/mf2/2023/01/wtjdh/ · Jamie Tanna

Liked Terence Eden (@Edent@mastodon.social)

Post details

A question for #infosec practitioners. I've found an abandoned AWS bucket from a very large company. It serves all the images & fonts in their billing emails. I defensively registered it to prevent an attacker from injecting malicious content into the emails I receive. Then I emailed their security.txt contact to inform them and offering to transfer it back (for free, obviously). Was that the right thing to do? Should I have waited for a response from them before securing the bucket?

Fri, 27 Jan 2023 13:56 by Jamie Tanna . #security.

This post was filed under likes.

Interactions with this post

Below you can find the interactions that this page has had using WebMention.

Have you written a response to this post? Let me know the URL:

Do you not have a website set up with WebMention capabilities? You can use Comment Parade.