-----Original Message----- From: NANOG [mailto:nanog-bounces@nanog.org] On Behalf Of J. Hellenthal via NANOG Sent: Thursday, July 18, 2019 3:01 PM To: Ken Gilmour Cc: North Group Subject: Re: Twitter security team?
Or maybe a tweet to @twittersecurity
On Jul 18, 2019, at 13:59, J. Hellenthal <jhellenthal@dataix.net> wrote:
Yes/No ?
https://help.twitter.com/en/rules-and-policies/reporting-security- vulnerabilities
On Jul 18, 2019, at 13:45, Ken Gilmour <ken.gilmour@gmail.com> wrote:
Anyone on the list know how to contact the Twitter Security team?
Seems the new update allows an attacker to modify other people's tweets. The "Hackerone" form for reporting a vulnerability is the wrong form and
They also have a bug bounty program on HackerOne: https://hackerone.com/twitter the
"My account has been hacked" form is also the wrong form. The whole site has been compromised, I have evidence and can't contact anyone due to the lack of an appropriate form and the fact that the security@ email address doesn't work.
Thanks!