cybersecurity

3404 readers

9 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Be kind
Limit promotional activities
Non-cybersecurity posts should be redirected to other communities within infosec.pub.

Enjoy!

founded 2 years ago

MODERATORS

[email protected]

Court charges dev with hacking after cybersecurity issue disclosure (www.bleepingcomputer.com)

submitted 11 months ago by [email protected] to c/[email protected]

3 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 22 points 11 months ago (2 children)

Well if that isn’t a great way to ensure nobody comes forward when they find major vulnerabilities, idk what is.

Hope he wins the appeal.

[–] Funkymatt 6 points 11 months ago* (last edited 11 months ago)

It looks like the charges are from using the credentials they found not just for finding them. It's definitely a crap charge because logging into the DB exposed the wider issue of being able to access other customers records.

[–] [email protected] 1 points 11 months ago

The only thing I see they did wrong was to disclose the vulnerability before waiting for a comment from the software company.