Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Facebook Open Sources CTF 2019 Challenges

Facebook’s first-ever global Capture the Flag (CTF) competition took place earlier this month and the company has now made the challenges available in open source. 

Facebook’s first-ever global Capture the Flag (CTF) competition took place earlier this month and the company has now made the challenges available in open source. 

Over 1,600 teams from over 65 countries competed in the social platform’s CTF competition, which took place between June 1 and June 3, 2019. 

The G+ team, which includes members of Google’s security team, emerged as winner. 

Balsn, a CTF team from Taiwan, came in second place, while PPP (the Plaid Parliament of Pwning) from Carnegie Mellon University ended up on the third place. 

“We’d like to congratulate and recognize the teams that scored the largest number of points during the CTF,” Gulshan Singh, Security Engineer at Facebook, noted in a blog post.

Prizes in the competition were $3,133.7 for the winner, $2,000 for the second place, and $1,000 for the third place. 

The source code and solutions for Facebook CTF 2019 are now available on GitHub, for all those who missed the chance to enter the actual competition to analyze. 

“The breadth and depth of the talent competing in the CTF was incredible, and it was thrilling to see all the different ways that teams solved the challenges our security team members built for the competition. We learned some new techniques and hope that CTF players were able to pick up a few new skills, too,” Singh said.  

Google is hosting the qualification round this week for its fourth-annual CTF event, which features a total of $31,337.00 in prize money. 

Related: Google Announces Fourth-Annual Capture the Flag Event

Related: Facebook Pays $120,000 in Bounties at BountyCon

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.

Vulnerabilities

Security researchers have observed an uptick in attacks targeting CVE-2021-35394, an RCE vulnerability in Realtek Jungle SDK.

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Vulnerabilities

Several vulnerabilities have been patched in OpenText’s enterprise content management (ECM) product.

Vulnerabilities

Google has awarded more than $25,000 to the researchers who reported the vulnerabilities patched with the release of the latest Chrome update.