Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://infosec.exchange/users/Walker/statuses/111903188474801075">Walker (walker@infosec.exchange)'s status on Saturday, 10-Feb-2024 04:52:14 JST</a><a href="https://infosec.exchange/@Walker" title="walker@infosec.exchange"><img src="https://gnusocial.jp/avatar/179451-48-20240825013945.webp" width="48" height="48" alt="Walker" style="position: absolute; left: 0; top: 0;">Walker</a><div><ul><li><li><a href="https://gnusocial.jp/user/38360" title="gossithedog@cyberplace.social">Kevin Beaumont</a></li></ul></div></section><article><p><a href="https://cyberplace.social/@GossiTheDog">@GossiTheDog</a> <a href="https://infosec.exchange/@briankrebs">@briankrebs</a> I have seen "security researchers" use bug bounty / vuln reports as a pitch for their consulting company. </p><p>They find somthing and for a consulting / reoprt generation fee will desclose it to the impatcted compnay.  If the compnay declines to pay the researcher issues threats that they will release it to the public or the company partners.</p><p>Its extortion by another name.</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/2697383#notice-5350642">In conversation</a><time datetime="2024-02-10T04:52:14+09:00" title="Saturday, 10-Feb-2024 04:52:14 JST">about 10 months ago</time> <span>from <span><a href="https://infosec.exchange/@Walker/111903188474801075" rel="external" title="Sent from infosec.exchange via ActivityPub">infosec.exchange</a></span></span><a href="https://infosec.exchange/@Walker/111903188474801075">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
Walker (walker@infosec.exchange)'s status on Saturday, 10-Feb-2024 04:52:14 JSTWalker
- BrianKrebs
- Kevin Beaumont
@GossiTheDog @briankrebs I have seen "security researchers" use bug bounty / vuln reports as a pitch for their consulting company.
They find somthing and for a consulting / reoprt generation fee will desclose it to the impatcted compnay. If the compnay declines to pay the researcher issues threats that they will release it to the public or the company partners.
Its extortion by another name.
In conversationabout 10 months ago from infosec.exchangepermalink

Public

Embed Notice

HTML Code

Corresponding Notice