Threat Talks
Zero Trust with John Kindervag – Threat Talks on tour: Live from the RSA
Threat Talks on Tour - Live from the RSA | Part 1 Zero Trust with John Kindervag In this special episode of Threat Talks, host Lieuwe Jan Koning interviews John Kindervag, the creator of Zero Trust, at the RSA conference in San Francisco. They delve into the...
Healthcare: Responsibilities, regulations and legacies
Listen to The Threat Talks on:Your cybersecurity expertsLieuwe Jan Koning Co-Founder and CTO, ON2ITRob Maas Field CTO, ON2ITSina Yazdanmehr Founder and Managing Director, Aplite GmbHHealthcare: Responsibilities, regulations and legacies The episode discusses the...
Unraveling CVE-2024-3400: a comprehensive analysis of the vulnerability
Listen to The Threat Talks on:Your cybersecurity expertsLieuwe Jan Koning Co-Founder and CTO ON2IT GroupLuca Cipriano Threat Intel Specialist ON2ITRob Maas Field CTO ON2ITUnraveling CVE-2024-3400 A Comprehensive Analysis of the Vulnerability In this special episode of...
Supply Chain: Business as usual?
Listen to The Threat Talks on:Your cybersecurity expertsLieuwe Jan Koning Co-Founder and CTO ON2ITLuca Cipriano Threat Intel Specialist ON2ITMatthijs Zwart CIO and CISO Vitens Supply chain: Business as usual? As reliance on third-party and open-source software grows,...
The Authentication Apocalypse
Your cybersecurity expertsLieuwe Jan Koning Co-Founder and CTO, ON2ITLuca Cipriano Threat Intel Specialist, ON2ITHarald Bosman Senior Endpoint Engineer, AMS-IXThe Authentication Apocalypse Word of data breaches and stolen credentials reaches the news almost every...
Does remote work?
Listen to The Threat Talks on:Your cybersecurity expertsRob Maas Field CTO ON2ITLieuwe Jan Koning Co-Founder and CTO ON2ITLuca Cipriano Threat Intel Specialist ON2ITDoes remote work? Allowing remote access, is required for almost all enterprises. But enablling remote...
Can’t deny DDoS in 2024?
Listen to The Threat Talks on:Your cybersecurity expertsPeter van Burgel CEO AMS-IXLieuwe Jan Koning Co-Founder and CTO ON2IT GroupLuca Cipriano Threat Intel Specialist ON2ITCan't deny DDoS in 2024? DDoS attacks are becoming increasingly more frequent, and there...
Deep Dives
Dutch Law Enforcement Data Breach
Dutch Law Enforcement Data Breach Imagine the phone numbers of police officers, DAs, and even critical key witnesses being hacked and leaked to the public. This isn’t the opening...
Conti Ransomware Attack on Costa Rican Government
Conti Attack on Costa Rica When Ransomware Halts a Nation In a devastating demonstration of the impact of a ransomware attack, the Conti group launched an attack against Costa...
MGM Resorts Ransomware Attack
MGM Resorts ALPHV/BlackCat Ransomware Attack Cybercrime Meets Fake News MGM Resorts, one of the world’s largest casino operators, found itself in the spotlight for all the wrong...
UNIX CUPS Remote Code Execution
UNIX CUPS Remote Code Execution The Fallacy of Default Trust "Hello! I'm a Printer! Please Let Me In, thank you!" – It may sound absurd, but this is how attackers can trick your...
XZ Utils Critical Backdoor (CVE- 2024-3094)
XZ Utils Critical Backdoor The Fallacy of Secure Open Source Code How much time would you spend on executing the perfect hack? The user going by the name of ‘JIAT75’ spent almost...
Deep Dive – CrowdStrike auto-update disaster
CrowdStrike Auto-Update Disaster The Fallacy of automatic updates Last July’s CrowdStrike outage led to closed airports, inaccessible bank accounts and hospitals that were only...
Deep Dive – Binance Exchange Hack
Binance BNB Exchange Hack The Binance BNB Chain Attack – A Deep Dive Into Crypto Vulnerabilities Imagine creating millions in cryptocurrency without spending a cent. In this...
Deep Dive – Ballast System Hack
Ballast System Hack Ever been asked to hack a boat? When Luca Cipriano and Jeroen Scheerder were given the challenge, they took an unexpected approach—step one: build the boat...
Deep Dive – Securing AIS
Securing AIS AIS (Advanced Identification System) is an incredibly important tool in maritime navigation, allowing ships to transmit their location and data to other vessels and...
Deep Dive – HTTP/2 Rapid Reset Attack
HTTPS/2 Rapid Reset DDoS method Flooding targeted servers and websites The HTTP/2 Rapid Reset attack is a powerful new DDoS method that exploits weaknesses in the HTTP/2...
Deep Dive – Capital One Data Breach
Capital One Data Breach Compliance-induced false sense of security Capital One—a leader in finance—learned the hard way that even compliant systems can fail if they’re not...
Deep Dive – OKTA Data Breach
OKTA Data Breach Even security providers aren’t immune How does a company specializing in Identity and Access Management like OKTA suffer a data breach? In this case, a service...