Growing Pains: Cyber Situation Awareness In Expanding Ecosystems
Situation awareness (SA) is a term often used in the context of cybersecurity collaborations, where knowledge about risks and threats get shared in order to increase collective resilience against cyber threats. The term has increased in popularity ever since the evaluation of the first European Directive on Network and Information Security (NIS1) stated that there […]
The art of analysis
For the ONE, the NCSC will publish the SATs toolbox (naming will change, this is a draft title). SAT stands for structured analytic techniques and are techniques that have been used for decades in the security domain to properly deal with uncertainties. In fact, SATs help to work more effectively and efficiently. SATs are crucial […]
Crypto agility
The crypto agility monster
CERTain Expectations: An Empirical Study into the Challenges of Sector CSIRTs
Sectoral Computer Security Incident Response Teams (sector CSIRTs) play an increasingly vital role in managing cybersecurity incidents within specific sectors, such as local government or critical infrastructures. Despite their growing importance, there is a lack of industry guidance and academic research on the unique challenges faced by sector CSIRTs. This study aims to fill this […]
Young Cyber Talents
Closing event of the French-Dutch project ‘Young Cyber Talents’ | pitching their final results for the challenge | Jury evaluation | Award ceremony | Presentations on French-Dutch Talent Programs and other French-Dutch collaborations.
So Long, and Thanks for All the Phish: A Rare Look Behind the Scenes of a Global Phishing-as-a-Service Operation
This session unveils the inner workings of Darcula, the largest phishing-as-a-service (PhaaS) operations active globally. Through meticulous investigation, we trace Darcula’s infrastructure, from its impersonation of 236 brands to the 30.000+ active phishing domains and 884000+ stolen cards uncovered. This behind-the-scenes journey combines forensic analysis and opensource intelligence (OSINT). The audience will gain rare insights […]
Unveiling “Lucid” – A Silent Enabler of Financial Fraud
Unveiling “Lucid” – A Silent Enabler of Financial Fraud Lucid is a rising but under-the-radar Phishing-as-a-Service (PhaaS) platform that’s quietly fueling large-scale financial fraud across the globe. Built by Chinese-speaking threat actors, it supports phishing campaigns targeting over 200 organizations in 80+ countries, enabling cybercriminals to steal payment card data with ease. The group stands […]
The ever changing AI powered NextGen security industry
Back in 2022, in an unexpected turn of events, the security industry was confronted with its future self. What followed was an intense discussion with heated back and forths that culminated in an industry that – granted, reluctantly – took a look in the mirror. Better times were promised – rational minds prevailed. But now, […]
PQC Migration Survival Panel (Now with 90% Less Anxiety)
The Quantum Computer is on its way, and it is here to stay! The technical development in the field of Quantum Computing is growing quickly and experts expect to see a Cryptographic Relevant Quantum Computer (CRQC) within 10 to 15 years. The CRQC can weaken, and in some specific cases, break widely used algorithms, rendering […]
Scanning the Dutch Healthcare’s External Attack Surface
What are the riskiest technologies used in the Dutch healthcare sector? Do people still expose RDP? Is Dutch healthcare data processed inside the European Union? Z-CERT regularly scans many IPs and domains in use by the Dutch Healthcare sector. In this talk, we will share insights from performing External Attack Surface Management (EASM) on hundreds […]
