alt Hacker NewsI wonder if this is how Handala group recently stole the list of service members.
How do people find these vulnerabilities within the immense scope of the whole internet? Are they going around with some kind of generic API scanner that discovers APIs?
Replies
fragmede • yesterday at 11:38 PM
Yes. http://shodan.io
Probably based on insider info to some degree; if you already do any sort of work for the DoD, then that tends to help narrow the scope of the search for vulnerable things to exploit.