Frank Breedijk
Role: Manager DIVD CSIRTDepartment: Institute
Manager and initiator of the DIVD CSIRT, previous know as Dutch Security Hotline. In daily live he is the CISO of Schuberg Philis
Social media
Icon - SeccubusIcon - Frank Breedijk
Articles / cases / cves
Blog posts
- 14 February 2022 - Dutch Security Information Clearinghouse started
- 01 February 2022 - DIVD is a CVE Numbering Authority
CSIRT Cases
- DIVD-2022-00014 - GreyNoise's Ukraine only list
- DIVD-2021-00030 - GitLab Unauthenticated RCE Flaw
- DIVD-2021-00027 - Apache HTTP 2.4.49 Path Traversal and File Disclosure
- DIVD-2021-00026 - Omigod: Microsoft Open Management Interface RCE
- DIVD-2021-00022 - Exchange ProxyShell and ProxyOracle
- DIVD-2021-00014 - Kaseya Unitrends
- DIVD-2021-00012 - Warehouse Botnet
- DIVD-2021-00011 - Kaseya VSA Disclosure
- DIVD-2021-00002 - Kaseya VSA
- DIVD-2021-00001 - Microsoft on-prem Exchange Servers
- DIVD-2020-00013 - Gelekte phishing wachtwoorden / Leaked phishing credentials
- DIVD-2020-00012 - 49 000 vulnerable Fortinet VPN devices
- DIVD-2020-00011 - Four critical vulnerabilities in Vembu BDR
- DIVD-2020-00010 - wpDiscuz plugin Remote Code Excution
- DIVD-2020-00009 - Pulse Secure VPN enterprise Leak
- DIVD-2020-00008 - 313 000 Wordpress sites scanned
- DIVD-2020-00005 - Apache Tomcat AJP File Read/Inclusion Vulnerability
- DIVD-2020-00002 - Wildcard certificaten Citrix ADC
- DIVD-2020-00001 - Citrix ADC
CVEs contributed to
- CVE-2021-26471 - Unauthenticated remote command execution in Vembu products
- CVE-2021-26472 - Unauthenticated remote command execution with SYSTEM privileges in Vembu products
- CVE-2021-26473 - Unauthenticated arbitrary file upload and command execution in Vembu products
- CVE-2021-26474 - UNAUTHENTICATED SERVER SIDE REQUEST FORGERY IN VEMBU PRODUCTS
- CVE-2021-30116 - Unauthenticated credential leak and business logic flaw in Kaseya VSA <= v9.5.6
- CVE-2021-30117 - Authenticated SQL injection in Kaseya VSA < v9.5.6
- CVE-2021-30118 - Unauthenticated Remote Code Execution in Kaseya VSA < v9.5.5
- CVE-2021-30119 - Authenticated Authenticated reflective XSS in Kaseya VSA <= v9.5.6
- CVE-2021-30121 - (Semi-)Authenticated local file inclusion in Kaseya VSA < v9.5.6
- CVE-2021-30201 - Unauthenticated XML External Entity vulnerability in Kaseya VSA < v9.5.6
- CVE-2021-40385 - Privilege escalation from read-only to administrator in web interface of UniTrends Server < v10.5.5-2
- CVE-2021-40386 - Undisclosed critical vulnerability in Unitrends Client, currently unpatched
- CVE-2021-40387 - Authenticated Remote Code Execution in UniTrends Server < v10.5.5-2
- CVE-2022-24384 - Reflective XSS on SmarterTrack v100.0.8019.14010
- CVE-2022-24385 - Information disclosure via direct object access on SmarterTrack v100.0.8019.14010
- CVE-2022-24386 - Stored XSS in SmarterTrack v100.0.8019.14010
- CVE-2022-24387 - File upload and overwrite to app_data/Config in SmarterTrack v100.0.8019.14010
CSIRT blog posts
- 04 April 2022 - Kaseya Full Disclosure
- 01 February 2022 - DIVD is a CVE Numbering Authority
- 27 November 2021 - NMAP script for GitLab CVE-2021-22205
- 26 August 2021 - Exchange ProxyShell and ProxyOracle
- 26 August 2021 - Kaseya Unitrends update
- 25 August 2021 - Vembu BDR Full Disclosure
- 20 August 2021 - Social media consolidation
- 20 August 2021 - Planned Vembu Full Disclosure
- 07 July 2021 - Kaseya VSA Limited Disclosure
- 14 May 2021 - Closing ProxyLogon case / Case ProxyLogon gesloten
- 16 March 2021 - Additionele exchange scan script/additional exchange scan script
- 03 March 2021 - Actief misbruik Exchange Zero-day / Active abuse Exchange Zero-day
- 01 January 2021 - Phising slachtoffer notificatie / Victim notification phishing
- 07 August 2020 - wpDiscuz kwetsbaarheid maakt het mogelijk systeem over te nemen / wpDiscuz vulnerability allows system takeover
- 05 August 2020 - Datadump met informatie over vermoedelijk gehackte PulseVPN systemen gelekt / Datadump with information on hacked PulseVPN systems leaked
- 28 May 2020 - Ernstige lek in Citrix ShareFile storage server / Critical vulnerability in Citrix ShareFile storage server
- 12 March 2020 - Mircosoft repareert lek in SMB v3 / Microsoft patches vulnerability in SMB v3
- 12 March 2020 - Ernstig ongepatched lek in SMB v3 / Critical unpatched vulnerability in SMB v3
- 15 February 2020 - Citrix talk en demo bij Hackerhotel / Citrix talk and demo at Hackerhotel
- 05 February 2020 - Wederom Citrix meldingen / Citrix notifications again
- 29 January 2020 - BlueGate patch restart?
- 26 January 2020 - DIVD Call For Volunteers
- 22 January 2020 - Wildcard certificaten aangetroffen op veel kwetsbare Citrix ADC systemen / Lots of vulnerable Citrix ADCs used wildcard certificates
- 19 January 2020 - Eerste Citrix patches beschikbaar, andere patches sneller / First Citrix patches available, other patches available sooner
- 17 January 2020 - We gaan weer door met scannen en melden ! / We have resumed scanning and notifying !
- 16 January 2020 - Citrix mitigatie blijkt niet betrouwbaar / Citrix mitigation turns out to be unreliable
- 15 January 2020 - Controles voor de Citrix ADC compromittatie / Checks to see if your Citrix ADC is compromised
- 13 January 2020 - Wijd verspreide kwetsbaarheid in Citrix Gateway en Citrix Application Delivery Controller