@msolnik @ncardozo @daveaitel I disagree. You get in with the most public thing you can get in with.
-
-
-
IMHO VUPEN bugs aren't disclosed widely enough for non-attrib benefits. exploit-db, MSF, yes.
-
if you can pay 100k for an exploit that gets you on a target and doesn't expose your vulns, why not?
-
As an IR analyst, would love that signal. Informs severity of incident, assists in attribution.
-
If someone uses code from exploit-db or MSF, tells me nothing. Only that attacker knows copy-paste.
End of conversation
New conversation -
-
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
