<section><h2>The SocVel Cybersecurity Quiz [w22]</h2><p><p style="text-align:center;">Your Weekly Cybersecurity Quiz!</p></p></section><section><h2><h3></h3><h3></h3><h3></h3><h3></h3><h3></h3><h3></h3><h3><em></em></h3><h3></h3><h3><em></em></h3><h3>The <em>DFIR Report</em> detailed an intrusion using <em>BumbleBee</em> as the initial access vector. </h3><h3>Which attack framework was used during the attack?</h3><h3></h3><h3></h3><h3></h3><h3></h3><h3></h3><h3></h3><h3></h3><h3></h3><h3></h3></h2></section><section><h3><h3></h3><h3></h3><h3></h3><h3></h3><h3></h3><h3><em></em></h3><h3><em></em></h3><h3></h3><h3></h3><h3><em></em></h3><h3>Cisco disclosed a breach following attackers gaining access to a user’s corporate VPN credentials. </h3><h3>How were these credentials obtained?</h3><h3><br /></h3><h3></h3><h3></h3><h3></h3><h3></h3><h3></h3><h3></h3></h3></section><section><h3><h3></h3><h3><em></em></h3><h3></h3><h3><em></em></h3><h3><em></em></h3><h3><em></em></h3><h3></h3><h3>Twilio suffered a breach following employees falling victim to a Social Engineer attack. </h3><h3>How were the initial lures delivered to Twilio employees?</h3><h3></h3><h3></h3><h3></h3><h3></h3><h3></h3><h3></h3><h3></h3></h3></section><section><h3><h3></h3><h3><em></em></h3><h3></h3><h3></h3><h3></h3><h3></h3><h3><em></em></h3><h3><em></em></h3><h3><em></em></h3><h3>Which messaging platform recently reset a limited number of user passwords in response to a bug which leaked hashed passwords?</h3><h3></h3><h3></h3><h3></h3><h3></h3><h3></h3><h3></h3><h3></h3><h3></h3><h3></h3></h3></section><section><h3><h3></h3><h3></h3><h3></h3><h3></h3><h3><em></em></h3><h3></h3><h3><em></em></h3><h3><em></em></h3><h3></h3><h3></h3><h3><em>Cisco Talos</em> researchers covered the notorious <em>Dark Utilities</em> platform. </h3><h3>Which of these services are provided to attackers by this platform?</h3><h3></h3><h3></h3><h3></h3><h3></h3><h3></h3><h3></h3><h3></h3><h3></h3><h3></h3><h3></h3></h3></section><section><h3><h3></h3><h3></h3><h3></h3><h3><em></em></h3><h3><em></em><em></em></h3><h3></h3><h3><em>FortiGuard Labs</em> covered the rapidly evolving IoT malware family <em>RapperBot</em>. </h3><h3>What does this malware target with brute force attacks?</h3></h3></section><section><h3><h3></h3><h3></h3><h3></h3><h3></h3><h3></h3><h3></h3><h3><em></em></h3><h3><em></em></h3><h3><em></em></h3><h3></h3><h3>Which social network recently confirmed a vulnerability which allowed an unauthorised party to link account names with private email addresses or phone numbers?</h3><h3><br /></h3></h3></section><section><h3><h3></h3><h3><em></em></h3><h3></h3><h3><em></em></h3><h3><em></em></h3><h3></h3><h3></h3><h3><em></em></h3><h3><em>Cloudflare</em> was also targeted with a similar Social Engineering attack which saw <em>Twilio</em> breached. </h3><h3>What prevented the attackers from successfully executing their attack against <em>Cloudflare</em>?</h3><h3></h3><h3></h3><h3><strong></strong></h3></h3></section><section><h3><h3></h3><h3></h3><h3></h3><h3></h3><h3></h3><h3></h3><h3><em></em></h3><h3><em>Microsoft</em> released patches for a path traversal weakness named <em>#DogWalk</em> (CVE-2022-34713). </h3><h3>Why was the vulnerability named <em>#DogWalk</em>?</h3><h3></h3><h3></h3><h3><em></em></h3><h3></h3><h3></h3><h3></h3><h3></h3></h3></section><section><h3><h3></h3><h3></h3><h3><em></em></h3><h3></h3><h3><em></em></h3><h3><em></em></h3><h3>Stores from which retail chain in Denmark shut down after a cyberattack disrupted stores’ payment and checkout systems?</h3><h3></h3><h3></h3><h3></h3><h3></h3><h3></h3><h3></h3><h3></h3></h3></section><section><h2><h2><strong>Oof, what a hoener!</strong></h2></h2><p></p></section><section><h3><h2><strong>Not amazing, but I guess Oraait!</strong></h2></h3></section><section><h3><h2><strong>Mmm, that is Noice!</strong></h2></h3></section><section><h3><h2><strong>Oi! That was Amper Lekker!</strong></h2></h3></section><section><h3><h2><strong>Yo! That is Baie Lekker!</strong></h2></h3></section>
