Security Fest CTF *-bit challenges, organizer writeup

I wrote the 128-bit, 512-bit and 1024-bit challenges for the Security Fest CTF, this year’s topic was Swordfish so the challenges follow the idea of the quotes being used in the movie regarding 128-bit, 512-bit and 1024-bit ciphers. Sadly, neither of the challenges were solved despite my best attempts. In this post I’ll explain how […]

Continue reading

PaF||STFU

If you have been working in the IT security industry, you have probably heard CISOs (Chief Information Security Officers) complain about how companies fail at improving their security and pentesters complain about how their findings are ignored by companies. Whilst there is clearly no one-size fits-all solution to such problems, in this post I will […]

Continue reading

Challenge writer Write Up: Security Fest 2018 CTF challs

Hi! In this post I will note down my procedure for coming up with the challenges for SecurityFest CTF. The idea is explaining my side of the creative process in the hope that it can be useful to other people organizing CTFs. I will finish sharing some personal experience on the other stages of the […]

Continue reading

March 2015’s OpenSSL releases and security advisory

Today the OpenSSL project has released new versions for the 0.9.8, 1.0.0, 1.0.1 and 1.0.2 branches of the library. My current employer Coresec Systems AB has allowed me to spend some time preparing for the release and documenting a bit the issues and possible work arounds. In this blogpost I will release some of the […]

Continue reading