Kalmarunionen

This weekend, we had our last big meetup in Copenhagen for the year, and it was a blast! 🎉 We had a fantastic time participating in the SECCON CTF, where we secured a top 10 placement. The challenges were engaging, and it was great to see so many new players testing out for the team. There's a lot of promising young talent emerging in the scene, which bodes well for the future. 🚀 We even had visit from one of the founding members Nicolai Søborg and the first official Kalmar Hacker Baby ❤️ During the CTF, we were thrilled to have a visit from our sponsor, JN Data. Henrik Ordon Rasmussen from JN stopped by to chat with the team and brought some awesome merchandise for our members. Henrik, it was great having you drop in—you’re welcome anytime! 🙌 We were also honored to host Svend Larsen, Head of Forsvarets Efterretningstjeneste (FE). It was wonderful to showcase the incredible talent within Kalmarunionen. Our team truly appreciates the solid CTF events FE has hosted over the past few years, where Kalmarunionen players have consistently had strong showings and victories. 🏆 Looking ahead to December, many of our members will be traveling to #Germany for the #38c3 conference, our final meetup of the year. We'll be defending our #1 spot on ctftime.org for all of 2024. Here's to keeping up the great results and ending the year with another top placement at the 38th annual Chaos Communication Congress! 🌟 ✨ Special shoutout 🙌 to our sponsors whose support drives our meet-ups, learning initiatives, and participation in international competitions: Industriens Fond, VENZO, JN Data, Dubex, ICSRange & CyberSkillsDK. Extra shoutout to VENZO for hosting us and so many teams on our journey to the top. Thanks to Simon L. and Joachim Lobedanz for offering to be hosts at #VENZO 🙏 If you would like to support #Kalmarunionen reach out to Rolf Lunn or Morten Eskildsen on linkedin or write us at sponsor@kalmarunionen.dk

En Capture the Flag (CTF) er ikke bare sjov og ballade – det er en intensiv træning i cybersikkerhed, hvor teori møder praksis. Deltagerne skal finde deres indre hacker frem, bryde ind i systemer og løse andre virkelighedstro opgaver. Det handler om at få sikkerhedserfaringer, du ikke bare kan læse dig til – du skal mærke det mellem fingrene. Derfor afholder vi Bankdata CTF 2024 - Just Another Breach in the Wall!, skabt i samarbejde mellem de skarpe hjerner hos Kalmarunionen, Danmarks Sikkerhedslandshold, og Bankdatas Red Team - Mostly Harmless. Medarbejdere fra Bankdata og vores partnerbanker er allerede i fuld gang med at knække koder, bryde barrierer og kapre flags – alt sammen i cybersikkerhedens navn. For det er oktober, og det betyder, at Cyber Security Awareness Month er her! Vi spurgte vores Red Team, om de ville komme med en quote til opslaget, men alt vi fik tilbage var dette...  Kom med dit bud i kommentartråden på, hvad der står, måske det har noget at gøre med et af de flag, som der kæmpes om. 🍌🍌 🐒🍌 🌴 🍌🐒 🌴 🐒🍌🐒🍌 🐒🐒🐒 🐒🐒 🐒🐒 🍌 🐒🍌 🐒 🌴 🐒 🐒🐒🐒 🌴 🐒 🍌🍌🍌🍌 🍌🍌 🍌🍌🍌 🌴 🍌🐒🐒🍌 🐒🐒🐒 🍌🍌🍌 🐒 🐒🐒🍌🍌🐒🐒 🌴 🍌🐒🐒 🍌🐒🍌 🍌🍌 🐒 🍌 🌴 🍌🍌 🐒🍌 🌴 🍌🐒🐒🍌 🍌🐒🍌🍌 🍌🐒 🍌🍌 🐒🍌 🐒 🍌 🐒🍌🍌🐒 🐒 🌴 🍌🐒🐒 🍌🍌🍌🍌 🍌🐒 🐒 🌴 🐒🍌🐒🐒 🐒🐒🐒 🍌🍌🐒 🌴 🍌🐒🍌🍌 🍌🍌 🐒🍌🐒 🍌 🌴 🍌🐒 🐒🍌🍌🍌 🐒🐒🐒 🍌🍌🐒 🐒 🌴 🐒 🍌🍌🍌🍌 🍌 🌴 🐒🍌🐒🍌 🐒 🍌🍌🐒🍌 🐒🐒🍌🍌🐒🐒 🌴 🍌🐒 🐒 🌴 🍌🐒🍌🍌 🍌 🍌🐒 🍌🍌🍌 🐒 🌴 🍌🐒🐒🐒🐒 🍌🍌🐒🐒🐒 🌴 🍌🐒🐒 🐒🐒🐒 🍌🐒🍌 🐒🍌🍌 🍌🍌🍌 🍌🐒🍌🐒🍌🐒 🌴 🐒 🍌🍌🍌🍌 🍌 🐒🍌 🌴 🍌 🐒🍌 🐒🍌🍌 🌴 🐒 🍌🍌🍌🍌 🍌 🌴 🍌🐒🐒🍌 🐒🐒🐒 🍌🍌🍌 🐒 🌴 🍌🐒🐒 🍌🍌 🐒 🍌🍌🍌🍌 🌴 🐒🍌🐒🐒 🐒🐒🐒 🍌🍌🐒 🍌🐒🍌 🌴 🐒 🍌 🍌🐒 🐒🐒 🐒🍌 🍌🐒 🐒🐒 🍌 🌴 🍌 🐒🍌 🐒🍌🐒🍌 🐒🐒🐒 🐒🍌🍌 🍌 🐒🍌🍌 🌴 🍌🐒🍌🍌 🍌🍌 🐒🍌🐒 🍌 🌴 🐒 🍌🍌🍌🍌 🍌🍌 🍌🍌🍌 🌴 🐒 🍌 🐒🍌🍌🐒 🐒 🐒🐒🍌🍌🐒🐒 🌴 🍌🐒 🐒🍌 🐒🍌🍌 🌴 🍌🐒🐒 🍌 🌴 🍌🐒🐒 🍌🍌 🍌🐒🍌🍌 🍌🐒🍌🍌 🌴 🍌🍌🍌 🍌 🐒🍌 🐒 🌴 🐒🍌🐒🐒 🐒🐒🐒 🍌🍌🐒 🌴 🐒🍌🐒🐒 🐒🐒🐒 🍌🍌🐒 🍌🐒🍌 🌴 🍌🍌🐒🍌 🍌🐒🍌🍌 🍌🐒 🐒🐒🍌 🐒🍌🐒🍌🐒🐒

