Am I the only one thinking it will be like the Hotel Coral Essex from
Revenge of the Nerds II?
On 11/03/2011 03:28 PM, adam wrote:
"The rewards on offer will range from top-of-the range merchandise to
two major annual rewards such as free hotel accommodation and entry to
an IT security confere
I know it sounds lame, but getting even a free coffee mug for disclosing an
XSS or similar is not bad as far as I am concerned.
But out of curiosity, which companies (eg, ZDI) accept web app bugs? Say,
RCE bugs in a bunch of popular web apps or e-commerce applications? Or
LFI/Path traversal bugs i
On Fri, Nov 04, 2011 at 05:13:07AM +1100, GloW - XD wrote:
> Well, no comment, or comment its hard to comment on this one :P
> Although, i will say it is good and encouraging to see more security
> teams atleast offering *something*
> :)
> love the list...oh yea baby oh yea
>
>
the list is not
"The rewards on offer will range from top-of-the range merchandise to
two major annual rewards such as free hotel accommodation and entry to
an IT security conference chosen from a list of the most popular
global security conferences"
I'm especially curious to see exactly what the merchandise is.
Their 'rewards' do not seem to justify the vulnerability/exploit research time.
This is what ive been saying for uh, 3months now... but, do they ever?
And also, is it better to have even one more payer, than have nothing
atall... or sell to blackhat sites only ?
i guess this is atleast an alternat
good call.
On 4 November 2011 04:57, Georgi Guninski wrote:
> On Thu, Nov 03, 2011 at 05:46:15PM +0100, Michele Orru wrote:
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>> It seems that even XSS, XSRF and SQLi are accepted...
>> Interesting.
>>
>> Cheers
>> antisnatchor
>>
>> Georgi Gu
I think secunia has been doing this for quite some time, they may have
upped the ante abit, wich is great to see that theyre offering for
smaller bugs, so basically, like they are now an exploit-db , they
will makesure to try have *every* exploit on theyre db, those wich are
smaller and those wich
Their 'rewards' do not seem to justify the vulnerability/exploit research time.
"The rewards on offer will range from top-of-the range merchandise to
two major annual rewards such as free hotel accommodation and entry to
an IT security conference chosen from a list of the most popular
global secur
Well, no comment, or comment its hard to comment on this one :P
Although, i will say it is good and encouraging to see more security
teams atleast offering *something*
:)
love the list...oh yea baby oh yea
On 4 November 2011 01:25, Georgi Guninski wrote:
> http://www.theregister.co.uk/2011/1
On Thu, Nov 03, 2011 at 05:46:15PM +0100, Michele Orru wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> It seems that even XSS, XSRF and SQLi are accepted...
> Interesting.
>
> Cheers
> antisnatchor
>
> Georgi Guninski wrote:
> > http://www.theregister.co.uk/2011/11/02/secunia_vulner
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
It seems that even XSS, XSRF and SQLi are accepted...
Interesting.
Cheers
antisnatchor
Georgi Guninski wrote:
> http://www.theregister.co.uk/2011/11/02/secunia_vulnerability_rewards/
> Secunia jumps on vuln reward bandwagon
>
> have in mind the list
http://www.theregister.co.uk/2011/11/02/secunia_vulnerability_rewards/
Secunia jumps on vuln reward bandwagon
have in mind the list is "Hosted and sponsored by Secunia"
--
j
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/ful
12 matches
Mail list logo
