NIS2

More information about this session will follow soon

From DDosia with love

Discover the intricate workings of the DDosia Project, a prominent example of decentralized cyber-attacks originating from a Russian hacker community. Since the beginning of 2023, DDoS attacks by this hacktivist initiative have been in the news frequently. Dutch commercial and governmental organizations have been targeted several times, including the NCSC itself. Learn about the project’s […]

Phishing for Tenants: From Simulation to Tenant Takeover

The rise in popularity of phishing simulations has led to rushed implementations driven by commercial interests. This rush has resulted in the acquisition of platforms and the introduction of some immature and unfinished products aimed at tapping into this rapidly expanding market. In this talk, I will highlight glaring issues with Microsoft’s phishing simulation framework […]

Vulnerabilities: How to Patch When There is No Patch?

In an turbulent era where the digital infrastructure is integral to organizational operations and the resilience of countries, the concept and impact of vulnerabilities has vastly evolved. This presentation will take attendees on a journey through the vulnerability space and its impact. how did we get where we are today? We will walk through the […]

Turning backups into gold: Backup Alchemy for OT

This talk is a collaboration between Fox-IT and Airbus. Airbus has recently released The BackupAlchemy Tool (T-BAT), their open-source tool for turning backups into a gold mine of information. With T-BAT, Airbus has been able to provide insight into their Operational Technology (OT) environments in ways that were previously not possible, solving not just cybersecurity […]

Attacking OT Without Specialized Knowledge: a New Threat

Due to the unique characteristics of Operational Technology (OT), i.e., technology centered around cyber-physical activities, performing OT-related cyber-attacks is traditionally thought to require both specialized- and generic IT-related knowledge. However, in recent years, the need for specialized knowledge decreased, and OT-related cyber-attacks became increasingly easier to perform. During this presentation, I profile a new threat […]

The truth lies in the packet – OT Network Monitoring

Systems for attack detection are mandatory in Germany with no distinction between IT and OT. We evaluated more than 20 industrial networks with the open source framework malcolm. This talk will show you good practices and what we learned during our site visits.

Diving Into The Attack Surface of the Netherlands

The non-profit Shadowserver Foundation (https://shadowserver.org) has been active for over 15 years, delivering free daily cyber threat intelligence feeds to National CSIRTs (over 201 National CSIRTs covering 175 countries and territories) and many other organizations that have an Internet presence (over 8000 organizations worldwide, including Sectoral CSIRTs, ISP/CSPs, hosting providers, enterprises, banks, academia, hospitals, SMEs, […]

Unraveling the Mind behind the APT

Interested in buying a new car or attending a free wine tasting event? Well, there’s at least one Advanced Persistent Threat (APT) group that hopes you are! This talk delves into the phishing campaigns sent by the world’s most sophisticated APTs. It examines an extensive collection of thousands of APT phishing emails, sometimes associated with […]