Challenge writer Write Up: Security Fest 2018 CTF challs

Hi! In this post I will note down my procedure for coming up with the challenges for SecurityFest CTF. The idea is explaining my side of the creative process in the hope that it can be useful to other people organizing CTFs. I will finish sharing some personal experience on the other stages of the […]

Continue reading

Using secure pseudonymous identifiers to protect identification numbers

By now you probably have read of the Equifax data leakage. This reminded me of the idea of secure pseudonymous identifiers I had been thinking on for some time. Secure pseudonymous identifiers make use of cryptography to make it hard or impossible to recover the original identifiers representing a specific person. To be sincere, I […]

Continue reading

Evitando que te roben los cybers con cybers: La Nueve de Anonymous y El Corte Inglés

En este artículo voy a explicar cuales son las diferentes herramientas que podrían haber hecho más difícil o incluso evitado el ataque que las personas tras La Nueve de Anonymous hicieron contra El Corte Inglés y que tenéis explicado en su tumblr. Los de La Nueve de Anonymous me han comentado sin embargo que lo […]

Continue reading

Hacking our way into a newly configured Mikrotik router

Today I found my self needing to find my way in into an unconfigured Mikrotik router. In this article I’ll explain how I used the Microtik Neighbour Discovery Protocol and Wireshark to get access to the router in a Linux environment without any of the Microtik tools.

Continue reading

March 2015’s OpenSSL releases and security advisory

Today the OpenSSL project has released new versions for the 0.9.8, 1.0.0, 1.0.1 and 1.0.2 branches of the library. My current employer Coresec Systems AB has allowed me to spend some time preparing for the release and documenting a bit the issues and possible work arounds. In this blogpost I will release some of the […]

Continue reading