Russian anti-virus company is warning users about the malicious program, which is helping attackers carry out mass spam mailings and allow the attacker to use a victim's PC as a slave of his DDOS Army. Our company requires you, assistants, to gain control of the CNC server related to the DDOS attack, which controlled by that server.
Computers used by the Minnesota police department suffered from data exposure. The IT team which dealt with the case said that a keylogger was installed on their systems, apparently due to Windows update. An attacker used the vulnerability to harvest sensitive police information. As a part of the red team security, help the police fin the server holding their data and retrieve the stolen data.
A team of security researchers has discovered high-risk security vulnerabilities in more than 40 drivers. A medical center in Poland was one of the victims for the vulnerability used by an attacker, which took out defensive security applications from within kernel mode. Now the medical center wants you to run red team testing on the new environment they build for future attacks.
A hacker running crypto-miners (RATs) since 2018, implemented a backdoor on a small health care company called BioGenex, which held an antidote to a virus. During his way out, he left some suspicious information on the target machine. Use your skill to gain access to the attackers' machine, gain the highest privilege.
The University of Valencia discovered a WSUS server contacts Microsoft for driver updates, it does so use XML SOAP web services, and those validations are not made over SSL. All update packages that are downloaded from the Microsoft Update website are signed with a Microsoft signature. The attacker injected a malicious update using MiTM and infected several computers in the University.