Monday, September 26, 2016

CSAW CTF Qualifiers 2016

Last weekend, we were one of over 1200 teams to participate in Cyber Security Awareness Week Qualifiers, an international competition hosted by NYU Tandon. This year, CSAW hosted 31 challenges, in categories such as Reversing, Crypto, Forensics, Pwning, and Web.

We had a great time, and managed to solve every challenge on the board with 13 hours to spare. We placed second overall, first in the undergraduate division, and ended up being the only undergraduate team to solve the entire board. This was an international competition, and we were competing against industry-professional and undergraduate teams alike.

Finalists are to be announced on October 3rd. If you missed the competition but still want to checkout the challenges, CSAW's official challenge repository can be found here.  

Saturday, January 30, 2016

RPISEC introduces INTROSEC

RPISEC is proud to introduce a new branch of our organization: INTROSEC.

RPISEC has become an incredibly successful club in recent years. We've created two independent open source classes, qualified two teams to CSAW, won tens of thousands of dollars at CTFs, and have grown our core membership so much that we barely fit in our room at Amos Eaton.

We're incredibly proud of our progress and growth. However, one of our biggest weaknesses has always been introducing new members into the world of computer security. Our weekly talks have either been to fast and complicated for our newer members, or too dull for our core members. Pandering to these two groups at the same time has consistently turned away many people who have otherwise would have been great additions to the club. This is what INTROSEC is meant to fix.

The group is going to be lead by two sophomore members of RPISEC, Jazmyn Borman and Milo Trujillo. They've already set up a ton stuff, including  talks, challenges, and a mini CTF that we will eventually be hosting. We're incredibly proud and impressed with how much work they've both put into this and we expect great things to come out of it.

First meeting will be in Sage 2715 this Tuesday, 5pm-7pm.

Saturday, October 31, 2015

Cyber Seed Results

RPISEC had a great showing at Cyber seed last weekend, with two of our teams placing at the competition.

One of the teams that placed was the CTF team. They took second place just behind Knightsec. They did a great job and won RPISEC $7,500 as well as Amazon echo's for themselves.


They were also the first time to hack into the ATM at the competition, so they won a basketball signed by some of the players from UConn and some of the top executives from Comcast.


As you can see, we were thrilled to win the ball.

Our next team to place was our Internet of Things team. The teams on the IoT challenge were given around a month to audit some device that connected to the internet. Our team decided to do an audit of the Piper Home Security camera. They were able to find a couple of bugs in API that would cause the system to use http instead of https.


We got 1st place! RPISEC won another $10,000 and each member of the team was given an Apple Watch.

That means that RPISEC came home with a total of $17,500!

We had a great time at UConn. We're very proud of our success and can't wait to see what the future holds for RPISEC. Here are some more pictures of the event.






Tuesday, October 27, 2015

Cyber Seed

RPISEC is heading to UConn this Thursday for CyberSEED! This competition is being hosted by Comcast and will include a CTF, Internet of Things Challenge, and a Social Engineering Challenge. There will be 30 other schools as well as over 300 participants, so competition is going to be fierce. But you know what is exciting? Each event has a top prize of $10,000! So wish our participants the best of luck and go RPISEC!

http://www.csi.uconn.edu/cyberseed/

Wednesday, March 18, 2015

Movie Night - 03/20/2015 Meeting

As a lot of people have already left for break, we’ll be having a pretty low key movie night for our meeting this week!

Many of you probably saw the Matrix a long time ago and thought of it as an awesome action movie, but let’s be honest, it’s actually a hacker film. We’ll be back in the DCC as usual.



WHEN: Friday 5pm, March 20th
WHERE: DCC 324

Otherwise, keep in mind there’s an interesting security talk (http://www.cs.rpi.edu/news/seminars/Mar20_2015.html) happening right before our movie night (from 4pm-5pm) in the Library’s Fishbach room. If you walk past the front desk in the library and turn left, you’ll find the room somewhere down there.

Many of us will be there, and we encourage you to drop by if you have nothing else going on at the time!

Friday, March 13, 2015

BlueDrop: Intro to Microcontrollers and Hardware Hacking - 03/13/2015 Meeting

At tonight's meeting, Daniel Fitzgerald and John Drogo will give a talk on the basics of microcontrollers, teach you how to use them in your projects, talk about some cool hardware hacks, and most importantly teach you how to crack them! The meeting will be based around Fitz's BlueDrop project, a remote deployed bluetooth message drop system, inspired from the movie "Blackhat".



The Embedded Hardware Club will be providing some MSP430s for you to practice on. However, it is recommended that you download mspdebug and the naken_assmbler before you come so you can follow along.

http://sourceforge.net/projects/mspdebug/   (Available in apt-get, yum and MacPorts.)
http://www.mikekohn.net/micro/naken_asm.php

For installing on Windows go to this website and follow the instructions for compiling MSDebug:
http://mspdebug.sourceforge.net/faq.html#compile_windows

Important note: we're in Sage 3101 this week! See you there.

WHEN: Friday 5pm, March 13th
WHERE: Sage 3101 (Genericon is in the DCC)

Thursday, March 5, 2015

Guest Speaker: Jeff Foley - 03/06/2015 Meeting

Tonight's meeting will begin with a brief guest talk by Jeff Foley from Alion Science and Technology. He will be talking about the security team he is growing, and he is actively seeking interns and full-time employees. Before Alion Science and Technology, Jeff helped create and lead a security team at the defense contractor Northrop Grumman.

After our industry guest, Alex Bulazel will give an introduction to malware analysis. We'll look at common malware behavior and learn the basics of malware analysis. Learn how malware gets on your system, establishes itself there, evades analysis, and other things it can do. There will be some hands-on work, please come prepared with your WinXP VM.

WHEN: Friday 5pm, February 20th
WHERE: DCC 324