On Tuesday, 13.09. at 6:00 pm the teams of the Cyber Fortress League played the fifth and last tournament within the league before the finals. Tips for the game this time appeared in the Cyber, Cyber…. Report podcast, which was a complete novelty.
As a part of the tournament, the teams defended a European company operating in the field of software and game production, which has typical services in a corporate network: mail server, domain controller etc. The company also uses M365 and Azure cloud services.
The first scenario involved a campaign against large companies in the telecommunications, hardware, software and gaming industries, in which the APT group, among other things, gained access to victims’ trusted certificates. The next step of the campaign was for the attacker to use the compromised certificates to compromise the infrastructure of subsequent targets. Among other things, the attacking group gained access to the source codes of several modules running on an extremely popular operating system.
The second scenario was based on a campaign in which the APT group attacked an organization’s networks in order to steal data, specifically e-mail messages. The targets were IT departments, executives and people responsible for mergers and acquisitions. As part of the campaign, victims’ networks attacked, inter alia, load balancers, SAN arrays and WiFi controllers.
Check the results in the Cyber Fortress League: Season 2 Ranking tab.