Deep dive Archieven - Page 2 of 3

Stop hiring unicorns: match leadership and organisation

The cybersecurity world talks endlessly about the skills gap, but what if the real issue is a fit gap? In an industry obsessed with job titles and hard skills, we forget a basic truth: there is no single, ideal CISO profile. Every organisation is different; its business goals, risk appetite, digital maturity, culture and their […]

SaaSified Crime: From AiTM to Banking Fraud

Adversary-in-the-Middle (AiTM) phishing attacks have evolved from niche exploits to scalable, SaaS-based crime tools. By bypassing MFA, these services enable attackers to gain access with minimal effort. Now, Dutch cybercriminals are mimicking this model: packaging banking fraud kits as subscription-based services. This talk highlights how the professionalization of phishing is lowering the barrier to entry […]

Rush hour Rodeo and traffic cam selfies

After a journalists inquiry and some internal evaluation on the possibility of chinese state actors having access to camera footage, Muncipality the Hague decided to do a security test focused on an APT threat on their traffic camera infrastructure. During the session we will show how the team approached this project, how some of the […]

Inside a CTI investigation

In July 2024, the Security Operations Centre (SOC) of the Dutch Tax and Customs Administration identified a domain that appeared to be associated with a certificate belonging to the Dutch Tax and Customs Administration. After a quick analysis, we determined it wasn’t our infrastructure, but now we had to figure out what was causing the […]

How to develop secure software

Secure software development frameworks and methodologies have been around for 20 years. Yet, despite many companies committing to them, we still have vulnerable software that enables devastating cyberattacks. Therefore, many organizations question the value of secure software development processes and do not know how to organize their software development to be secure-by-design. In this talk, […]

Hackers don’t break in, they log in

In 2025, the biggest threat to your organization may already be inside — not through an elaborate breach, but through a legitimate login. Infostealer malware has surged across the cybercrime landscape, quietly harvesting credentials from unsuspecting victims and feeding a booming underground market. This trend poses a serious and often underestimated risk to all kinds […]

Hack the Hospital – A Deep Dive of ON2IT and Haaglanden Medical Centre (HMC)

Hack the Hospital: When Cyber Threats Turn Physical Hospitals are increasingly at risk—not just from data breaches, but from digital attacks that disrupt physical systems. In this live, on-stage demonstration, ON2IT and HMC reveal how attackers exploit overlooked infrastructure like HVAC and water systems to cause real-world impact, from postponed surgeries to compromised patient safety. […]

From large scale data collection to timelining events.

In recent years, Fox-IT has observed a significant evolution in the field of Incident Response (IR). With the scale of incidents increasing, our engagements now frequently involve managing not just a few systems but handling over a thousand. This increase in scale has necessitated refining our approach to seamlessly integrate diverse data sources, manage a […]

From Lab to Field: Hansken Dev Joins Cyber Team

Team Cybercrime Rotterdam (TCC Rotterdam) recently dismantled a facilitator network behind large scale helpdesk fraud. The operation offers a rare inside look at how modern digital evidence techniques reconstruct a criminal modus operandi—and how Digital Forensics as a Service (DFaaS) accelerates that process. Facilitators supplied everything the callers needed: phishing portals, victim lead lists, VOIP […]

From Comments With Love

At the request of the Dutch public broadcasting company NOS, two experts of DataExpert and Infoblox investigated a wave of spammy, sexualized GIF comments on Instagram. They uncovered a coordinated campaign tied to an affiliate of the cybercriminal network VexTrio. These seemingly harmless GIFs were designed to lure users towards malicious websites, with traffic routed […]