Frank Breedijk

Manager and initiator of the DIVD CSIRT, previous know as Dutch Security Hotline. In daily live he is the CISO of Schuberg Philis

Social media

Icon - Seccubus
Icon - Frank Breedijk

Articles / cases / cves

CSIRT Cases

• DIVD-2021-00012 - Warehouse Botnet
• DIVD-2021-00001 - Microsoft on-prem Exchange Servers
• DIVD-2020-00013 - Gelekte phishing wachtwoorden / Leaked phishing credentials
• DIVD-2020-00012 - 49 000 vulnerable Fortinet VPN devices
• DIVD-2020-00011 - Four critical vulnerabilities in Vembu BDR
• DIVD-2020-00010 - wpDiscuz plugin Remote Code Excution
• DIVD-2020-00009 - Pulse Secure VPN enterprise Leak
• DIVD-2020-00008 - 313 000 Wordpress sites scanned
• DIVD-2020-00005 - Apache Tomcat AJP File Read/Inclusion Vulnerability
• DIVD-2020-00002 - Wildcard certificaten Citrix ADC
• DIVD-2020-00001 - Citrix ADC

CVEs contributed to

• CVE-2021-26471 - Unauthenticated remote command execution
• CVE-2021-26472 - Unauthenticated remote command execution
• CVE-2021-26473 - Unauthenticated arbitrary file upload and command execution
• CVE-2021-26474 - Unauthenticated server side request forgery

CSIRT blog posts

• 14 May 2021 - Closing ProxyLogon case / Case ProxyLogon gesloten
• 16 March 2021 - Additionele exchange scan script/additional exchange scan script
• 03 March 2021 - Actief misbruik Exchange Zero-day / Active abuse Exchange Zero-day
• 01 January 2021 - Phising slachtoffer notificatie / Victim notification phishing
• 07 August 2020 - wpDiscuz kwetsbaarheid maakt het mogelijk systeem over te nemen / wpDiscuz vulnerability allows system takeover
• 05 August 2020 - Datadump met informatie over vermoedelijk gehackte PulseVPN systemen gelekt / Datadump with information on hacked PulseVPN systems leaked
• 28 May 2020 - Ernstige lek in Citrix ShareFile storage server / Critical vulnerability in Citrix ShareFile storage server
• 12 March 2020 - Mircosoft repareert lek in SMB v3 / Microsoft patches vulnerability in SMB v3
• 12 March 2020 - Ernstig ongepatched lek in SMB v3 / Critical unpatched vulnerability in SMB v3
• 15 February 2020 - Citrix talk en demo bij Hackerhotel / Citrix talk and demo at Hackerhotel
• 05 February 2020 - Wederom Citrix meldingen / Citrix notifications again
• 29 January 2020 - BlueGate patch restart?
• 26 January 2020 - DIVD Call For Volunteers
• 22 January 2020 - Wildcard certificaten aangetroffen op veel kwetsbare Citrix ADC systemen / Lots of vulnerable Citrix ADCs used wildcard certificates
• 19 January 2020 - Eerste Citrix patches beschikbaar, andere patches sneller / First Citrix patches available, other patches available sooner
• 17 January 2020 - We gaan weer door met scannen en melden ! / We have resumed scanning and notifying !
• 16 January 2020 - Citrix mitigatie blijkt niet betrouwbaar / Citrix mitigation turns out to be unreliable
• 15 January 2020 - Controles voor de Citrix ADC compromittatie / Checks to see if your Citrix ADC is compromised
• 13 January 2020 - Wijd verspreide kwetsbaarheid in Citrix Gateway en Citrix Application Delivery Controller