Sunday, October 17, 2021

BugTraq security mailing list closes after 27 years

Must Read

Attacks Maybe about to Make even more Harmful and Tumultuous

Cybercriminals continue to be successfully running ransomware campaigns while requiring higher ransoms than ever - and things might be...

Russia’s Cybercrime has cost $49 bn in 2020

Cyber-attacks have price Russian businesses and taxpayers around 3.6 trillion roubles ($49 billion) this year, the nation's biggest lender...

Bug in a shared SDK may allow attackers to join calls undetected across multiple apps

A small library that provides audio and video call capabilities contain a bug that allows attackers to join audio...

BugTraq was launched in November 1993 and was one of the first mailing lists dedicated to exposing weaknesses.

BugTraq, one of the first mailing lists in the cybersecurity industry dedicated to publicly disclosing security errors, announced today that it will close at the end of the month, January 31, 2021.

The site played an important role in building the cybersecurity industry in its early, emerging days.

Founded by Scott Chasin on November 5, 1993, BugTraq provided the first intermediate site where security researchers could expose risks after vendors refused to release patches.

The site has been around for years in the official gray area. Discussions on the site about the legitimacy of “exposing” security breaches where traders refuse to patch the layers are what have created many guidelines for exposing risks, axioms in which many pest hunters work today.

Today, it sounds reasonable for a security researcher to disclose information about an insect that has been patched or stained, but back then, that information was often contradictory, sometimes leading to many legal threats.

But over time, BugTraq’s popularity and values ​​prevailed. The site became the first site where a major risk was announced at a time when researchers were not able to easily manage their sites and blogs.

The same list of bugs has been released following the original BugTraq model, and many security firms established over the years often end up scratching the site’s content as a basis for their risk profile.

BugTraq also shook hands several times, from Chasin to Brown University, and then to SecurityFocus, which was acquired by Symantec.

The site death started in 2019 when Broadcom acquired Symantec. Three months later, in February 2020, the site stopped adding new content, leaving only an empty shell.

Today, the finalists of the site have verified the status of the news portal and officially made the passage of BugTraq to infosec lore.

“At this time BugTraq address list services have not been prioritized, and this will be the last message on the list,” the message read.

Although many have seen it coming, the announcement of the site caused a tremendous explosion of modern cybersecurity veterans, many of whom had started or worked on the mailing list since its launch.

“I would liken it to the impact Twitter has now on the way we communicate today,” said Ryan Naraine, former director of security programs at Intel, and one of the veterans in the cybersecurity industry.

“Apart from the fact that it was compulsory to be there [on BugTraq] for live advice and recommendations on what was not a fully-fledged security industry.

“Lots of great news was originally announced at BugTraq and FullDisclosure [another list of similar addresses],” Naraine said.

“It’s a place where the Litchfield’s made a name for themselves in the early days. I remember David Litchfield throwing away Oracle research tools and research.

“It was a connecting watercooler that came out as a security industry.”

a2434345d63481a40f0d145881b41013?s=96&d=mm&r=g
Priyanshu Vijayvargiya
Founder and Editor-in-Chief of 'Virtualattacks Inc' Priyanshu Vijayvargiya is a cybersecurity analyst, Information Security professional, developer, and a white hat hacker.

Leave a reply

Please enter your comment!
Please enter your name here

Latest News

Unified endpoint management automation software to boost endpoint security

Endpoints are constantly connected to the internet, so they offer a gateway for cyberattacks. Endpoint security is simply the process...

Attackers Using Morse Code in phishing campaign to Evade Detection

Microsoft on Thursday revealed the techniques used by attackers to avoid detection using morse code in the phishing campaign.Microsoft also revealed the workings of...

Murata Manufacturing suffers data breach of employees and customer

Japanese electronic components manufacturer Murata has released an apology Notice for the data breach of thousands of files in June that contained bank account...

Everything about Signalling System 7(SS7)

Signaling System 7 (SS7) is an international telecommunication protocol standard that controls and regulates the network elements in a public switched telephone network (PSTN)....

Zimbra flaw lets attackers access the mail servers

Researchers discovered a flaw in the open-source Zimbra code. As a result, an attacker would gain unrestricted access to all sent and received emails...

More Articles Like This