| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 27 Oct 2007 00:06:27 -0400 From: scott <redhowlingwolves@...lsouth.net> To: full-disclosure@...ts.grok.org.uk Subject: Re: Google Sacure -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 They can't even spell 'secure'.What the hell is 'sacure'? Regards, Scott whupass@...hmail.com wrote: > The truth about Sacure is that they have little to no capabilities > or talent what so ever. Their website has been malfunctioning since > well before August 2007 and they never caught it. Why would anyone > hire a “Managed Security” company that can’t detect issues in their > own network? How the hell are they going to detect issues in yours? > > Reference: > > http://lists.grok.org.uk/pipermail/full-disclosure/2007- > October/067050.html > > Furthermore, Sacure has a broken customer portal. How would a > “leader” in “Managed Security Services” not notice that their > customer portal was broken? When you try to login to the portal you > get an error that shows “Query failed : Table > ‘sacure123.assessment’ doesn’t exist”. The obvious comes to mind; > Sacure must not have any customers that use their “Managed Security > Service”… so… how are they a leader again? > > In addition Sacure also claims that they are “Professional Security > Service” experts. This is obviously bullshit. When you read through > the materials on their website you find things like references to > XSS (“Cross-Site Shipping”). What the fuck is that? Are they going > to send UPS to assess your network? Last time I checked XSS was > Cross-Site Scripting. > > Reference: > > http://lists.grok.org.uk/pipermail/full-disclosure/2007- > October/067065.html > > I wish that people in the security community would take the time to > expose the “fake” security companies like Sacure for what they > really are. This would help innocent buyers who do not know any > better to avoid companies like Sacure. It would help them to avoid > being ripped off. > > Sacure… it’s a fucking joke. > > > On Fri, 26 Oct 2007 00:27:34 -0400 scott > <redhowlingwolves@...lsouth.net> wrote: >> First off,it's on GoDaddy (dot)com.That should be the first >> pointer. >> >> >> >> Michael Bann wrote: >>> Maybe it's a joke. :-) >>> >>> Fabrizio wrote: >>>> Way too much info. >>>> >>>> Let's map out some tables names now.... >>>> >>>> http://www.sacure.com/login_process.php >>>> >>>> On 10/25/07, *Juha-Matti Laurio* <juha-matti.laurio@...ti.fi >>>> <mailto:juha-matti.laurio@...ti.fi>> wrote: >>>> >>>> >> http://www.sacure.com/news/home/sacure-to-offer-security-staffing- >> and-consulting-services/ >>>> generates the same result as well. >>>> >>>> - Juha-Matti >>>> >>>> _______________________________________________ >>>> Full-Disclosure - We believe in it. >>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >>>> <http://lists.grok.org.uk/full-disclosure-charter.html> >>>> Hosted and sponsored by Secunia - http://secunia.com/ >>>> >>>> >>>> ---------------------------------------------------------------- >> -------- >>>> _______________________________________________ >>>> Full-Disclosure - We believe in it. >>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >>>> Hosted and sponsored by Secunia - http://secunia.com/ > > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHIrlAxajqy/aNaRsRApwMAJ9Obal+uzlNax+l2uat0PZMMMtmowCeMz99 JC1z7NFsDBtvGqI46zXYCWg= =iXxr -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists