case

case

DIVD responsibly discloses six new zero-day vulnerabilities to vendor

DIVD researchers have discovered and, in collaboration with the vendor, disclosed six new zero-day vulnerabilities in Enphase IQ Gateway devices.

case

CASE: Attackers exploit zero day vulnerabilities in Ivanti software, and hack the Norwegian governement

An unknown attacker exploited several zero-day vulnerabilities in two Ivanti services: Ivanti EPMM and Avanti Sentry. The DIVD helped notify users of Ivanti software.

case

OPERATION ENDGAME DIVD-2024-00019

As part of Operation Endgame the Dutch Police and Europol have infiltrated a number of botnets. During this infiltration they obtained data about the victims of these botnets. DIVD is …

case

CASE: KASEYA

One of the biggest (ransomware) cases in history, a case with a huge impact worldwide.

case

CASE: SMARTERMAIL

A DIVD researcher discovered multiple vulnerabilities in SmarterMail. Both vulnerabilities were found within the webmail frontend of SmarterMail.

case

CASE: EXPOSED BACNET DEVICES

During the Log4J crisis, researchers uncovered BACnet devices with open ports. Upon further investigation, more devices have been found running the BACnet protocol.

case

CASE: ATLASSIAN CONFLUENCE

After Veloxity identified a zero-day vulnerability, DIVD, DTC, and NSM cooperated to reach out to notify 18.469 vulnerable ISPs.

case

CASE: GLOBAL VMWARE ESXI RANSOMWARE ATTACKS

In cooperation with DIVD, NCSC-NL and several EU govcerts, 14,986 global vulnerable hosts were found and notified.

case

CASE : AUTHENTICATION BYPASS IN JETBRAINS TEAMCITY

A critical security issue was recently identified in TeamCity On-Premises. If abused, the flaw may enable an unauthenticated attacker with HTTP(S) access to a TeamCity server to perform bypass …

case

CASE: AUTHENTICATION BYPASS & REMOTE CODE EXECUTION IN CONNECTWISE SCREENCONNECT

A critical security issue was recently identified in ConnectWise ScreenConnect. If abused, the flaw may enable an unauthenticated attacker to bypass the authentication and execute remote code …