Each of RSM's previous Capture the Flag events has included a challenge in which participants were tasked with tracking down a specific wireless access point. There are many examples of the practical applications of being able to accomplish such a task. These include manually verifying potential rogue access points and signal triangulation (which is an entire science in and of ... READ MORE
CTF Example – Cryptography
Our Cryptography challenges have historically been paper-and-pencil options, requiring less raw, technical skill to complete. The category is meant to be a more approachable option for participants who favor puzzles instead of hacking or coding. The example I'll walk you through in this post is no exception. The 300 point challenge from our 2016 CTF event required the ... READ MORE
Let’s Build an Arcade Cabinet: Episode V
The project is finally complete. It's been roughly nine months since we got started, but we finally have a working cabinet in the office. This final post in the series will cover the following items: Final painting Routing Internal hardware Hyperspin Front-end Custom artwork Believe or not, there were no significant changes to design this time! And that was ... READ MORE
Let’s Build an Arcade Cabinet: Episode IV
Well, we're now all covered in saw dust and paint, but the shell is up and ready for hardware! The steps we've taken since Episode III are very straightforward, though we also ended up changing the front of the MCP Base just slightly. Other updates included the following (each of which will be covered in more detail below): Attach the cup holder panel Add casters for ... READ MORE
Personal Preparation for Active Shooter Events
It's an uncomfortable topic to address, and this is certainly a change in tone for the War Room. But unfortunately, it's 2016, and this is the world in which we live. Active Shooter events are now a significant factor in the consideration of organizational security policies and procedures and are steadily increasing in frequency year to year. According to a 2014 study by the ... READ MORE
Let’s Build an Arcade Cabinet: The Series
Episode I: The initial purchase of materials and the assembly of the side panels and kick plate. Episode II: Addition of the coin door and assembly of the lower half of the cabinet. Episode III: Completion of the shell and addition of the control panel. Episode IV: Sanding, priming, and more sanding along with the addition of our cup holders Episode V: Final ... READ MORE
Let’s Build an Arcade Cabinet: Episode III
Last week, I was going back through the arcade cabinet posts, and I realized we started this project way back in October. So, our new goal is to get it up and running by the end of March with everything finished except for the artwork which our graphic design team will be doing internally. Changes in Design In the interest of time, we've opted to purchase a fully ... READ MORE
Bypassing Common Physical Security Interior Controls
A few months ago, I wrote a post about some of the simple techniques we use to get around common perimeter security controls, and I realized today that I've gotten you onto the property and left you high and dry! So, I would like to remedy that today and discuss some of the more successful tactics we use in our day-to-day work to get around interior controls. As in the previous ... READ MORE
Let’s Build an Arcade Cabinet: Episode II
Our busy season is winding down! That means more time to dedicate to the arcade cabinet. I didn't get as far as I would have liked last Wednesday, unfortunately. The shell's interior supports ended up being about an inch off on one side, and it was causing the whole cabinet to lean significantly. That oversight has been addressed, though it ate up a lot of time. Measure twice, ... READ MORE
Bypassing Common Physical Security Perimeter Controls
On a recent physical penetration test, I encountered a curious, but not uncommon, scenario. The target organization sat spread across multiple, disconnected floors in a shared, third party-owned high rise. The large first floor lobby was a public space and included a central guard desk (which really only functioned as an information kiosk). The target did include a reception ... READ MORE