Malware
Vocabulary
Breaches
Phishing Styles
CSIRT
100

A program that logs user input from the keyboard, usually without the user's knowledge or permission.

What is a Keylogger ?

100

This process refers to the conversion of plain text to cipher text. Its purpose is to maintain confidentiality. 

What is encryption?

100

In this 2016 breach, this company known for being a casual hookup site announced that over 20 years of data was exposed by exploiting a Local File Inclusion vulnerability (LFI).

Who is Adult Friend Finder?

100

The most traditional delivery format of phishing.

What is email?

100

The acronym, CSIRT.

What is Computer Security Incident Response Team?

200

It is a type of malware that spreads copies of itself from computer to computer. It can replicate itself without any human interaction, and it does not need to attach itself to a software program in order to cause damage.

What is a worm ?

200

The purpose of this process is to convert data so it can be consumed by another system. It is reversible and no keys are used. 

What is encoding?

200

In 2017, this company announced that over 143 million customers had their credit card data exposed. The threat actors exploited the struts vulnerability (CVE-2017-5638).

Who is Equifax?

200

In this form of phishing, the attack is executed via a phone call.

What is vishing?

200

The total number of people on the CSIRT team.

What is 12?

300

It is a collection of internet-connected devices, which may include PCs, servers, mobile devices and internet of things devices that are infected and controlled by a common type of malware.

What is a Botnet ?

300

The purpose of this function is to protect the integrity of data.

What is hashing?

300

In 2018, this hospitality giant announced over 400 million customer data was exposed due to a vulnerability in an acquisition.

Who is Marriott?

300

In this type of phishing, if executed, the exploit will encrypt the victims hard drive and offers to decrypt the disk in exchange for something of value, most often money. 

What is ransomware?

300

This person in CSIRT has run over 400 miles this year. 

Who is Chunyong?

400

It is a program that compresses, encrypts, and/or modifies an executable to make it smaller and difficult to reverse engineer

What is a Packer ?

400

The purpose of this action is to make it difficult for humans to understand the data. 

What is obfuscation?

400

In 2018, this company reported that attacker stole access tokens which they could then use to take over people’s accounts. Specifically, they exploited a vulnerability in the site code that impacted a feature called “View As".

Who is Facebook?

400

In this phishing technique, the goal is to embarrass the victim unless they pay a sum of money or something valuable to the attacker. 

What is blackmail?

400

This person in CSIRT has a purple belt in Brazilian Jujitsu. 

Who is Kristen?

500

It is a ransomware cryptoworm, which targeted computers running the Microsoft Windows operating system by encrypting data and demanding ransom payments in the Bitcoin

This ransomware used EternalBlue exploit (stolen from NSA and released to the public by The Shadow brokers) to spread itself.

What is WannaCry ransomware ?

500

These algorithms used in various families of malware are used to periodically generate a large number of domain names that can be used as rendezvous points with their command and control servers. 

What are domain based algorithms?

500

In 2019, this FINTECH leader announced a data breach reportedly due to a misconfigured open-source Web Application Firewall in the cloud.

Who is Capital One?

500

In this phishing technique, the attacker uses coercion often by threatening physical or destructive harm in order to obtain something of value to the attacker. 

What is extortion?

500

This person in CSIRT survived a lion attack.

Who is Shaun?

M
e
n
u