Prioritizing and securing your OT infrastructure isn't just a good idea—it's essential for protecting our critical systems. Here's an example of why: It's Cybersecurity month, and of course, Kalmarunionen want to showcase our talent! Although Operational Technology Security isn't always considered the most sexy area, it is crucial for protecting our critical infrastructure and ensuring resilience against cyber attacks in a modern society. Our longtime member Jens Nielsen from ICSRange despite his young age, has been securing a lot of OT infrastructure while also conducting solid vulnerability research in OT devices such as PLCs & Serial Device Servers. In his talk at the CyberTek Tech Festival titled “The Journey of Unlocking a Branded W2150A Serial Converter,” (https://lnkd.in/ei8yvNgT) Jens takes us through his process of understanding, unlocking, and ultimately exploiting a branded Serial Device Server—a crucial piece of technology that, if accessed by the wrong person, can have a major impact on an organization. One of the techniques Jens addressed was used some months later with his fellow #Kalmarunionen player Viktor E.. When they in about 28 hours during a CTF, found a vulnerability in ASUS router firmware, resulting in CVE-2024-33278 (https://lnkd.in/eVJeivvT). The bug had a CVSS score of 9.8—about as severe as it gets. This again shows how collaboration and participating in CTFs is not only fun but also leads to learning from each other and finding bugs in critical appliances. If you feel like you can contribute to the Kalmarunionen team, head over to kalmarunionen.dk and apply, or just drop us some kind words—compliments always make the team smile 😀 #cybersecurityawarenessmonth #OTSecurity #VulnerabilityResearch #CTF #hacking #NIS2 #CER

🌟 Kalmarunionen Soars Toward World #1 with Another CTF hacking Victory! 🏆 We are ecstatic to announce that Kalmarunionen secured yet another CTF win at the Politecnico di Torino M0lecon Qualifier this weekend, qualifying for the finals for the fourth consecutive year! 🎉 This triumph brings some astonishing stats: we've accumulated more points this season than last year's overall winning team—as you can see on the ctftime.org leaderboard. But the journey isn't over! We know that the #1 spot isn't guaranteed, and we're gearing up to give it our all in the upcoming events over the next three months to solidify our position at the top of the world #hacking rankings. 💪 Keep an eye out as we push forward! We are immensely grateful for your ongoing support and encouragement. 🙏 Please continue to cheer us on! A huge thank you to VENZO — it was wonderful to be back at your office. 🏢 Also, a friendly reminder that the European Union Agency for Cybersecurity (ENISA) ECSC EuropeanCyberSecurityChallenge is just around the corner. Let's get behind and support the incredible talent of the Danish national team!🇩🇰 (De Danske Cybermesterskaber) ✨ Special shoutout 🙌 to our sponsors whose support drives our meet-ups, learning initiatives, and participation in international competitions: Industriens Fond, VENZO, JN Data, Dubex, ICSRange & CyberSkillsDK. If you would like to support #Kalmarunionen reach out to Rolf Lunn or Morten Eskildsen on linkedin or write us at sponsor@kalmarunionen.dk #cybersecurity #cyberlandsholdet

