It really should be, as social engineering is still, and probably always will be... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		jimt1234 on March 15, 2023 \| parent \| context \| favorite \| on: Two U.S. men charged in 2022 hacking of DEA portal It really should be, as social engineering is still, and probably always will be, the most vulnerable attack vector.

cuteboy19 on March 15, 2023 | [–]

White hats will become millionaires overnight

localplume on March 15, 2023 | [–]

Given how low quality most reports are for bug bounties, putting social engineering in scope publically would be dreadful for any employees. basically just authorized mass spam. social engineering in a private pentest though, sure.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact