<section data-block="SingleChoice"><h3>Okta alerted that attackers were targeting customers to obtain access to highly privileged Super Administrator accounts.How did they manage this?</h3><ul><li>Social Engineering</li><li>Phishing</li><li>MFA Bombing</li><li>Brute Forcing</li></ul></section><section data-block="SingleChoice"><h3>Microsoft provided an update on their investigation into Storm-0558’s compromise of a Microsoft Account (MSA) consumer key earlier this year.Where did the TA obtain the signing key from?</h3><ul><li>Crash Dump</li><li>Text File in Intern’s Laptop</li><li>Github Leak</li><li>Open Azure Blob</li></ul></section><section data-block="SingleChoice"><h3>SpiderLabs reported on how TA’s use PDFs during attacks.With callback phishing, what malware was seen to be delivered during these attacks?</h3><ul><li>BazarCall</li><li>BazarLoader</li><li>BathroomBazar</li><li>HarpersBazar</li></ul></section><section data-block="SingleChoice"><h3>Mandiant provided advice on dealing with modern threats.For which attack phase do they see attackers' operations being most consistent?</h3><ul><li>Post-Exploitation</li><li>Initial Exploitation</li><li>Reconnaissance</li><li>Exfiltration</li></ul></section><section data-block="SingleChoice"><h3>Group-IB reported on W3LL, a TA that has been running a phishing empire for 6 years.How many Threat Actor ‘customers’ are estimated to have made use of their phishing kits, which includes capabilities to bypass MFA ?</h3><ul><li>500</li><li>50</li><li>5,000</li><li>5</li></ul></section><section data-block="SingleChoice"><h3>Truesec reported on an attack where users were targeted within Microsoft Teams from external accounts. Which one of these can prevent these attacks?</h3><ul><li>Tenant Restrictions</li><li>MFA Number Matching</li><li>Zero Trust Architecture</li><li>Account Lockouts</li></ul></section><section data-block="SingleChoice"><h3>The UK this week sanctioned members from which Russian cybercrime gang?</h3><ul><li>Conti</li><li>BlackCat</li><li>LockBit</li><li>Fancy Poodle</li></ul></section><section data-block="SingleChoice"><h3>FortiGuard Labs reported on a phishing campaign that spreads a new Agent Tesla variant.Which one of these are being exploited by the malware?</h3><ul><li>CVE-2017-11882 (MS Office RCE)</li><li>CVE-2023-33146 (MS Office RCE)</li><li>CVE-2023-38185 (MS Exchange RCE)</li><li>CVE-2023-38181 (MS Exchange Spoofing)</li></ul></section><section data-block="SingleChoice"><h3>Google TAG shared an update on security researcher targeting by North Korean threat actors.What backdoored software was used by the attackers to execute malicious code on their target’s systems?</h3><ul><li>GetSymbol </li><li>WinRAR</li><li>AnyDesk</li><li>GetShorty</li></ul></section><section data-block="SingleChoice"><h3>Zscaler reported on a campaign dubbed “Steal-It”, believed to be conducted by Fancy Bear. What data was exfiltrated by the attackers?</h3><ul><li>NTLMv2 hashes</li><li>PII Data</li><li>Exchange Mailboxes</li><li>Bloodhound Extracts</li></ul></section>
