Closed robdyke closed 3 years ago
Also put some documents in the goodies folder
Will do
| 2021-03-06| [Apperta Foundation](https://apperta.org/)|[Rob Dyke](https://github.com/robdyke)|Secrets in public repositories|Security researcher had to launch GoFundMe campaign to fund legal costs defending civil and criminal threats over vulnerability disclosure - See [PortSwigger](https://portswigger.net/daily-swig/security-researcher-launches-gofundme-campaign-to-fight-legal-threat-over-vulnerability-disclosure) and Rob's [howto-disclose](https://robdyke.com/howto-disclose/) blog|
If you cbf syncing the forks just delete the fork, refork and I saved it here for you
I will manually add this incident unless @attritionorg wants to do the PR
SYNC THE FORKS ROB, FFS (Note to self)
On Sun, 18 Apr 2021, 17:26 sickcodes, @.***> wrote:
I will manually add this incident unless @attritionorg https://github.com/attritionorg wants to do the PR
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/disclose/research-threats/pull/13#issuecomment-822018863, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAHF5AETFXC3G6NGO7DXSRDTJMB2JANCNFSM43APMKVA .
I will manually add this incident unless @attritionorg wants to do the PR
I added it, unless it got lost in a PR on the wrong branch. Can copy/paste from the Errata copy.
Oh yeah we also have different data @robdyke
This will fix your fork rob
git clone git@github.com:robdyke/research-threats.git
cd research-threats
git remote add disclose https://github.com/disclose/research-threats.git
git checkout -f disclose/master
git push origin HEAD:master
You'll get an error, so add -f
for FORCE, just not adding in the above because people might accidentally fuck up their forks
<<<<<<< master | 2021-03-06| [Apperta Foundation](https://apperta.org/)|[Rob Dyke](https://github.com/robdyke)|Secrets in public repositories|Security researcher had to launch GoFundMe campaign to fund legal costs defending civil and criminal threats over vulnerability disclosure - See [PortSwigger](https://portswigger.net/daily-swig/security-researcher-launches-gofundme-campaign-to-fight-legal-threat-over-vulnerability-disclosure) and Rob's [howto-disclose](https://robdyke.com/howto-disclose/) blog| =======
| 2021-03-25 | [Apperta Foundation](https://apperta.org/) | [Rob Dyke](https://twitter.com/robdykedotcom/) | Sensitive Public Info | Dyke [discovered](https://twitter.com/robdykedotcom/status/1374667465955938306) that Apperta had sensitive information on their GitHub repo and informed them. Apperta [reported Dyke](https://twitter.com/robdykedotcom/status/1374667465955938306/photo/1) to the Northumbria Police department despite them making the serious error and him being a good citizen. They also [revoked the license](https://twitter.com/robdykedotcom/status/1374720875086413828) to the materials published under NHoS, which they funded, after [pledging full transparency](https://twitter.com/robdykedotcom/status/1374671205287002114) to other matters in years prior. Summary and more details [in BleepingComputer](https://www.bleepingcomputer.com/news/security/engineer-reports-data-leak-to-nonprofit-hears-from-the-police/). |
Which one do we want?
the second one is good
On Sun, 18 Apr 2021, 17:38 sickcodes, @.***> wrote:
Which one do we want?
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/disclose/research-threats/pull/13#issuecomment-822020649, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAHF5AGBCV5BVTPJLEKOVPTTJMDIHANCNFSM43APMKVA .
Merged.
Added that Apperta Foundation is Supported by NHS England, NHS Digital
Can you make it from a new PR so the merge block runs away?