🏆 We just won Google's hacking competition 2024 - Google CTF! 🏆 We are thrilled to announce that we have emerged victorious in the Google CTF, securing the top spot on CTFtime.org Global CTF Ranking, earning $12,345 in prize money from Google, and ensuring our place at the Google Hackceler8 finals in Malaga later this year. This weekend, our team gathered at Truesec Denmark offices in Copenhagen and gave it our all as Kalmarunionen. From placing 47th at Google CTF in 2020, we’ve come a long way to claim victory. These past two months have been filled with incredible stories, and we look forward to sharing more on LinkedIn and launching a new website after the summer to delve deeper into the exciting things happening within #Kalmarunionen. A heartfelt thank you to all our members and supporters over the past four years. It’s been a fantastic journey of learning, hard work, and fun. Here’s to more great achievements together! A special shoutout 🙌 to our sponsors whose support drives our meet-ups, learning initiatives, and participation in international competitions: Industriens Fond, VENZO, JN Data, Dubex, ICSRange & CyberSkillsDK. And again a big thanks to Truesec Denmark for hosting us this weekend. If you would like to support #Kalmarunionen reach out to Rolf Lunn or Morten Eskildsen on linkedin or write us at sponsor@kalmarunionen.dk

🚀 Interesseret i #hacking? På #V2security messen i KBH den 2. maj har du chancen for at blive inspireret og lære mere om det danske og nordiske hacker-community, når Morten Eskildsen fra Kalmarunionen fortæller om, hvordan det er at deltage i #Defcon Hacker Finalen i Las Vegas.

🚀 Kalmarunionen and Norsecode Aim for DEFCON Glory – Sponsors Needed! 🚀 This weekend, Kalmarunionen collaborates with our Nordic peers at meetup in Copenhagen under the #Norsecode flag to qualify for the prestigious #DEFCON finals. To qualify last year we fought right to the end (check out video from the post). 🌟 Stepping Up Our Game in 2024 🌟 This year, we’re even stronger. Positioned as a powerhouse on the international CTF leaderboard, Kalmarunionen, alongside our Nordic partners, is ready to go all in. The last month results speak for themselves, 2 place in PlaidCTF, Qualified for Midnight Sun Finals and this weekend we won UMDCTF. 💡 We're Seeking Sponsors! 💡 The path to DEFCON is demanding. We need support for travel, housing, and crafting the infrastructure to compete on an international scale. Sponsorships play a crucial role in our journey. Are you ready to support our quest and gain visibility in the security space? 🌍 Contact Rolf Lunn or Morten Eskildsen or at write us at sponsor@kalmarunionen.dk. Let's explore how we can promote your venture while striving for global cybersecurity leadership. 🏆 #Cybersecurity

Kalmarunionen Takes Silver at Carnegie Mellon University PlaidCTF and Leads the Global CTF Rankings! Excited to announce that Team Kalmarunionen secured 2nd place at Carnegie Mellon University 14th PlaidCTF. This victory places us at the top of the global leaderboard for the 2024 season, matching our total points from the entire 2022 season! Big thanks to the Plaid Parliament of Pwning (PPP) at Carnegie Mellon for hosting this top-notch competition. It’s always amazing to go head-to-head with some of the best in the world, including learning from the legendary #DEFCON champs. This competition pushed our limits and creativity, especially when we sent over 200,000 requests to crack a tough system—not the quietest method, but it worked and we learned a ton! A heartfelt shoutout 🙌 to our sponsors - their support propels our meet-ups, learning initiatives, and participation in international hacking competitions. A massive thank you to: Industriens Fond, VENZO, JN Data, Dubex, ICSRange & CyberSkillsDK If you would like to support #Kalmarunionen reach out to Rolf Lunn or Morten Eskildsen Eskildsen on linkedin or write us at sponsor@kalmarunionen.dk

Sammen med Aarhus Universitet afholder vi en mindre CTF i Aarhus om 2 uger i forlængelse at Matchpoint konferencen. Der er stadigvæk pladser, så kom og vær med når vi indtager DOKK1!

🚨 Hackers, get ready! 🚨 🎉 Kalmarunionen is thrilled to bring back our #KalmarCTF challenge! 🎉 Last year was epic, and we're doing it all over again. Thanks to Hex-Rays, we've got those sweet #IDAPro licenses for our #ctf winners. 🏆 Whether you're here to defend your title or to claim a new one, we're looking for you. Dive into our world of top-tier binary exploitation challenges. It's not just a contest; it's a test of skill, speed, and smarts. 🗓 Mark your calendars: March 15th - March 17th, 2024. You've 48 hours to battle it out with the best in the classic CTF categories. Why join? It's simple: 🥇 Challenge yourself against the world's finest. 🎁 Win #IDAPro licenses, thanks to Hex-Rays. 🤝 Meet and compete with a community of passionate hackers (over 3000 last year). Ready for the ultimate #CTF adventure? It's happening at #Kalmarunionen. 🔍 For more details, head over to our website: KalmarC.TF See you at #KalmarCTF 2024! Let's make it legendary. 🌟 #Kalmarunionen #hacking #HexRays #cybersecurity