this post was submitted on 28 Jan 2024
54 points (98.2% liked)

cybersecurity

3242 readers
2 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Enjoy!

founded 1 year ago
MODERATORS
top 3 comments
sorted by: hot top controversial new old
[–] ApathyTree@lemmy.dbzer0.com 25 points 9 months ago (2 children)

Well if that isn’t a great way to ensure nobody comes forward when they find major vulnerabilities, idk what is.

Hope he wins the appeal.

[–] Funkymatt@lemmy.world 6 points 9 months ago* (last edited 9 months ago)

It looks like the charges are from using the credentials they found not just for finding them. It's definitely a crap charge because logging into the DB exposed the wider issue of being able to access other customers records.

[–] xinayder@infosec.pub 1 points 9 months ago

The only thing I see they did wrong was to disclose the vulnerability before waiting for a comment from the software company.