Almost all my professional work is highly confidential and thus I cannot publicize about it. Sometimes I find time in my busy work schedule to write about some of my research which doesn’t fall under a non disclosure agreement. All my research projects are unpaid:
2022-10-06 | Bedrijf achter online VVD-voorzitterschapsverkiezing heeft beveiliging en privacy niet op orde |
2021-03-13 | Lots of Instagram celebrities hacked via copyright infringement phishing scam |
2020-11-18 | Autofabrikanten volgen bestuurders overal en verkopen wat ze over hen te weten komen |
2020-11-09 | Komende Tweede Kamerverkiezingen zijn wederom wéér te hacken |
2019-03-07 | Komende verkiezingen wederom ongezien te hacken |
2018-03-13 | Security assessment of Dutch election software |
2018-02-27 | De verborgen wereld van Nederlandse nepdatingsites met nepprofielen en teams van chatoperators |
2018-01-26 | Password database of MediaMarkt leaks again |
2017-12-30 | Biggest meeting place for pedophiles is hiding in plain sight, and the people behind it |
2017-09-29 | DocPlayer: One of the world’s most visited websites that nobody is aware of |
2017-01-31 | Websites Nederlandse politieke partijen onvoldoende beveiligd |
2017-01-30 | How to hack the upcoming Dutch elections – and how hackers could have hacked all Dutch elections since 2009 |
2016-12-20 | Access to 250,000+ event tickets and personal details |
2016-05-13 | How I accidentally found a huge data leak during a college lecture |
2015-12-08 | Epic failure of Phone House & Dutch telecom providers to protect personal data: How I could access 12+ million records |
2015-11-14 | Scanning an enterprise organisation for the critical Java deserialization vulnerability |
2015-10-04 | How I could hack internet bank accounts of Danish largest bank in a few minutes |
2015-07-27 | Full disclosure: multiple critical security vulnerabilities (including a backdoor!) in PHP File Manager |
2015-07-05 | Security risk analysis of address bar spoofing bug in Chrome and Opera |
2015-02-08 | Mitigations against critical universal cross-site scripting vulnerability in fully patched Internet Explorer 10 and 11 |
2014-11-18 | Cross-site scripting in millions of web sites |
2014-11-08 | 2.364 Nederlandse bedrijfswebsites met ernstige beveiligingslekken |
2014-11-01 | Password hash disclosure in Linksys Smart WiFi routers |
2012-03-14 | NU.nl gehackt: Malware-analyse |
2009-12-16 | Veiligheidsanalyse iDEAL Lite voorbeeldcode |
2009-12-01 | Multiple vulnerabilities including SQL injection in DirectAdmin |
2004-07-15 | Web Programmers Hacking Guide |