Cyber Spooks
A spooky-sounding malware locks your files until you pay a ransom.
What is Ransomware?
The brain of the computer that processes instructions?
What is the CPU (Central Processing Unit)
An operating system mascot is a friendly penguin named Tux.
What is Linux?
Leaving this default account active is a common IT “sin”.
What is the Administrator account?
This notorious slithering payload from 2000 spread through email with the subject “ILOVEYOU.”
What is a worm?
A Which cybersecurity tool detects “phantom” network intrusions by analyzing traffic patterns.
What is an Intrusion Detection System (IDS)?
The small piece of firmware that “awakens” the computer from its grave (cold start).
What is the BIOS or UEFI?
The name of Microsoft’s cloud platform.
What is Azure?
This is when sensitive data is left unencrypted on a public S3 bucket.
What is data exposure or cloud misconfiguration?
A 2017 ransomware outbreak that disguised itself as Petya but was far more destructive.
What is NotPetya?
In threat hunting, a term that describes residual traces left behind by an attacker.
What are Indicators of Compromise (IOCs)?
A tiny chip stores encryption keys and is used for secure boot.
What is the TPM (Trusted Platform Module)?
The port number is used for HTTPS traffic.
What is 443?
Types of attacks for open RDP ports.
What are brute-force or remote access attacks?
The PowerShell command to get a list of running processes.
What is Get-Process?
A malware, named after a poltergeist, targeted Iranian nuclear facilities.
What is Stuxnet?
The nickname for malicious USB devices that mimic keyboards to execute payloads.
What is a Rubber Ducky?
This translates a domain name into an IP address.
What is DNS?
The principle of granting only the access rights necessary to perform a job.
What is the Principle of Least Privilege?
This type of encryption uses the same key to encrypt and decrypt.
What is symmetric encryption?
A cyberattack method manipulates domain name system queries to redirect victims to “haunted” websites.
What is DNS spoofing or cache poisoning?
A security vulnerability class allows attackers to flip DRAM bits turning memory errors into exploits.
What is Rowhammer?
A networking command-line tool can display active connections and listening ports?
What is netstat?
The security control framework that uses “Identify, Protect, Detect, Respond, Recover” as its core functions.
NIST CSF
This PowerShell cmdlet disables a user in Active Directory.
Disable-ADAccount