Overtime!
Created by FIRST, these are designations used to ensure that sensitive information is shared with the correct audience.
What is Traffic Light Protocol?
Identifying and compromising specific, legitimate websites that are commonly visited by your target.
Who is DeathNote Hackers (DNH)?
Happens every 4 years that cuts rewards for ____ by 50%.
What is Halving?
2010, centrifuge, PLC, USB
What is Stuxnet?
An open signature format used for finding actions (logs), this specializes in detecting behaviors vs identifying artifacts.
What is a Sigma rule?
Instead of stealing a password, this attack involves 'pinning' a new digital certificate to a user's account to gain a permanent backdoor.
Naming convention used by Mandiant for tracking clusters of related malicious activities coming from cyber criminal groups.
What is UNC?
Hardy Heron, Jaunty Jackalope, Lucid Lynx, Precise Pangolin.
What is Ubuntu?
Under level 1 of Purdue model, these equipment gather and forward data to a SCADA or PLC.
How much data can you afford to lose?
What is Recovery Point Objective (RPO)?
DoS that targets XML parsers. It doesn't rely on massive network traffic; instead it uses a very small file to crash a system by forcing it to consume massive amounts of memory and CPU.
What is Billion Laughs Attack?
Remix, Tracer, Helix, Static
What is _____-Kitten APT group?
A human judge engages in text-based, natural language conversations with a human and a machine. If the judge cannot tell which is which, the machine passes.
- 1950What is Turing test?
2015, powergrid, BlackEnergy
CLUE: I'm looking for the country
What is Ukraine?
While "crown jewels" refer to what's most valuable, this is considered a crown jewel that is vulnerable or reachable by an attacker.
What is a Critically Exposed Asset (CEA)?
Wardriving is the process of tracking down and identifying signals like Wi-Fi, but this is going further to make literal graffiti where signals are found.
What is warchalking?
DarkSide compromised this entity last May 2021, which crippled the supply to consumers in the eastern seaboard of US.
Who is Colonial Pipeline?
Introduced by Anthropic late 2024, this answers the question on how to connect AI models to the data they need.
What is Model Context Protocol (MCP)?
To communicate with diverse industrial hardware without writing custom drivers for every device, most OT software uses this "middleman" standard, which has evolved from a COM-based version to a more secure "Unified Architecture."
What is OPC (Open Platform Communications)?
A noisy one recently, this framework bridges/binds the gap between Go backend and web-based frontend.
What is Wails Framework?
These are replay attacks targetting TLS 1.3 and QUIC protocols where attackers intercept and resend "early data" packets such as HTTP POST requests.
What is 0-RTT attack?
They are famous for a "calling card" where they leave Shakespearean quotes or references to popular movies inside their code.
CLUE: MazeWho is the Lazarus group (or Labyrinth Chollima)?
Specific part of the neural network where the actual "learning" is stored. It is a numerical value that determines how much influence one neuron has on another.
What are weights (or parameters)?