A1 Cyber Attack 2020 – Lessons Learned
A1 is the biggest telecommunications provider and incumbent operator in Austria. I will briefly explain the major cyberattack against A1 in Austria and our response. The defense was very complex and took a lot of planning and preparation. On the one hand, we had to regain complete control of our office infrastructure, on the other […]
Unveiling “Lucid” – A Silent Enabler of Financial Fraud
Unveiling “Lucid” – A Silent Enabler of Financial Fraud Lucid is a rising but under-the-radar Phishing-as-a-Service (PhaaS) platform that’s quietly fueling large-scale financial fraud across the globe. Built by Chinese-speaking threat actors, it supports phishing campaigns targeting over 200 organizations in 80+ countries, enabling cybercriminals to steal payment card data with ease. The group stands […]
Researchers vs. Threat Actors in Cloud Attacks
Security researchers push the boundaries of what’s possible. (Nation-state) threat actors push the boundaries of what’s exploitable. In this talk, a cloud security researcher and a threat intelligence analyst team up to explore how cutting-edge cloud attack research is rapidly weaponized by espionage threat groups. We’ll walk through real-world examples where newly published techniques – […]
SBOM: beyond simply listing CVEs
Organizations need to manage cybersecurity risks in increasingly complex IT and OT infrastructures that are comprised of heterogeneous systems and services, both on-premise and in the cloud. Many of these components are produced or provided by third parties, exposing organizations to various risks that need to be carefully managed and mitigated (a.o. to prepare for […]
The Cyclotron public private collaboration journey
Share incident and threat data in public–private collaboration, do analyses together and create and distribute the findings to all relevant organizations in the Netherlands. In this way, we can make the Netherlands an unattractive target for digital attacks. What have we been doing in our current journey of public-private collaboration? Let’s develop, automate and secure […]
Hackers don’t break in, they log in
In 2025, the biggest threat to your organization may already be inside — not through an elaborate breach, but through a legitimate login. Infostealer malware has surged across the cybercrime landscape, quietly harvesting credentials from unsuspecting victims and feeding a booming underground market. This trend poses a serious and often underestimated risk to all kinds […]
Inside a CTI investigation
In July 2024, the Security Operations Centre (SOC) of the Dutch Tax and Customs Administration identified a domain that appeared to be associated with a certificate belonging to the Dutch Tax and Customs Administration. After a quick analysis, we determined it wasn’t our infrastructure, but now we had to figure out what was causing the […]
Cognitive Readiness for Cyber Disruptions
Cyber disruptions are rarely clear-cut. Impact is often uncertain, timelines unclear, and threats evolve quickly. Teams must make decisions under pressure, ambiguity, and while suffering from fatigue. Yet, cybersecurity as a domain continues to underestimate the role of human performance capabilities and limitations in detection, response, and recovery. This talk introduces a cognitive readiness framework […]
Cybersecurity Techniques to Solve Fraud Problems
For the last decade, tier 1 financial institutions have been using cybersecurity teams, data, and technology to address the growing challenge of digitally-enabled fraud and abuse. This session introduces some of these approaches, including how to use data, machine learning / AI, and modified cybersecurity techniques to address fraud earlier and more effectively. Specific real-world […]
CYRA: Building Resilience & Trust in Supply Chains
In this session we explain the method of cyber rating – CYRA in short. CYRA has started with an IT module (based on ISO-27001) and the OT module (based on IEC-62443) has been added recently. In this session, we present CYRA – a cyber rating methodology designed to significantly improve digital resilience across critical supply […]
