VulnNickname)

Answer

ProxyLogon, ProxyShell

Submit the CVE of the zero day vulnerability of a driver which led to RCE and gain SYSTEM privileges (Format: CVE-XXXX-XXXXX)

Answer

CVE-2021-34527

Mention the 2 adversary groups that leverage SEO to gain initial access (Format: Group1, Group2)

Answer

Gootkit, Yellow Cockatoo

In the detection rule, what should be mentioned as parent process if we are looking for execution of malicious js files [Hint: Not CMD] (Format: ParentProcessName.exe)

Answer

wscript.exe

Ransomware gangs started using affiliate model to gain initial access. Name the precursors used by affiliates of Conti ransomware group (Format: Affiliate1, Affiliate2, Afilliate3)

Answer

Qbot, Bazar, IcedID

The main target of coin miners was outdated software. Mention the 2 outdated software mentioned in the report (Format: Software1, Software2)

Answer

JBoss, WebLogic

Name the ransomware group which threatened to conduct DDoS if they didn't pay ransom (Format: GroupName)

Answer

Fancy Lazarus

What is the security measure we need to enable for RDP connections in order to safeguard from ransomware attacks? (Format: XXX)

Answer

MFA

Last updated