A while ago we did some research about industrial control systems (ICS) and found a file named “photo.scr” on some of those. We want to share what we’ve learned about this file in this blogpost - in order to make sure that people find out how the malware works and how you can protect yourself from such a threat.
The team of Internetwache.org has researched the security of industrial control systems (ICS) for the past months and we have discovered more than hundred unsecured controls of waterworks, heating stations, parking lots and buildings.
Penultimate weekend, we hosted our very first jeopardy style capture the flag event: The Internetwache CTF 2016
In this blogpost, we will write about the CTF from the organizer’s perspective. What was the setup? What went wrong? What did we learn? What was good? What can we do better next year? We hope that this insight can help other CTF organizers in the future.
Recently Tim was invited to visit the Security Analyst Summit of Kaspersky Labs (#TheSAS2016) which took place on Tenerife (Canary Islands) in february this year. In this post he shares his experience and wants to give a short overview of interesting topics (for the security research community).
TL;DR: #TheSAS2016 was a great experience and Tim learned a lot, because every day was filled with adventures or learning and seeing new things! The location was very nice, the atmosphere was amazing, the people were friendly - all in all everything was excellent!
Recently Tim has been working with the software framework “OpenVAS” (“Open Vulnerability Assessment System”). This software is open source so we spent some evenings looking for bugs in the webfrontend, the Greenbone Security Assistant. After some time Sebastian found two bugs and we were able to submit those - they are fixed now.
Sebastian joined the ENOFLAG team for the Insomnihack teaser CTF 2016. In this blogpost he’ll write about the workaround for the smartcat2 (web50) challenge.
It has become tradition to write a short review of the last year and the plans for the next one.
School-CTF was a short 5 hour CTF. Nevertheless, they offered awesome challenges and it was fun. Internetwache made it to the 17th place.
Today Sebastian opened his mailbox and saw a new email popping up. You have received fax, document 00311594 from email@example.com with a file attached. Let’s have a closer look at it :)