all InfoSec news
Researchers demanding bounty - response?
Oct. 17, 2022, 1:44 p.m. | /u/Waving-Kodiak
cybersecurity www.reddit.com
How do you respond to ethical hackers/"researchers" wanting bounty for stuff you already know (but not yet fixed) or they seem a bit "scammy"?
We are getting contacted by several persons wanting bounty for vulnerabilities. Some email from gmail addresses, others do have a custom domain but very little information is provided. No initial reports, no links to bounty platforms or personal contact details etc.
Also, all of them have failed to use the email address stated in security.txt. …
More from www.reddit.com / cybersecurity
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Information Security Engineers
@ D. E. Shaw Research | New York City
Information Systems Security Officer (ISSO), Junior
@ Dark Wolf Solutions | Remote / Dark Wolf Locations
Cloud Security Engineer
@ ManTech | REMT - Remote Worker Location
SAP Security & GRC Consultant
@ NTT DATA | HYDERABAD, TG, IN
Security Engineer 2 - Adversary Simulation Operations
@ Datadog | New York City, USA