The Report

Question 1) Name the supply chain attack related to Java logging library in the end of 2021 (Format: AttackNickname) (1 points)

Log4J

Question 2) Mention the MITRE Technique ID which effected more than 50% of the customers (Format: TXXXX) (1 points)

T1059

Question 3) Submit the names of 2 vulnerabilities belonging to Exchange Servers (Format: VulnNickname, VulnNickname) (1 points)

ProxyLogon, ProxyShell

Question 4) Submit the CVE of the zero day vulnerability of a driver which led to RCE and gain SYSTEM privileges (Format: CVE-XXXX-XXXXX) (1 points)

CVE-2021–30116

Question 5) Mention the 2 adversary groups that leverage SEO to gain initial access (Format: Group1, Group2) (1 points)

Gootkit, Yellow Cockatoo

Question 6) In the detection rule, what should be mentioned as parent process if we are looking for execution of malicious js files [Hint: Not CMD] (Format: ParentProcessName.exe) (1 points)

wscript.exe

Question 7) Ransomware gangs started using affiliate model to gain initial access. Name the precursors used by affiliates of Conti ransomware group (Format: Affiliate1, Affiliate2, Afilliate3) (1 points)

Qbot, Bazar, IcedID

Question 8) The main target of coin miners was outdated software. Mention the 2 outdated software mentioned in the report (Format: Software1, Software2) (1 points)

JBoss, WebLogic

Question 9) Name the ransomware group which threatened to conduct DDoS if they didn’t pay ransom (Format: GroupName) (1 points)

Fancy Lazarus

Question 10) What is the security measure we need to enable for RDP connections in order to safeguard from ransomware attacks? (Format: XXX) (1 points)

MFA

goodbye, thank you for reading until now //~//