My top 3 learnings: Implementing Network Access Control
Previously, as a red-teamer, I was assigned to break into a clients network with the goal to steal pre-defined flags. One of the flags was to establish consistent foothold in the network so we could gain access to internal systems from an internal perspective and use it as a way to exfiltrate data.... Read more
Citrix servers have backdoors everywhere, leading to a false sense of security
Fox-IT has detected a major exploitation campaign on Citrix NetScaler servers. In cooperation with the Dutch Institute of Vulnerability Disclosure (DIVD), the company is notifying victims. The attackers were able to compromise a huge number of servers in merely two days with the help of automation ... Read more
NCC Group wants to sell Fox-IT, CEO exits
Britain's NCC Group, owner of Fox-IT, plans to split up the Dutch security company and sell off parts. Fox-IT CEO Inge Bryan has announced her departure.
This is what de Volkskrant (source in Dutch) writes based on sources. Since the acquisition of Fox-IT in 2015 by the British NCC Group, things... Read more
Fox-IT makes incident response tool Dissect open source
Security firm Fox-IT has made Dissect open source. The tool automates incident response workflows. Fox-IT is publishing the source code in hopes of convincing other security companies to use and expand the tool.
Dissect bundles several tools into a single environment. The environment consists of... Read more