[Full-Disclosure] fwd: Join "IE Dream Team"

From: Georgi Guninski (guninski_at_guninski.com)
Date: 12/30/03

  • Next message: Mikael Abrahamsson: "RE: [Full-Disclosure] weird worm ?" 
    To: full-disclosure@lists.netsys.com
Date: Tue, 30 Dec 2003 18:07:28 +0200

    hahahahahahaha.

    some people are buying exploder 0days for $200.

    hahahahahahaha.

    georgi

    attached mail follows:

    Date: Tue, 30 Dec 2003 17:46:06 +0200
To: <guninski@guninski.com>, <sandblad@acc.umu.se>, <http-equiv@excite.com>, <osioniusx@yahoo.com>, "Liu Die Yu" <liudieyuinchina@yahoo.com.cn>, <stardust@safecenter.net>, <jkuperus@planet.nl>

     

    ---------------------------------------------------------------

    Q:what is worse, a published technique or the unknown one?
    A:IE Dream Team
    ---------------------------------------------------------------

     <http://www.finjan.com/>
     <http://www.finjan.com/>
     
    Finjan Software - Mobile Code Research Center (MCRC),

    a department designated to detect the next attack by malicious hackers
    and

    Invent new proactive security technologies,

     

    Finjan MCRC recognizes that there is an abundance of technical security
    knowledge concerning as-yet-undisclosed vulnerabilities and exploit code
    that are constantly discovered or created by individuals and security
    groups.
    Some of this information may see the light of day on security mailing
    lists or eventually be disclosed as the result of a post-mortem analysis
    of a compromised computer system.

    Our "IE Dream Team" Program (IDT) compensates individuals who provide
    Finjan MCRC with advance notification of unpublished vulnerabilities
    and/or exploit code / Security Research .

     

    IE Dream Team
     
    Who
     

    Finjan MCRC would like to re craw best IE Security researchers ,

    To perform Research that will help Finjan MCRC to invent new Proactive
    security technologies :

     

    Georgi Guninski,
    jelmer ,
    Andreas Sandblad,
    http-equiv ,
    thePull ,
    Star Dust ,
    Die liu yu .
     
    What - The Offer
    Our "IE Dream Team" Program (IDT) compensates individuals who provide
    Finjan MCRC with advance notification of unpublished vulnerabilities
    and/or exploit code / Security Research .

     

    Finjan MCRC would like to re craw best IE Security researchers ,

    To perform Research that will help Finjan MCRC to invent new Proactive
    security technologies.

     

    We offer 200 $ per month , for virtual work, 1 day a week, according to
    MCRC assignment.

     

    We are interested in research on those following subjects:

    * Java Cellular Security (midlets).

    * Unpatched IE Vulnerabilities list.

    * Email security (Windows only , Outlook, OWA).

    * Active Content (Windows only: Active X , Java- MS only).

    * html, Style, java script valuations.

    * IE exploits.

    * web mails (exploits code, ways to protect).

    * DOT.NET client security.

    * feature security products development.

         ** Exploits POC will be a plus only .

     
    how - The Rules

    *

            The group members could work alone or share information between
    the group members , according to the assignments.
    *

            The researchers could continue post there finding without any
    Finjan MCRC approve,but will have to keep NDA and not to publish
    anything from Finjan assignments, with out getting permissions from MCRC
    manager , menashe Eliezer.
    *

            the researchers will get a Finjan email , hosting space (ftp) ,
    and salary .
    *

            the researchers will not perform Any Hacking actions by the name
    of finjan , or related to finjan products.
    *

            
            Payment : Finjan MCRC offers three methods of payment:
    1. Mail Check - Checks can be sent to a physical mailing address or a
    post office box.
    2. Personal PayPal Account -PayPal does not charge fees to the receiver
    of money in a Personal PayPal Account.
                                    Business PayPal Accounts are subject to
    fees based on your usage & history with PayPal.
    3. Western Union - Western Union is used in select countries only.

     
    Why-Motivation
     
    Full Disclosure is about being open and honest - as is Open Source -
    furthermore, competition is good for the overall security of the
    industry.
    Beyond this the information is out there...
    and there is still the equation of hard work and strict discipline as
    well as having an open mind.
    (the Pull - Unorthodox Bug Finding Techniques )

    When you find a root security bug you have often found a golden key into
    the systems of the world.
    If you are good, you give that up and report it to the proper
    authorities.
    If you are bad you steal a bunch of money and move to the Bahamas.
    (the Pull - Unorthodox Bug Finding Techniques )

    The same thing is true in physical security, though.
    There are a great many martial artists that could do some serious damage
    to a great many people at anytime.
    Very few martial artists ever go on a rampage.
    This is the honor of battle.
    Computer security is in the same paradigm.

    (the Pull - Unorthodox Bug Finding Techniques )
     
    Who are we- Finjan MCRC

     

    MCRC is the leading research department at Finjan Software, dedicated to
    the research and detection of potential Internet and e-mail attacks.
    MCRC's goal is to be one step ahead of malicious hackers attempting to
    exploit open platforms and technologies to develop next generation
    mobile malicious code, worms, trojans, viruses and spyware. MCRC
    researchers also contribute to the development of next generation
    defense tools for Finjan's proactive content security solutions. For
    more information, visit <http://www.finjan.com/mcrc/index.cfm>
    http://www.finjan.com/mcrc/index.cfm.

     

    About Finjan

    Finjan Software is the leading provider of proactive content security
    solutions to global organizations. Exceeding the preliminary level of
    defense typically offered by reactive anti-virus software solutions,
    Finjan's Vital Security family of products proactively respond to
    changing, yet-to-be-created Internet security threats and close the
    Window of Vulnerability. Finjan is recognized by analyst firm IDC as
    the leader in the worldwide malicious mobile code security market. For
    more information, visit http://www.finjan.com.

     

     

    -please free to contact me in any question regarding IE Dream team.

     

    Dror

    --------------------------------------------------------
    Dror Shalev
    +972-54-434-909
    +972-9-865-9440 ex 251
    drorshalev@finjan.com
    Security Portal Manager
    www.TheSecurityAuthority.com <outbind://79/www.TheSecurityAuthority.com>

    --------------------------------------------------------
    Q:what is worse, a published technique or the unknown one?

     <http://www.finjan.com/>
     <http://www.finjan.com/>
     
     

     

     

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

    r1c1.gif
    r2c1.gif
  • Next message: Mikael Abrahamsson: "RE: [Full-Disclosure] weird worm ?"