GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE

  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Conversation

Notices

  1. Embed this notice
    BrianKrebs (briankrebs@infosec.exchange)'s status on Friday, 09-Feb-2024 08:33:44 JST BrianKrebs BrianKrebs

    Just notified a company specializing in email security that their internal email -- and that of their customers -- was sitting out on the web.

    Each inbox -- whether for company customers or employees of those companies -- was viewable just by visiting a link with a web browser and clicking links. Everything was exposed in basically one big file index.

    This level of ineptitude is remarkable, and somehow they have a lot of customers (think state/local govs). To their credit, they took everything offline within a few minutes of my notifying them. But their entire business schtick is about how all your email is encrypted and protected and scanned and blah blah. Meanwhile, no it's not. At all.

    In conversation about 10 months ago from infosec.exchange permalink
    • feld likes this.

Feeds

  • Activity Streams
  • RSS 2.0
  • Atom
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.