Cyber Security Challenge Belgium 2015 – Solving the NVISO Lottery challenge

This is the fourth and final blog post in the Cyber Security Challenge Belgium 2015 (CSCBE) solutions series. This time, we're taking a look at one of the more programming oriented challenges: The NVISO Lottery. The NVISO Lottery The students were given the following info: "Come and throw away your money at the NViso Lottery!" … Continue reading Cyber Security Challenge Belgium 2015 – Solving the NVISO Lottery challenge

Cyber Security Challenge Belgium 2015 – Solving the One Way challenge

This is the third blog post in the Cyber Security Challenge Belgium 2015 (CSCBE) solutions series. This time, we're taking on a very technical challenge: One Way. Data Extraction The challenge The following challenge description was given to the students: "We want our employees to be able to send us confidential information which only we … Continue reading Cyber Security Challenge Belgium 2015 – Solving the One Way challenge

Cyber Security Challenge Belgium 2015 – Solving the Data Extraction challenge

This is the second blog post in the Cyber Security Challenge Belgium 2015 (CSCBE) solutions series. This time, we're taking a look at the Data Extraction challenge. Data Extraction The challenge The following challenge description was given to the students: "We messed up and contacted the wrong forensic department. They say they found data, but … Continue reading Cyber Security Challenge Belgium 2015 – Solving the Data Extraction challenge

Open sourcing bootloader unpacker and imgdata tools for Nexus 4, 5 and 7

NVISO is proud to open source in collaboration with Christophe Beauval a tool suite to unpack the Nexus 4, 5 and 7 factory bootloader.img as well as code to work with Nexus 5's imgdata.img and scripts to dump what's in the flash of the Nexus 5 and write back to it. We are not aware … Continue reading Open sourcing bootloader unpacker and imgdata tools for Nexus 4, 5 and 7

The GHOST vulnerability

A serious problem in the Linux glibc library went unnoticed for almost 15 years. A simple coding mistake introduced into the code in November 2000 leaves servers including e-mail servers vulnerable to remote code execution. A buffer overflow in the GNU C Library function __nss_hostname_digits_dots(), which is called by the well used gethostbyname*() functions makes … Continue reading The GHOST vulnerability

Testimony from Nick Van Haver – looking back on my internship at NVISO

Hi, my name is Nick Van Haver and I am a master student in computer sciences at the University of Ghent and I have just finished a one month internship at NVISO. In this post I want to reflect a bit on my 6 weeks of internship! Why NVISO? Actually I stumbled upon NVISO while … Continue reading Testimony from Nick Van Haver – looking back on my internship at NVISO