Frank Breedijk
Crisis manager (+ CSIRT helper)
Frank is volunteer and part of DIVD’s management team since the start. As a response to the Citrix Crisis and a fundamental flaw in the Dutch system for ‘cyber target and victim notification’ he started the DIVD CSIRT which is operational since January 2020.
After het handed over title of Head of CSIRT to Leanneard oudshoorn, Frank stayed active in the DIVD CSIRT, but transitioned to the role of Crisis Manager.
Frank puts on his crisis management cape either when there is a treat to the existance of DIVD or during high profile cases such as e.g. the SolarMan case.
Frank has over 25 years of cyber security experience, his current day-job is CISO at Schuberg Philis where he has been employed for the last 18+ years. He is very active in the Dutch community as secretary of the Nederlands Security Meldpunt, chairman of the MSP-ISAC and in DefCon Holland. He is an experienced keynote speaker and has presented at many conferences, he is also known for his balloon folding and fire breathing workshops at various hacker events. If you want him to waist your time ask him about his farmhouse form 1751, beekeeping or his telex machine.
Featured articles
- Fox-IT and DIVD cooperate to warn owners of vulnerable Citrix servers
- Fortinet sslvpnd vulnerability - update
- Closing GeyNoise Ukraine Only case
- ITarian critical vulnerabilities
- Confluence 0-day
- Kaseya Full Disclosure
- DIVD is a CVE Numbering Authority
- NMAP script for GitLab CVE-2021-22205
- Exchange ProxyShell and ProxyOracle
- Kaseya Unitrends update
- Vembu BDR Full Disclosure
- Social media consolidation
- Planned Vembu Full Disclosure
- Kaseya VSA Limited Disclosure
- Closing ProxyLogon case / Case ProxyLogon gesloten
- Additionele exchange scan script/additional exchange scan script
- Actief misbruik Exchange Zero-day / Active abuse Exchange Zero-day
- Phising slachtoffer notificatie / Victim notification phishing
- wpDiscuz kwetsbaarheid maakt het mogelijk systeem over te nemen / wpDiscuz vulnerability allows system takeover
- Datadump met informatie over vermoedelijk gehackte PulseVPN systemen gelekt / Datadump with information on hacked PulseVPN systems leaked
- Ernstige lek in Citrix ShareFile storage server / Critical vulnerability in Citrix ShareFile storage server
- Mircosoft repareert lek in SMB v3 / Microsoft patches vulnerability in SMB v3
- Ernstig ongepatched lek in SMB v3 / Critical unpatched vulnerability in SMB v3
- Citrix talk en demo bij Hackerhotel / Citrix talk and demo at Hackerhotel
- Wederom Citrix meldingen / Citrix notifications again
- BlueGate patch restart?
- DIVD Call For Volunteers
- Wildcard certificaten aangetroffen op veel kwetsbare Citrix ADC systemen / Lots of vulnerable Citrix ADCs used wildcard certificates
- Eerste Citrix patches beschikbaar, andere patches sneller / First Citrix patches available, other patches available sooner
- We gaan weer door met scannen en melden ! / We have resumed scanning and notifying !
- Citrix mitigatie blijkt niet betrouwbaar / Citrix mitigation turns out to be unreliable
- Controles voor de Citrix ADC compromittatie / Checks to see if your Citrix ADC is compromised
- Wijd verspreide kwetsbaarheid in Citrix Gateway en Citrix Application Delivery Controller
CSIRT cases
- DIVD-2024-00022 - Millions of credentials scraped from Telegram
- DIVD-2024-00019 - Victim Notification Operation Endgame
- DIVD-2024-00014 - Qlik Sense Remote Code Execution
- DIVD-2024-00011 - Six vulnerabilities in Enphase IQ Gateway devices
- DIVD-2024-00001 - Auth. Bypass and Command Injection in Ivanti VPN appliance
Show more Show less
- DIVD-2023-00001 - Citrix systems vulnerable for CVE-2022-27510 and/or CVE-2022-27518
- DIVD-2022-00068 - Multiple vulnerabilities identified within White Rabbit Switch from CERN
- DIVD-2022-00064 - Multiple injection vulnerabilities identified within Axiell Iguana CMS
- DIVD-2022-00063 - Memory overflow vulnerability in FortiOS SSL VPN
- DIVD-2022-00048 - Dossier Energy Transition
- DIVD-2022-00045 - Injection vulnerability found within Socket.io
- DIVD-2022-00033 - Atlassian Confluence 0-day unauthenticated RCE
- DIVD-2022-00020 - Inproper input validation vulnerabilities identified within Feathers.js
- DIVD-2022-00014 - GreyNoise's Ukraine only list
- DIVD-2022-00013 - The curious case of the odd update.microsoft.com certificates
- DIVD-2022-00009 - SolarMan backend administrator account/password
- DIVD-2021-00037 - Critical vulnerabilities in ITarian MSP platform and on-premise solution
- DIVD-2021-00030 - GitLab Unauthenticated RCE Flaw
- DIVD-2021-00027 - Apache HTTP 2.4.49 Path Traversal and File Disclosure
- DIVD-2021-00026 - Omigod: Microsoft Open Management Interface RCE
- DIVD-2021-00022 - Exchange ProxyShell and ProxyOracle
- DIVD-2021-00020 - OSNexsus QuantaStor limited disclosure and product warning
- DIVD-2021-00014 - Kaseya Unitrends
- DIVD-2021-00012 - Warehouse Botnet
- DIVD-2021-00011 - Kaseya VSA Disclosure
- DIVD-2021-00002 - Kaseya VSA
- DIVD-2021-00001 - Microsoft on-prem Exchange Servers
- DIVD-2020-00013 - Gelekte phishing wachtwoorden / Leaked phishing credentials
- DIVD-2020-00012 - 49 000 vulnerable Fortinet VPN devices
- DIVD-2020-00011 - Four critical vulnerabilities in Vembu BDR
- DIVD-2020-00010 - wpDiscuz plugin Remote Code Excution
- DIVD-2020-00009 - Pulse Secure VPN enterprise Leak
- DIVD-2020-00008 - 313 000 Wordpress sites scanned
- DIVD-2020-00005 - Apache Tomcat AJP File Read/Inclusion Vulnerability
- DIVD-2020-00002 - Wildcard certificaten Citrix ADC
- DIVD-2020-00001 - Citrix ADC