Add report about Apperta Foundation and Rob Dyke

[sickcodes]

Can you make it from a new PR so the merge block runs away?

[sickcodes]

Also put some documents in the goodies folder

[robdyke]

Will do

[sickcodes]

| 2021-03-06| [Apperta Foundation](https://apperta.org/)|[Rob Dyke](https://github.com/robdyke)|Secrets in public repositories|Security researcher had to launch GoFundMe campaign to fund legal costs defending civil and criminal threats over vulnerability disclosure - See [PortSwigger](https://portswigger.net/daily-swig/security-researcher-launches-gofundme-campaign-to-fight-legal-threat-over-vulnerability-disclosure) and Rob's [howto-disclose](https://robdyke.com/howto-disclose/) blog|

If you cbf syncing the forks just delete the fork, refork and I saved it here for you

[sickcodes]

I will manually add this incident unless @attritionorg wants to do the PR

[robdyke]

SYNC THE FORKS ROB, FFS (Note to self)

On Sun, 18 Apr 2021, 17:26 sickcodes, @.***> wrote:

I will manually add this incident unless @attritionorg https://github.com/attritionorg wants to do the PR

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/disclose/research-threats/pull/13#issuecomment-822018863, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAHF5AETFXC3G6NGO7DXSRDTJMB2JANCNFSM43APMKVA .

[attritionorg]

I will manually add this incident unless @attritionorg wants to do the PR

I added it, unless it got lost in a PR on the wrong branch. Can copy/paste from the Errata copy.

[sickcodes]

Oh yeah we also have different data @robdyke

This will fix your fork rob

git clone git@github.com:robdyke/research-threats.git
cd research-threats
git remote add disclose https://github.com/disclose/research-threats.git
git checkout -f disclose/master
git push origin HEAD:master

You'll get an error, so add -f for FORCE, just not adding in the above because people might accidentally fuck up their forks

[sickcodes]

<<<<<<< master | 2021-03-06| [Apperta Foundation](https://apperta.org/)|[Rob Dyke](https://github.com/robdyke)|Secrets in public repositories|Security researcher had to launch GoFundMe campaign to fund legal costs defending civil and criminal threats over vulnerability disclosure - See [PortSwigger](https://portswigger.net/daily-swig/security-researcher-launches-gofundme-campaign-to-fight-legal-threat-over-vulnerability-disclosure) and Rob's [howto-disclose](https://robdyke.com/howto-disclose/) blog| =======

| 2021-03-25 | [Apperta Foundation](https://apperta.org/) | [Rob Dyke](https://twitter.com/robdykedotcom/) | Sensitive Public Info | Dyke [discovered](https://twitter.com/robdykedotcom/status/1374667465955938306) that Apperta had sensitive information on their GitHub repo and informed them. Apperta [reported Dyke](https://twitter.com/robdykedotcom/status/1374667465955938306/photo/1) to the Northumbria Police department despite them making the serious error and him being a good citizen. They also [revoked the license](https://twitter.com/robdykedotcom/status/1374720875086413828) to the materials published under NHoS, which they funded, after [pledging full transparency](https://twitter.com/robdykedotcom/status/1374671205287002114) to other matters in years prior. Summary and more details [in BleepingComputer](https://www.bleepingcomputer.com/news/security/engineer-reports-data-leak-to-nonprofit-hears-from-the-police/). |

[sickcodes]

Which one do we want?

[robdyke]

the second one is good

On Sun, 18 Apr 2021, 17:38 sickcodes, @.***> wrote:

Which one do we want?

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/disclose/research-threats/pull/13#issuecomment-822020649, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAHF5AGBCV5BVTPJLEKOVPTTJMDIHANCNFSM43APMKVA .

[sickcodes]

Merged.

Added that Apperta Foundation is Supported by NHS England, NHS Digital