Dear security issue reporters:
In a big organization which does lots of things the info@ address may not end up with people who understand 'cross site scripting vulnerability' or other technical terms about computer security issues right away.
Please take the time to find a cert@ csirt@ abuse@ address, an rfc2350 document, a listing at https://www.trusted-introducer.org/directory/index.html or an upstream cert.
Reporting it at the right place can help a lot.
Dear organizations: make sure people trying to get in touch with you can find an entrypoint. You sometimes need to communicate with someone who does not want to buy something.
#infosec
Koos van den Hout /
npub15r…psu9d
2025-02-14 13:26:24
Author Public Key
npub15rjd6t8vdpc3u4rlxjnnm63z2rk9ele795xn9va3u5adzdqnqx3sjpsu9dSeen on
wss://relay.nostr.bandPublished at
2025-02-14 13:26:24Event JSON
{
"id": "7002c5dc94acf382d655503edbdfbb5378c9876a3eb9d64bf02c820041c4744d",
"pubkey": "a0e4dd2cec68711e547f34a73dea2250ec5cff3e2d0d32b3b1e53ad1341301a3",
"created_at": 1739539584,
"kind": 1,
"tags": [
[
"t",
"infosec"
],
[
"proxy",
"https://infosec.exchange/users/KHoos/statuses/114002466221216220",
"activitypub"
]
],
"content": "Dear security issue reporters:\n\nIn a big organization which does lots of things the info@ address may not end up with people who understand 'cross site scripting vulnerability' or other technical terms about computer security issues right away.\nPlease take the time to find a cert@ csirt@ abuse@ address, an rfc2350 document, a listing at https://www.trusted-introducer.org/directory/index.html or an upstream cert.\n\nReporting it at the right place can help a lot.\nDear organizations: make sure people trying to get in touch with you can find an entrypoint. You sometimes need to communicate with someone who does not want to buy something.\n#infosec",
"sig": "d70b2e37aa0a34a2ad82013ab0e5e8a9be812d08d0c0966d2c4876ab317a802b5720336263019b6d850d4d6d4682a9595928a13b77dfa4529b5433095e17865a"
}