In the News
Marriott
The "C" in C-I-A stands for this
Confidentiality
#1 method for attackers to gain access to a target network
Phishing
System Hardening 101: Always disable these
Unnecessary services and/or accounts
*SPOILER ALERT* Thanos loses in this movie
Avengers: Endgame
Charming Kitty is thought to be associated with this country - targeting US officials enforcing sanctions
Iran
Law protecting the private health care related information of individuals in the U.S.
HIPAA
(Health Insurance Portability and Accountability Act of 1996)
OSINT stands for this
Open Source Intelligence
Block Internet access from your servers to prevent attackers using this type of infrastructure to control them
C2 (C&C - Command & Control)
The Alliance and Horde battle over this homeworld
This company was, or was not, infiltrated by the Chinese military in a supply chain attack on their motherboards
Super Micro
(Supermicro)
Type of penetration test where the client provides NO information about the target environment
Black box
MS17-010
Cliff Stoll literally wrote the book on incident handling
The Cuckoo's Egg
This new D.C. movie, mostly underwater, will probably suck as much as the others - except Wonder Woman
An encrypted instance of this is created every two minutes
Phishing site
Type of malware which spreads without user interaction
Worm
fierce, amass, subbrute, recon-ng
Subdomain (and domain host) enumeration
DNS servers should be configured to not allow these outside authorized servers
Zone transfers
The sequel to Red Dead Redemption
Red Dead Redemption 2
This cyberespionage campaign "sniped" at defense, government and industrial control environments with job posting phishing attacks
Sharpshooter
DES key length - in bytes
56-bits = 7 bytes
msfvenom can be used to create these types of encoded objects
Payloads
Find these before malware can automatically spread to them or someone on your network reads exposed files within
Open/unrestricted shared folders
The Expanse