Blogs by Fox-IT
Detecting Ticketbleed (CVE-2016-9244)
Detection and mitigation for those running vulnerable F5 Appliances
2016 and 2017: plus ça change?
Looking back at 2016 and looking ahead to 2017
Fox-IT is observing botnet
Recent vulnerability in Eir D1000 Router used to spread updated version of Mirai DDoS bot
DDoS attacks of unprecedented scale. This is just the beginning!
Unsecured IoT devices pose threat to Internet availability
Ziggo ransomware phishing campaign still increasing in size
Fox-IT’s SOC observed fake Ziggo invoice e-mails linking to a ransomware variant known as TorrentLocker.
Mofang: A politically motivated information stealing adversary
Mofang (模仿, Mófa ̌ng, to imitate) is a threat actor that almost certainly operates out of China…
LinkedIn information used to spread banking malware in the Netherlands
Since early this morning (7th of June 2016, around 08:30 AM) the Fox-IT Security Operations Center…
Ransomware deployments after brute force RDP attack
Fox-IT has encountered various ways in which ransomware is being spread and activated.
Large malvertising campaign hits popular Dutch websites
On Sunday April 10th the Fox-IT Security Operations Center (SOC) started to see an increase of exploit…
Website of security certification provider spreading ransomware
Since Monday the 21st of March the Fox-IT Security Operations Center (SOC) has been observing malicious…
Papers by Fox-IT
Mofang: a politically motivated information stealing adversary
This report describes the results of an extensive study into the spy ring Mofang. It contains contextual as well as technical information about the group and its activities.
Cyber Threat Management platform: defense against known and unknown threats
In this whitepaper we are presenting our intelligence-driven and operational approach of cyber security and our Cyber Threat Management platform.
Ponmocup: a giant hiding in the shadows
This report describes the results of an extensive study about the Ponmocup botnet. It provides a complete time-line and unique insight into the modus operandi of the Ponmocup operation and describes the important details of the malware.
‘GameOver Zeus – Backgrounds on the Badguys and the Backends’
This whitepaper describes the results of the research we conducted together with the FBI on the cybercrime group ‘Businessclub’.
Fox DataDiode: Protecting Critical Assets and Production Environments
Whitepaper about the Fox DataDiode: a one-way data connection that protects the integrity and availability of critical assets in ICS-networks.
Protecting confidential information using data diodes
Briefing paper about how data diodes are used to protect confidential information.
Fox-IT in the Media
General Data Protection Regulation (GDPR)
6 tips to prepare your company for the GDPR
Data News Awards for Excellence 2017
Fox-IT nominated for the Data News Security Solution Award for Excellence
De Volkskrant: Hacker groups APT28 and APT29 affiliated with the Russian government
Russians failed to hack officials Dutch ministries
De Volkskrant: Security leak in Dutch voting advice site ‘Stemwijzer’
Frank Groenewegen: "Not enough thought went into ensuring security of Stemwijzer”
Hundreds of databreaches in 2016
Do local governments have their information security in order?
Cyberattacks on port facilities
Working on keeping hackers out
NRC Handelsblad: overview of the first year of Data Breach Notifications
Kevin Jonkers: “The healthcare sector is not very mature when it comes to IT.”
CFO Magazine – Half of all companies hacked at the moment
Menno van der Marel: “At some point, everybody gets hacked"
Security measures necessary for the global nuclear industry
Peter Geijtenbeek: "When it comes to cyber security, security awareness lags far behind"
Positive response to guest lecture by Ronald Prins
“It was very interesting to see how vulnerable we really are on the internet."