I’m not sure this lab is working as intended. I can’t find the answer to “What subdirectory of the Weyland Yutani Corp digital storefront…”. I’ve spent several hours on it, but I can’t find it in the archives.
No matter what I search for or which parameters I use, I’m unable to locate the answer to question 2.
Does anyone have an idea of how it can be found?
The lab is working as intended. To solve this you need to use a good keyword related to the attacker, be sure the data.url exists (to make things easier to find) and you need to look in the archives index (“Your SIEM Engineer has confirmed that the imgur URL already has an associated Rule in Wazuh, so any traffic destined for it should trigger an Alert. The remaining malicious URLs will only be discoverable in the Archives.”)
Also be sure you have data.url as a column.
