Frank Breedijk
Role: Crisis manager (+ CSIRT helper)Frank is volunteer and part of DIVD’s management team since the start. As a response to the Citrix Crisis and a fundamental flaw in the Dutch system for ‘cyber target and victim notification’ he started the DIVD CSIRT which is operational since January 2020. After het handed over title of Head of CSIRT to Leanneard oudshoorn, Frank stayed active in the DIVD CSIRT, but transitioned to the role of Crisis Manager. Frank puts on his crisis management cape either when there is a treat to the existance of DIVD or during high profile cases such as e.g. the SolarMan case. Frank has over 25 years of cyber security experience, his current day-job is CISO at Schuberg Philis where he has been employed for the last 18+ years. He is very active in the Dutch community as secretary of the Nederlands Security Meldpunt, chairman of the MSP-ISAC and in DefCon Holland. He is an experienced keynote speaker and has presented at many conferences, he is also known for his balloon folding and fire breathing workshops at various hacker events. If you want him to waist your time ask him about his farmhouse form 1751, beekeeping or his telex machine.
Social media
Icon - @seccubusIcon - Frank Breedijk
Articles / cases / cves
Blog posts
- 14 February 2022 - Dutch Security Information Clearinghouse started
- 01 February 2022 - DIVD is a CVE Numbering Authority
CSIRT Cases
- DIVD-2024-00022 - Millions of credentials scraped from Telegram
- DIVD-2024-00019 - Victim Notification Operation Endgame
- DIVD-2024-00014 - Qlik Sense Remote Code Execution
- DIVD-2024-00011 - Six vulnerabilities in Enphase IQ Gateway devices
- DIVD-2024-00001 - Auth. Bypass and Command Injection in Ivanti VPN appliance
- DIVD-2023-00001 - Citrix systems vulnerable for CVE-2022-27510 and/or CVE-2022-27518
- DIVD-2022-00068 - Multiple vulnerabilities identified within White Rabbit Switch from CERN
- DIVD-2022-00064 - Multiple injection vulnerabilities identified within Axiell Iguana CMS
- DIVD-2022-00063 - Memory overflow vulnerability in FortiOS SSL VPN
- DIVD-2022-00048 - Dossier Energy Transition
- DIVD-2022-00045 - Injection vulnerability found within Socket.io
- DIVD-2022-00033 - Atlassian Confluence 0-day unauthenticated RCE
- DIVD-2022-00020 - Inproper input validation vulnerabilities identified within Feathers.js
- DIVD-2022-00014 - GreyNoise's Ukraine only list
- DIVD-2022-00013 - The curious case of the odd update.microsoft.com certificates
- DIVD-2022-00009 - SolarMan backend administrator account/password
- DIVD-2021-00037 - Critical vulnerabilities in ITarian MSP platform and on-premise solution
- DIVD-2021-00030 - GitLab Unauthenticated RCE Flaw
- DIVD-2021-00027 - Apache HTTP 2.4.49 Path Traversal and File Disclosure
- DIVD-2021-00026 - Omigod: Microsoft Open Management Interface RCE
- DIVD-2021-00022 - Exchange ProxyShell and ProxyOracle
- DIVD-2021-00020 - OSNexsus QuantaStor limited disclosure and product warning
- DIVD-2021-00014 - Kaseya Unitrends
- DIVD-2021-00012 - Warehouse Botnet
- DIVD-2021-00011 - Kaseya VSA Disclosure
- DIVD-2021-00002 - Kaseya VSA
- DIVD-2021-00001 - Microsoft on-prem Exchange Servers
- DIVD-2020-00013 - Gelekte phishing wachtwoorden / Leaked phishing credentials
- DIVD-2020-00012 - 49 000 vulnerable Fortinet VPN devices
- DIVD-2020-00011 - Four critical vulnerabilities in Vembu BDR
- DIVD-2020-00010 - wpDiscuz plugin Remote Code Excution
- DIVD-2020-00009 - Pulse Secure VPN enterprise Leak
- DIVD-2020-00008 - 313 000 Wordpress sites scanned
- DIVD-2020-00005 - Apache Tomcat AJP File Read/Inclusion Vulnerability
- DIVD-2020-00002 - Wildcard certificaten Citrix ADC
- DIVD-2020-00001 - Citrix ADC
CSIRT blog posts
- 18 January 2023 - Fox-IT and DIVD cooperate to warn owners of vulnerable Citrix servers
- 14 December 2022 - Fortinet sslvpnd vulnerability - update
- 15 August 2022 - Closing GeyNoise Ukraine Only case
- 08 June 2022 - ITarian critical vulnerabilities
- 03 June 2022 - Confluence 0-day
- 04 April 2022 - Kaseya Full Disclosure
- 01 February 2022 - DIVD is a CVE Numbering Authority
- 27 November 2021 - NMAP script for GitLab CVE-2021-22205
- 26 August 2021 - Exchange ProxyShell and ProxyOracle
- 26 August 2021 - Kaseya Unitrends update
- 25 August 2021 - Vembu BDR Full Disclosure
- 20 August 2021 - Social media consolidation
- 20 August 2021 - Planned Vembu Full Disclosure
- 07 July 2021 - Kaseya VSA Limited Disclosure
- 14 May 2021 - Closing ProxyLogon case / Case ProxyLogon gesloten
- 16 March 2021 - Additionele exchange scan script/additional exchange scan script
- 03 March 2021 - Actief misbruik Exchange Zero-day / Active abuse Exchange Zero-day
- 01 January 2021 - Phising slachtoffer notificatie / Victim notification phishing
- 07 August 2020 - wpDiscuz kwetsbaarheid maakt het mogelijk systeem over te nemen / wpDiscuz vulnerability allows system takeover
- 05 August 2020 - Datadump met informatie over vermoedelijk gehackte PulseVPN systemen gelekt / Datadump with information on hacked PulseVPN systems leaked
- 28 May 2020 - Ernstige lek in Citrix ShareFile storage server / Critical vulnerability in Citrix ShareFile storage server
- 12 March 2020 - Mircosoft repareert lek in SMB v3 / Microsoft patches vulnerability in SMB v3
- 12 March 2020 - Ernstig ongepatched lek in SMB v3 / Critical unpatched vulnerability in SMB v3
- 15 February 2020 - Citrix talk en demo bij Hackerhotel / Citrix talk and demo at Hackerhotel
- 05 February 2020 - Wederom Citrix meldingen / Citrix notifications again
- 29 January 2020 - BlueGate patch restart?
- 26 January 2020 - DIVD Call For Volunteers
- 22 January 2020 - Wildcard certificaten aangetroffen op veel kwetsbare Citrix ADC systemen / Lots of vulnerable Citrix ADCs used wildcard certificates
- 19 January 2020 - Eerste Citrix patches beschikbaar, andere patches sneller / First Citrix patches available, other patches available sooner
- 17 January 2020 - We gaan weer door met scannen en melden ! / We have resumed scanning and notifying !
- 16 January 2020 - Citrix mitigatie blijkt niet betrouwbaar / Citrix mitigation turns out to be unreliable
- 15 January 2020 - Controles voor de Citrix ADC compromittatie / Checks to see if your Citrix ADC is compromised
- 13 January 2020 - Wijd verspreide kwetsbaarheid in Citrix Gateway en Citrix Application Delivery Controller