Post AFK4lyAz1uhMfMpfRg by kev@fosstodon.org
 (DIR) More posts by kev@fosstodon.org
 (DIR) Post #AFK4lyAz1uhMfMpfRg by kev@fosstodon.org
       2022-01-11T06:50:57Z
       
       0 likes, 0 repeats
       
       Ahhhh! My STATIC site has a vulnerability! 😱#moa
       
 (DIR) Post #AFK5GwSlRvkgKVuyiu by RyuKurisu@fosstodon.org
       2022-01-11T06:57:25Z
       
       0 likes, 0 repeats
       
       @kev log4j? πŸ€”
       
 (DIR) Post #AFK78nI9raHTThCQwS by cedric@fosstodon.org
       2022-01-11T07:18:20Z
       
       0 likes, 0 repeats
       
       @kev Oops, it is defaced now ! πŸ˜‚ I've got an email from them once. Because a .gitignore file was publicly available, not the one of the main website.
       
 (DIR) Post #AFK7HSMJ3rfvA4GpSi by kev@fosstodon.org
       2022-01-11T07:19:29Z
       
       0 likes, 0 repeats
       
       Note: it’s a phishing email.
       
 (DIR) Post #AFKNWGpLoey50VwR4y by bignose@fosstodon.org
       2022-01-11T10:21:48Z
       
       0 likes, 0 repeats
       
       @kev but can you be sure, after all it claims they followed ISO/IEC 29147 standard guidelines
       
 (DIR) Post #AFKPBT5tDHmEsYsz7g by kev@fosstodon.org
       2022-01-11T10:40:31Z
       
       0 likes, 0 repeats
       
       @bignose yep, I'm absolutely certain. Clicking the link results in this page:
       
 (DIR) Post #AFKPOMKjezP7fyycgy by bignose@fosstodon.org
       2022-01-11T10:42:51Z
       
       0 likes, 0 repeats
       
       @kev guess it's down to a choice between trusting that page and trusting the ISOwe may never know who's right
       
 (DIR) Post #AFKPbL89Raefi4HRL6 by kev@fosstodon.org
       2022-01-11T10:45:10Z
       
       0 likes, 0 repeats
       
       @bignose well the page is a legitimate OBB URL so I'm inclined to trust it. Then there's this thread too:https://www.openbugbounty.org/forum/viewtopic.php?t=1446
       
 (DIR) Post #AFKTORSsQztLAUwTrc by s0lution@fosstodon.org
       2022-01-11T11:27:35Z
       
       0 likes, 0 repeats
       
       @kev @bignose I did notice some mention of emails from openbugSbounty.org vs openbugbounty.org. But the legit links in the email/ warning are odd.
       
 (DIR) Post #AFKjYMsvunkz7vsvFw by pyre35@fosstodon.org
       2022-01-11T14:28:23Z
       
       0 likes, 0 repeats
       
       @kev @bignose in each case, the terseness of the reply is hilarious to me: "We send signed emails from openbugbounty.org only".
       
 (DIR) Post #AFKs50D22lAJzMMGOW by mike@fosstodon.org
       2022-01-11T16:04:23Z
       
       0 likes, 1 repeats
       
       @kev Oh noes!!
       
 (DIR) Post #AFMSWsaPlmILxlqaTw by bignose@fosstodon.org
       2022-01-12T10:27:35Z
       
       0 likes, 0 repeats
       
       @pyre35 @kev when someone figures out how they hacked both ISO and IEC at the same time, call me
       
 (DIR) Post #AFMVAkWpLcJsSoJBS4 by polgz@fosstodon.org
       2022-01-12T10:57:04Z
       
       0 likes, 0 repeats
       
       @kevI don't know, Rick, I'd rather pay 🀣🀣🀣πŸ€ͺ