nanog mailing list archives

Re: Is soliciting money/rewards for 'responsible' security disclosures when none is stated a thing now?

From: "Valdis Klētnieks" <valdis.kletnieks () vt edu>
Date: Wed, 02 Mar 2022 22:41:36 -0500

On Wed, 02 Mar 2022 15:30:29 -0700, Brie said:

I just got this in my e-mail...

I am a web app security hunter. I spent some time on your website and found
some vulnerabilities. I see on your website you take security very
passionately.


I've gotten similar spam a number of times over the years (though people
offering to do SEO on my site are much more frequent).

The odd thing is - as far as I know, I don't *have* a website....

Attachment: _bin
Description:

Current thread:

Is soliciting money/rewards for 'responsible' security disclosures when none is stated a thing now? Brie (Mar 02)
- Re: Is soliciting money/rewards for 'responsible' security disclosures when none is stated a thing now? Kieran Murphy (Mar 02)
- Re: Is soliciting money/rewards for 'responsible' security disclosures when none is stated a thing now? Valdis Klētnieks (Mar 02)
- Re: Is soliciting money/rewards for 'responsible' security disclosures when none is stated a thing now? Denys Fedoryshchenko (Mar 04)
  - Re: Is soliciting money/rewards for 'responsible' security disclosures when none is stated a thing now? Joe Greco (Mar 04)
- Re: Is soliciting money/rewards for 'responsible' security disclosures when none is stated a thing now? Aaron de Bruyn via NANOG (Mar 04)