Membership is FREE, giving all registered users unlimited access to every DNForum feature, resource, and tool! Optional membership upgrades unlock exclusive benefits like profile signatures with links, banner placements, appearances in the weekly newsletter, and much more - customized to your membership level!

Reply to thread

Message

You can take it both way (it was a mistake which can happen / it was a stupid mistake and they should have known better - They are regularly "spammed" by people having supposedly found a security issue / They should have paid the guy to hear what he had to say), but I find this article from Techcrunch interesting:

Excerpt: "Leo told TechCrunch that a library used on Epik’s WHOIS page for generating PDF reports of public domain records had a decade-old vulnerability that allowed anyone to remotely run code directly on the internal server without any authentication, such as a company password."
[URL unfurl="true"]https://techcrunch.com/2021/09/17/epik-website-bug-hacked/[/URL]

It isn't necessarily "security practices" as a whole, even if that's what the haters want now everybody to believe.

<blockquote data-quote="DomainsGENERAL.com" data-source="post: 2346114" data-attributes="member: 322978425">You can take it both way (it was a mistake which can happen / it was a stupid mistake and they should have known better - They are regularly &quot;spammed&quot; by people having supposedly found a security issue / They should have paid the guy to hear what he had to say), but I find this article from Techcrunch interesting:Excerpt: &quot;Leo told TechCrunch that a library used on Epik’s WHOIS page for generating PDF reports of public domain records had a decade-old vulnerability that allowed anyone to remotely run code directly on the internal server without any authentication, such as a company password.&quot;[URL unfurl=&quot;true&quot;]https://techcrunch.com/2021/09/17/epik-website-bug-hacked/[/URL]It isn't necessarily &quot;security practices&quot; as a whole, even if that's what the haters want now everybody to believe.</blockquote>

[QUOTE="DomainsGENERAL.com, post: 2346114, member: 322978425"] You can take it both way (it was a mistake which can happen / it was a stupid mistake and they should have known better - They are regularly "spammed" by people having supposedly found a security issue / They should have paid the guy to hear what he had to say), but I find this article from Techcrunch interesting: Excerpt: "Leo told TechCrunch that a library used on Epik’s WHOIS page for generating PDF reports of public domain records had a decade-old vulnerability that allowed anyone to remotely run code directly on the internal server without any authentication, such as a company password." [URL unfurl="true"]https://techcrunch.com/2021/09/17/epik-website-bug-hacked/[/URL] It isn't necessarily "security practices" as a whole, even if that's what the haters want now everybody to believe. [/QUOTE]

Verification