Shelldur and sploitbard walked through the camp, concerned about the state of their arsenal: ― We really could use a sturdy longhouse to house the troops, said Shelldur ― And new robes to shield ourselves from the weather, added Sploitbard TR: looking for sponsors. DMs are open

The first ever CrowdStrike Intelligence Adversary Quest has ended! Thanks to everyone that participated! Here are the top 50 players and winners of swag! A special shout out to the CrowdStrike Advanced Research Team who designed the challenges. #ctf #adversaryquest

AND ANOTHER ONE! Please help me in a offering a huge CONGRATULATIONS to bootplug for finishing a NEW path in the #NahamCon2021 CTF Mission!! (Oh, and by the way, they are totally leading the pack on the scoreboard with that first blood!)

A few months ago Cellebrite announced that they would begin parsing data from Signal in their extraction tools. It seems they're not doing that very carefully. Exploiting vulnerabilities in Cellebrite's software, from an app's perspective: signal.org/blog/cellebrit…

You can't stop me anymore Overflow

After a long wait we released match videos/sources of our experimental CTF-meets-speedrunning competition - Hackceler8! capturetheflag.withgoogle.com/hackceler8 BIG THANKS to the competing CTF teams and all the Hackceler8 organizers!

unblvr is a beast, submitting flags at 4am and still way in the lead #ITNSecure21 #CTF

Forgot to post earlier, but I finished #flareon8 after 6d23h, ranking 28th. Big thanks to the FLARE Team and @FireEye for the challenges! Challenge 9 really earned its name, and 10 really had potential, but had some issues that made it easier than intended.

pbctf 2021 has concluded! Congratulations to our winners DiceGang , Super Guesser, and organizers ! 🏆 Thanks to everyone who participated in #pbctf and taking their precious time to solve our challenges. See you next year!

My writeups for #flareon8. github.com/myrdyr/ctf-wri…

Thanks to bootplug, our CTF registration is now open! Anyone can participate online, but only Security BSides Oslo participants will be able capture on-site flags at the venue or be eligible for prizes. ctf.bootplug.io

This past weekend we had an amazing event. The Google CTF Finals 2022 which were ran as a game hacking competition we named #Hackceler8. We tried to bring under one roof some of the folks with the best hacking skills in the world and have them do/hack a videogame speedrun. 🧵1/N

Third edition of pbctf is here! 🗓️ Dec 3rd 14:00 UTC to Dec 5th 02:00 UTC (36 hours) 🎁 Sponsored by @Zellic_io ctftime.org/event/1763 #pbctf #pbctf2022

when the offsets change

Announcing the 10th annual Flare-On Challenge, launching on Sept. 29, 2023! The challenge is designed for the world’s best reverse engineers to test their skills through difficult puzzles, featuring a retro-computing challenge involving PDP-11. mandiant.com/resources/blog… #flareon10

Here is a 72-byte alphanum MD5 collision with 1-byte difference for fun: md5("TEXTCOLLBYfGiJUETHQ4hAcKSMd5zYpgqf1YRDhkmxHkhPWptrkoyz28wnI9V0aHeAuaKnak") = md5("TEXTCOLLBYfGiJUETHQ4hEcKSMd5zYpgqf1YRDhkmxHkhPWptrkoyz28wnI9V0aHeAuaKnak")

In December of 2023, Zellic's Faith 🇧🇩🇦🇺 found a bug in NEAR's blockchain node. We worked with the NEAR team to responsibly disclose and fix the issue. Exploiting this bug would crash every node on the NEAR network. Read on for all the details:

How many security considerations are there for non-EVM chains? There's a TON. Developed by Telegram, TON 💎 has a very unique approach to both execution and state. In this thread, we'll dive into some security considerations unique to TON. ⬇️ 🧵

BLS signatures are everywhere, from Ethereum’s consensus to EigenLayer. But it’s easy to use them wrong. What are BLS signatures? Let’s talk about the right way and the wrong way to use them:

Bad auditors miss obvious bugs. We built an AI tool that finds them. Introducing V12: the only autonomous Solidity auditor that actually finds Highs and Criticals. We'll be releasing it for free. V12 finds Crits in Zellic audits, High/Mediums in Cantina, and a bug in Pendle.