There was a piece a while ago of a guy that went to expired domains in Belgium, happened to buy an old domain from the police, and all of a sudden, started to have emails from the police with a mail server. Crazy how no one checked the domain.
Comment on Dutch cops arrest man after sending him confidential files by mistake
unexposedhazard@discuss.tchncs.de 10 hours ago
How is a fucking URL all you need to access confidential evidence on a police server. Lets bruteforce some URLs i guess?
ZeDoTelhado@lemmy.world 10 hours ago
unexposedhazard@discuss.tchncs.de 8 hours ago
Yeah i saw that back then, it happened multiple time with different organizations iirc.
lost_faith@lemmy.ca 8 hours ago
Ask Adrian Lamo. He “hacked” a few sites just by clicking links
Tetsuo@jlai.lu 8 hours ago
Or Aaron Swartz…
unexposedhazard@discuss.tchncs.de 6 hours ago
In germany its also catastrophic. I remember 3 stories off the top of my head where security researchers were raided or sued after reporting massive security issues in company software.