The companies who do “damage control” on vulnerability reports by not admitting a vulnerability: do you realize that this strategy also prevents you from announcing having fixed the issue? And that people will keep suspecting forever that you didn’t? Is that really your goal?

Sign in to participate in the conversation
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.