DIVD / Team / Ralph Horn

Home
Team
Code of Conduct
News
Reports
CSIRT
Partners
Contact
Donate

Ralph horn

Ralph Horn

Role: CSIRT handler
Department: CSIRT

Social media

Icon - Ralph Horn

Articles / cases / cves

CSIRT Cases

DIVD-2022-00027 - F5 BIG-IP iControl REST API remote code execution
DIVD-2022-00025 - VMware - CVE-2022-22954
DIVD-2022-00024 - Spring Cloud RCE - CVE-2022-22963
DIVD-2022-00022 - WatchGuard Firebox and XTM appliance ACE vulnerability
DIVD-2022-00017 - Global Healthcare Vulnerabilities
DIVD-2022-00012 - Global Charity Vulnerabilities
DIVD-2022-00010 - Auth bypass in SAP
DIVD-2022-00008 - XSS Zeroday in Zimbra
DIVD-2022-00004 - Post-Log4J Open Database C2 and Monero Miner Infections
DIVD-2021-00038 - Apache Log4j2
DIVD-2021-00033 - Sites with Potential SQL-Injection
DIVD-2021-00027 - Apache HTTP 2.4.49 Path Traversal and File Disclosure

CSIRT blog posts

10 December 2021 - Apache log4j2 remote code execution
07 October 2021 - Apache HTTP 2.4.49 Path Traversal and File Disclosure Update

Security
Twitter
Github
ANBI

Scanning from
AS50559
IPv4: 194.5.73.0/24 aka 194.5.73.0-194.5.73.255 - Our own local infrastructure
Cyberwar.nl
IPv4: 149.210.129.7 - Operated by Matthijs Koot
log4jdns.x00.it
IPv4: 5.2.67.229 - We use this domain and DNS server to track log4j vulnerabilities