Going to Troopers 2016

Sebastian attended Troopers, an IT Security event in Heidelberg (Germany) organized by ERNW GmbH from the 14th to 18th of March 2016. He wants to share his experiences in this blogpost.

Internetwache CTF 2016 review

Penultimate weekend, we hosted our very first jeopardy style capture the flag event: The Internetwache CTF 2016

In this blogpost, we will write about the CTF from the organizer’s perspective. What was the setup? What went wrong? What did we learn? What was good? What can we do better next year? We hope that this insight can help other CTF organizers in the future.

Going to the Security Analyst Summit #TheSAS2016

Recently Tim was invited to visit the Security Analyst Summit of Kaspersky Labs (#TheSAS2016) which took place on Tenerife (Canary Islands) in february this year. In this post he shares his experience and wants to give a short overview of interesting topics (for the security research community).

TL;DR: #TheSAS2016 was a great experience and Tim learned a lot, because every day was filled with adventures or learning and seeing new things! The location was very nice, the atmosphere was amazing, the people were friendly - all in all everything was excellent!

CVE-2016-1926 - XSS in the Greenbone Security Assistant

Recently Tim has been working with the software framework “OpenVAS” (“Open Vulnerability Assessment System”). This software is open source so we spent some evenings looking for bugs in the webfrontend, the Greenbone Security Assistant. After some time Sebastian found two bugs and we were able to submit those - they are fixed now.

Looking back at 2015

It has become tradition to write a short review of the last year and the plans for the next one.

Disassembling another spam mail

Today Sebastian opened his mailbox and saw a new email popping up. You have received fax, document 00311594 from incoming@interfax.net with a file attached. Let’s have a closer look at it :)