When the exploit on CVE-2019-19781 was published on 11 January, researchers from the DIVD decided to scan the Dutch internet for vulnerabilities to report them. Frank Breedijk, founder and manager of DIVD’s Security Meldpunt will provide a demo on how the scanning and exploit works. He will also describe the painstaking endeavor of reporting vulnerabilities and why this needs to be done by a handful or crazy volunteers instead of the authorities right now.
The Dutch Institute for Vulnerability Disclosure was launched 1 October last year, to provide helphul hackers with a platform to do their research. Citrix was the first case that went public and there are many more to come. Board members Chris van ‘t Hof and Astrid Oosenbrug will provide an intro and are open for new volunteers.