#30: Security Researcher Gets Attacked After Vulnerability Disclosure
b'
What happens when a vendor attacks a security researcher who points out security flaws in their software? On this episode, we talk about two white-hat security researchers who discover multiple vulnerabilities in a vendor\\u2019s software system. The vendor initially ignores their concerns until the FBI gets involved. It culminates in a physical attack by the vendor\\u2019s COO on one of the researchers. We look at all the details around the vulnerabilities, discuss common disclosure concerns and how the FBI has opened up a \\u201cCyber Fusion\\u201d unit to act as a liaison between security teams and at-risk vendors.
Topics:
- Atrient has assaulted the security researcher who disclosed the vulnerability
- On reporting the vulnerability
- How the FBI got involved
- Vendor call with the FBI and the security researchers
- The Bug Bounty call
- The ICE Conference assault
- An email from Jessie Gill (Atrient COO)
Links:
Researcher Assaulted By A Vendor After Disclosing A Vulnerability
Shodan
Shodan wikipedia
Dylan on Twitter
Shodan Safari, where hackers heckle the worst devices put on the internet