Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

t2'16: Challenge to be released 2016-09-10 10:00 EEST

From: "Tomi Tuominen" <tomi.tuominen () t2 fi>
Date: Tue, 30 Aug 2016 22:48:21 +0300
It is that time of the year again.

Unicorns attract competitors, copycats and charlatans. For a VC, the road to losing the principal is paved with poor 
decisions, bad luck and ultimately betting on the wrong horse. One of the challengers in the unregulated 
pay-per-hitchhike app industry, Astley Auto Association, has been trying to raise a C round. Its founder and CEO, a 
controversial character, is claimed to represent the darker side of the booming startup scene. While his fans cheer the 
sticking-it-to-the-man attitude R. Astley has demonstrated to the regulators, there are critics, including many notable 
venture capitalists and angel investors, who say the man embodies the lack of integrity and honesty.

With circumstances as messy as those of a publicly funded open source project, it gets even messier. An unknown actor 
has compromised the e-mail server of Astley Auto Association. To prove they have the whole archive, chosen mails from 
CEO of AAA, R. Astley, and other employees were collected to a dump.
A disgruntled employee, competitor, VC trying to bring down the valuation, angry customer, or a random opportunist - 
clearly an attribution question so difficult it can only be solved by world leading threat intelligence companies.

Luckily we are more interested in a good hacklog and thorough compromise. A properly placed string tells sometimes 
defenders and investigators more than thousand words in a compliance report. The mission, should you choose to accept 
it, is to analyse the e-mail dump and uncover the clues left by the unknown actor, which demonstrate the devastating 
level of control they have over the environment.

For more information, please refer to https://t2.fi/challenge/t216-challenge/

The Challenge will be released on 2016-09-10 10:00 EEST right here at https://t2.fi/

Good luck,

  T

-- 
Tomi 'T' Tuominen | Founder @ t2 infosec conference | https://t2.fi

Attachment: signature.asc
Description: OpenPGP digital signature

Previous By Date Next
Previous By Thread Next

Current thread: