Page Number: 2
Total Pages: 3
Has Next: true
Has Prev: true
Pages on Current Page:
Title: CASE: KASEYA - Date: 2024-02-14 09:28:00 +0100 +0100
Title: CASE: SMARTERMAIL - Date: 2024-01-09 21:29:00 +0100 +0100
Title: CASE: EXPOSED BACNET DEVICES - Date: 2023-12-19 13:42:20.205 +0000 UTC
Title: CASE: ATLASSIAN CONFLUENCE - Date: 2023-12-18 22:00:00 +0100 +0100
Title: NEWS: INGE BRYAN NIEUWE BESTUURSVOORZITTER DIVD - Date: 2023-11-25 18:19:40.931 +0000 UTC
Title: CASE: GLOBAL VMWARE ESXI RANSOMWARE ATTACKS - Date: 2023-10-21 23:24:00 +0200 +0200
Title: CASE : AUTHENTICATION BYPASS IN JETBRAINS TEAMCITY - Date: 2023-10-05 21:18:58.544 +0000 UTC
Title: CASE: AUTHENTICATION BYPASS & REMOTE CODE EXECUTION IN CONNECTWISE SCREENCONNECT - Date: 2023-10-02 15:03:00 +0200 +0200
Title: NEWS: Veel gemeenten reageren nog niet adequaat op beveiligingslekken - Date: 2023-10-02 14:58:00 +0200 +0200
Title: Testartikel voor publish date 1 - Date: 2023-01-01 09:00:00 +0000 UTC
Title: CASE: APACHE LOG4J2 - Date: 2022-04-05 10:06:00 +0200 +0200
Title: CASE: LEAKED PHISHING CREDENTIALS (ZOOM) - Date: 2021-07-01 00:01:00 +0200 +0200
case
CASE: KASEYA
One of the biggest (ransomware) cases in history, a case with a huge impact worldwide.
case
CASE: SMARTERMAIL
A DIVD researcher discovered multiple vulnerabilities in SmarterMail. Both vulnerabilities were found within the webmail frontend of SmarterMail.
case
CASE: EXPOSED BACNET DEVICES
During the Log4J crisis, researchers uncovered BACnet devices with open ports. Upon further investigation, more devices have been found running the BACnet protocol.
case
CASE: ATLASSIAN CONFLUENCE
After Veloxity identified a zero-day vulnerability, DIVD, DTC, and NSM cooperated to reach out to notify 18.469 vulnerable ISPs.
news
NEWS: INGE BRYAN NIEUWE BESTUURSVOORZITTER DIVD
Met trots en plezier maken we bekend dat Inge Bryan de nieuwe bestuursvoorzitter is van het Dutch Institute for Vulnerability Disclosure. Ze neemt deze rol over van Astrid Oosenbrug. Astrid legt de voorzittershamer neer om zich meer te gaan richten op de ontwikkeling van de DIVD Academy.
case
CASE: GLOBAL VMWARE ESXI RANSOMWARE ATTACKS
In cooperation with DIVD, NCSC-NL and several EU govcerts, 14,986 global vulnerable hosts were found and notified.
case
CASE : AUTHENTICATION BYPASS IN JETBRAINS TEAMCITY
A critical security issue was recently identified in TeamCity On-Premises. If abused, the flaw may enable an unauthenticated attacker with HTTP(S) access to a TeamCity server to perform bypass authentication checks and gain administrative control of that TeamCity server.
case
CASE: AUTHENTICATION BYPASS & REMOTE CODE EXECUTION IN CONNECTWISE SCREENCONNECT
A critical security issue was recently identified in ConnectWise ScreenConnect. If abused, the flaw may enable an unauthenticated attacker to bypass the authentication and execute remote code or directly impact confidential data or critical systems.
news
NEWS: Veel gemeenten reageren nog niet adequaat op beveiligingslekken
Veel gemeenten reageren te traag of niet adequaat genoeg op meldingen over beveiligingslekken. Deze zogenoemde Coordinated Vulnerability Disclosures (CVD meldingen) worden vaak gedaan door ethische hackers die zo het internet veiliger willen maken. Dit proces is de laatste jaren wel verbeterd, maar er blijft nog steeds een wereld te winnen voor de gemeenten. Dat blijkt uit een recent uitgevoerd onderzoek van de Universiteit Twente en Dutch Institute for Vulnerability Disclosure (DIVD) onder 114 Nederlandse gemeenten.
case
Testartikel voor publish date 1
tekstlalalalala
case
CASE: APACHE LOG4J2
Apache reported a remote code execution vulnerability in Apache Log4j2, the vulnerability in the Log framework of Apache makes it possible to misuse the record log information feature. This makes it possible for an attacker to construct special data request packets through this vulnerable component, and ultimately trigger remote code execution.
case
CASE: LEAKED PHISHING CREDENTIALS (ZOOM)
At the end of November 2020, criminals conducted a phishing campaign that mimicked Zoom message invites and notifications about mail quarantine. On January 1, 2021, email notifications were sent to the victims of this phishing scheme. In total, 370 emails were distributed.