[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4722B943.1090002@bellsouth.net>
Date: Sat, 27 Oct 2007 00:06:27 -0400
From: scott <redhowlingwolves@...lsouth.net>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Google Sacure
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
They can't even spell 'secure'.What the hell is 'sacure'?
Regards,
Scott
whupass@...hmail.com wrote:
> The truth about Sacure is that they have little to no capabilities
> or talent what so ever. Their website has been malfunctioning since
> well before August 2007 and they never caught it. Why would anyone
> hire a “Managed Security” company that can’t detect issues in their
> own network? How the hell are they going to detect issues in yours?
>
> Reference:
>
> http://lists.grok.org.uk/pipermail/full-disclosure/2007-
> October/067050.html
>
> Furthermore, Sacure has a broken customer portal. How would a
> “leader” in “Managed Security Services” not notice that their
> customer portal was broken? When you try to login to the portal you
> get an error that shows “Query failed : Table
> ‘sacure123.assessment’ doesn’t exist”. The obvious comes to mind;
> Sacure must not have any customers that use their “Managed Security
> Service”… so… how are they a leader again?
>
> In addition Sacure also claims that they are “Professional Security
> Service” experts. This is obviously bullshit. When you read through
> the materials on their website you find things like references to
> XSS (“Cross-Site Shipping”). What the fuck is that? Are they going
> to send UPS to assess your network? Last time I checked XSS was
> Cross-Site Scripting.
>
> Reference:
>
> http://lists.grok.org.uk/pipermail/full-disclosure/2007-
> October/067065.html
>
> I wish that people in the security community would take the time to
> expose the “fake” security companies like Sacure for what they
> really are. This would help innocent buyers who do not know any
> better to avoid companies like Sacure. It would help them to avoid
> being ripped off.
>
> Sacure… it’s a fucking joke.
>
>
> On Fri, 26 Oct 2007 00:27:34 -0400 scott
> <redhowlingwolves@...lsouth.net> wrote:
>> First off,it's on GoDaddy (dot)com.That should be the first
>> pointer.
>>
>>
>>
>> Michael Bann wrote:
>>> Maybe it's a joke. :-)
>>>
>>> Fabrizio wrote:
>>>> Way too much info.
>>>>
>>>> Let's map out some tables names now....
>>>>
>>>> http://www.sacure.com/login_process.php
>>>>
>>>> On 10/25/07, *Juha-Matti Laurio* <juha-matti.laurio@...ti.fi
>>>> <mailto:juha-matti.laurio@...ti.fi>> wrote:
>>>>
>>>>
>> http://www.sacure.com/news/home/sacure-to-offer-security-staffing-
>> and-consulting-services/
>>>> generates the same result as well.
>>>>
>>>> - Juha-Matti
>>>>
>>>> _______________________________________________
>>>> Full-Disclosure - We believe in it.
>>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>>> <http://lists.grok.org.uk/full-disclosure-charter.html>
>>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>>
>>>>
>>>> ----------------------------------------------------------------
>> --------
>>>> _______________________________________________
>>>> Full-Disclosure - We believe in it.
>>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>>> Hosted and sponsored by Secunia - http://secunia.com/
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFHIrlAxajqy/aNaRsRApwMAJ9Obal+uzlNax+l2uat0PZMMMtmowCeMz99
JC1z7NFsDBtvGqI46zXYCWg=
=iXxr
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists