| ▲ | tardedmeme 6 hours ago | |
I wonder if this is how Handala group recently stole the list of service members. How do people find these vulnerabilities within the immense scope of the whole internet? Are they going around with some kind of generic API scanner that discovers APIs? | ||
| ▲ | yellowapple 2 hours ago | parent | next [-] | |
Probably based on insider info to some degree; if you already do any sort of work for the DoD, then that tends to help narrow the scope of the search for vulnerable things to exploit. | ||
| ▲ | fragmede an hour ago | parent | prev [-] | |
Yes. http://shodan.io | ||