Re: [Full-disclosure] Google Sacure

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

They can't even spell 'secure'.What the hell is 'sacure'?

Regards,
Scott

whupass@xxxxxxxxxxxx wrote:
The truth about Sacure is that they have little to no capabilities
or talent what so ever. Their website has been malfunctioning since
well before August 2007 and they never caught it. Why would anyone
hire a “Managed Security” company that can’t detect issues in their
own network? How the hell are they going to detect issues in yours?

Reference:

http://lists.grok.org.uk/pipermail/full-disclosure/2007-
October/067050.html

Furthermore, Sacure has a broken customer portal. How would a
“leader” in “Managed Security Services” not notice that their
customer portal was broken? When you try to login to the portal you
get an error that shows “Query failed : Table
‘sacure123.assessment’ doesn’t exist”. The obvious comes to mind;
Sacure must not have any customers that use their “Managed Security
Service”… so… how are they a leader again?

In addition Sacure also claims that they are “Professional Security
Service” experts. This is obviously bull***. When you read through
the materials on their website you find things like references to
XSS (“Cross-Site Shipping”). What the *** is that? Are they going
to send UPS to assess your network? Last time I checked XSS was
Cross-Site Scripting.

Reference:

http://lists.grok.org.uk/pipermail/full-disclosure/2007-
October/067065.html

I wish that people in the security community would take the time to
expose the “fake” security companies like Sacure for what they
really are. This would help innocent buyers who do not know any
better to avoid companies like Sacure. It would help them to avoid
being ripped off.

Sacure… it’s a fucking joke.


On Fri, 26 Oct 2007 00:27:34 -0400 scott
<redhowlingwolves@xxxxxxxxxxxxx> wrote:
First off,it's on GoDaddy (dot)com.That should be the first
pointer.



Michael Bann wrote:
Maybe it's a joke. :-)

Fabrizio wrote:
Way too much info.

Let's map out some tables names now....

http://www.sacure.com/login_process.php

On 10/25/07, *Juha-Matti Laurio* <juha-matti.laurio@xxxxxxxx
<mailto:juha-matti.laurio@xxxxxxxx>> wrote:


http://www.sacure.com/news/home/sacure-to-offer-security-staffing-
and-consulting-services/
generates the same result as well.

- Juha-Matti

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
<http://lists.grok.org.uk/full-disclosure-charter.html>
Hosted and sponsored by Secunia - http://secunia.com/


----------------------------------------------------------------
--------
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFHIrlAxajqy/aNaRsRApwMAJ9Obal+uzlNax+l2uat0PZMMMtmowCeMz99
JC1z7NFsDBtvGqI46zXYCWg=
=iXxr
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Quantcast