In the News
Security Awareness
InfoSec @ Globality
Vulnerabilities
#infosec
100
This car hailing company was breached in September 2022 when a user left admin credentials in a script obtained by hackers.
Who is Uber?
100
This is who in the organization is ultimately responsible for information security.
Who is all employees 😃
100
What are the names of the 4 InfoSec personnel at Globality?
Who are Vance, Jon x2, and James?
100
This attack occurs when someone uses the source name and wrong email address.
What is spoofing?
100
What is Snyk?
200
Name of the person who recently blew the whistle on Twitter’s poor cybersecurity practices.
Who is Peiter “Mudge” Zatko
200
This online SaaS tool is used by Globality for issuing annual security awareness training and policy attestations
What is KnowBe4?
200
InfoSec Policies and Standards are stored here.
What is InfoSec Confluence Page (or OneDrive)
200
This vulnerability is often paired with a famous comic featuring “Little Bobby Tables”
What is SQL injection?
200
In the #infosec channel PSA from Vance, what did he cite as the cause for the most of the breaches so far this year.
What is Social engineering?
300
This credit reporting agency had the largest data breach of SSN records as of 2017 impacting 147.9 million Americans along with 15.2 million British citizens.
Who is Equifax?
300
This security attack is when hackers manipulate individuals to divulge confidential or sensitive information.
What is Social Engineering?
300
These are annual Security Certifications that Globality maintains.
What is ISO 27001 & SOC 2?
300
This high profile vulnerability in Apache identified at the end of 2021 continued making headlines through 2022?
What is Log4Shell (in Log4j2)
300
This is the name of the Slack channel for engineers and developers to post PR requests or Eng questions to InfoSec.
What is #infosec-dev-chatter?
400
This is the name of the group that Mudge was member of when first testifying to Congress in 1998?
What is l0pht?
400
This is the year CyberSecurity Awareness month was established.
What is 2004?
400
This is the amount of time for Globality’s default screen lockout setting (MacOS & Windows)?
What is 10 min (MacOS) or 15 min (Windows)?
400
This computer exploit developed by the U.S. NSA and was leaked by the Shadow Brokers hacker group in April 2017, one month after Microsoft released patches for the vulnerability.
What is EternalBlue?
400
According to Welzy's #techtalk, what are the four methods to mitigate risk?
Avoid, Reduce, Transfer, Accept
500
Name of the Russian Kremlin-linked company behind an influence campaign that targeted the 2016 elections.
Who is the Internet Research Agency (IRA)?
500
Special Publication 800-50, Building an Information Technology Security Awareness and Training Program, is published by this Dept of Commerce org.
Who is NIST?
500
This is the % of Globality employees who have fallen for a phishing test in the past 3 months.
What is 22% (anything between 20-25% will count)?
500
A known, patched vulnerability in this software was the initial intrusion vector in the Equifax hack.
What is Apache Struts?
500
In the #infosec channel PSA from James, what is the name of the first antivirus created in 1972?
What is Ray Tomlinson's Reaper