[Dailydave] t2'16: Challenge to be released 2016-09-10 10:00 EEST

Tomi Tuominen tomi.tuominen at t2.fi
Tue Aug 30 15:46:36 EDT 2016


It is that time of the year again.

Unicorns attract competitors, copycats and charlatans. For a VC, the road to losing the principal is paved with poor decisions, bad luck and ultimately betting on the wrong horse. One of the challengers in the unregulated pay-per-hitchhike app industry, Astley Auto Association, has been trying to raise a C round. Its founder and CEO, a controversial character, is claimed to represent the darker side of the booming startup scene. While his fans cheer the sticking-it-to-the-man attitude R. Astley has demonstrated to the regulators, there are critics, including many notable venture capitalists and angel investors, who say the man embodies the lack of integrity and honesty.

With circumstances as messy as those of a publicly funded open source project, it gets even messier. An unknown actor has compromised the e-mail server of Astley Auto Association. To prove they have the whole archive, chosen mails from CEO of AAA, R. Astley, and other employees were collected to a dump.
A disgruntled employee, competitor, VC trying to bring down the valuation, angry customer, or a random opportunist - clearly an attribution question so difficult it can only be solved by world leading threat intelligence companies.

Luckily we are more interested in a good hacklog and thorough compromise. A properly placed string tells sometimes defenders and investigators more than thousand words in a compliance report. The mission, should you choose to accept it, is to analyse the e-mail dump and uncover the clues left by the unknown actor, which demonstrate the devastating level of control they have over the environment.

For more information, please refer to https://t2.fi/challenge/t216-challenge/

The Challenge will be released on 2016-09-10 10:00 EEST right here at https://t2.fi/

Good luck,

  T

-- 
Tomi 'T' Tuominen | Founder @ t2 infosec conference | https://t2.fi

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20160830/e9c1d029/attachment.sig>


More information about the Dailydave mailing list