cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
AlecTrevelyan
Community Champion

Insecure Business Machines at it again!

Hot on the heels of IBM ignoring a vulnerability disclosure from a security researcher, that could result in unauthenticated remote code execution as root, because he wasn't a paying customer...

 

(Yes, they later said there had been a process error in acknowledging the disclosure, but only after they were ripped to shreds in the security press: https://www.theregister.co.uk/2020/04/21/ibm_security_vulnerabilities/)

 

...they're now issuing take down requests for vulnerabilities in their software listed in exploit-db: https://twitter.com/offsectraining/status/1258155194535292928

 

I won't give my opinions about IBM's security practices or capabilities on here as I was always told if you don't have anything nice to say don't say anything at all! Smiley Tongue

 

0 Replies