Reports
These case reports give you insight into the kinds of vulnerabilities we found, the numbers and how we helped to fix them. If you want to be informed on our current research projects, check the CSIRT page.
2020-00004-Mirai Botnet Infections
25 January 2021, by Jeroen van de Weerd
On 20-01-2020, DIVD CSIRT received a list of IP addresses, usernames and passwords belonging to systems that may have been part of the Mirai botnet. We informed the affected users. After receiving no responce, no further action was taken.
2020-00003-Bluegate
29 January 2021, by Gerard Janssen
Microsoft published two patches for a vulnerability in Windows Remote Desktop Gateway. Microsoft researchers discovered that the RD Gateway had two memory corruption vulnerabilities (CVE-2020-0609 and CVE-2020-0610). DIVD found about 1.137 vulnerable Dutch systems and reported to the owners how to fix these.
2020-00002-Wildcard certificates on Citrix
11 November 2020, by Jeroen van de Weerd
Further analysis of the data on the Citrix vunerability showed that more than 450 of the 700 identified vulnerable Citrix systems were using so-called wildcard certificates, which are TLS certificates that are valid for all subdomains within a domain.
2020-00001-Citrix
13 March 2020, by Chris van ‘t Hof
On December 17th Citrix published a vulnerability in Citrix Application Delivery Controller (ADC) products. These products are also known as NetScaler ADC, Citrix Gateway en Netscaler Gateway. Exploitation of the vulnerability allows an attack to execute arbirary command’s on these servers. DIVDs Security Hotline scaned the Dutch IP range and reported to the owners.