Operational / technical Archieven - Page 2 of 3

How to develop secure software

Secure software development frameworks and methodologies have been around for 20 years. Yet, despite many companies committing to them, we still have vulnerable software that enables devastating cyberattacks. Therefore, many organizations question the value of secure software development processes and do not know how to organize their software development to be secure-by-design. In this talk, […]

Hack the Hospital – A Deep Dive of ON2IT and Haaglanden Medical Centre (HMC)

Hack the Hospital: When Cyber Threats Turn Physical Hospitals are increasingly at risk—not just from data breaches, but from digital attacks that disrupt physical systems. In this live, on-stage demonstration, ON2IT and HMC reveal how attackers exploit overlooked infrastructure like HVAC and water systems to cause real-world impact, from postponed surgeries to compromised patient safety. […]

From large scale data collection to timelining events.

In recent years, Fox-IT has observed a significant evolution in the field of Incident Response (IR). With the scale of incidents increasing, our engagements now frequently involve managing not just a few systems but handling over a thousand. This increase in scale has necessitated refining our approach to seamlessly integrate diverse data sources, manage a […]

From Lab to Field: Hansken Dev Joins Cyber Team

Team Cybercrime Rotterdam (TCC Rotterdam) recently dismantled a facilitator network behind large scale helpdesk fraud. The operation offers a rare inside look at how modern digital evidence techniques reconstruct a criminal modus operandi—and how Digital Forensics as a Service (DFaaS) accelerates that process. Facilitators supplied everything the callers needed: phishing portals, victim lead lists, VOIP […]

From Comments With Love

At the request of the Dutch public broadcasting company NOS, two experts of DataExpert and Infoblox investigated a wave of spammy, sexualized GIF comments on Instagram. They uncovered a coordinated campaign tied to an affiliate of the cybercriminal network VexTrio. These seemingly harmless GIFs were designed to lure users towards malicious websites, with traffic routed […]

Following modern attacks into the cloud and beyond

Over the last years adversaries have been developing their tradecraft and at CrowdStrike we are calling this the year of the enterprising adversary. They are moving away from pure end point exploitation to increased use of voice-based phishing techniques, compromising the cloud and penetrating SaaS services. Defenders need to learn from the adversary and adapt […]

Enhancing Cyber Resilience in European Power Grids

This session delves into the Dutch segment of the eFORT project, an EU-funded initiative aimed at bolstering the resilience and security of Europe’s power grids against failures, cyberattacks, physical disturbances, and data privacy issues. The Dutch partners in this project are TU Delft, TenneT, TNO, ENCS, and DNV, and focus among others on the development […]

Elevate Your API Testing Game: WuppieFuzz in Action

With many businesses depending on communications between digital services, well-specified application programming interfaces (APIs) are used to facilitate this. However, as these APIs form a point of entry to critical applications, they are an attractive target for malicious actors. Therefore, thorough testing of these APIs is desired. With the growing number of APIs available for […]

DORA TLPT: Strengthening financial cyber resilience

The Digital Operational Resilience Act (DORA), which came into force on January 17, 2025, mandates financial institutions to conduct Threat Led Penetration Testing (TLPT) to enhance their cyber resilience within the European Union. TLPT simulates realistic cyber attacks based on the TIBER-EU framework, aiming to identify vulnerabilities and improve the institution’s detection and response capabilities. […]

Dead Man’s PLC: Ransoming the Physical World via OT

Cybercrime is currently the most pervasive threat to organisations who use operational technology (OT), but it isn’t the most significant threat to OT itself. That’s because cybercrime models like ransomware and double extortion are aimed at IT and simply don’t translate well to OT. However, as cybercriminals diversify and specifically target OT, the development of […]