Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Full-disclosure] Google Sacure V2.0 -- Sacure Corporation

from [whupass] Network Security [Permanent Link]
Subject: [Full-disclosure] Google Sacure V2.0 -- Sacure Corporation
Date: Fri, 23 Nov 2007 15:36:34 -0500 
Dear Sacure Corporation, Todd Michael Cohan and FD:

This will be my last email, its getting boring, but I figured that 
I'd give Sacure the chance to clear the air. 

I've done a bit of research on the Sacure Corporation (Google) and 
decided that instead of "bashing" Sacure I'd just ask them some 
direct questions in public forum. And now, without further ado here 
are my     questions for Sacure (cc'd on this email):

1-) Why was your first customer portal a fake portal?

    Proof: (taken from Sacure's old portal)

    <input type="submit" name="Submit" value="Login"
    onClick="alert('Access Denied!')";/>

2-) Why has your second (current) customer portal been broken since
    August of 2007 (according to Google's cache)? (Or, you can just 
    try to login to your customer portal as many of us have, we all
    get the same SQL error.)

3-) Question 2 makes us wonder, do you have any customers that use 
your 
    Managed Security Services? If so, how can you afford to have 
your 
    portal broken for so long? 

4-) How can you be a "leader" if your customers can't even login to 
the
    portal? Aren't you lying to your customers?

Thank you for your time. You must be very busy doing important 
security stuff like Penetration Tests with Cross Site Shipping 
attacks. 






--
Save on Cell Phones. Click Now!
http://tagline.hushmail.com/fc/Ioyw6h4eWoRO1Fa9res5x6fp5rrDp3dp623oyg5ttAY3ULY6TLr0Gc/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [Full-disclosure] Google Sacure V2.0 -- Sacure Corporation, whupass <=
Previous by Date:  [Full-disclosure] Using CSRF to Attack Mobile Phones, avivra
Next by Date:  [Full-disclosure] [ MDKSA-2007:224-2 ] - Updated samba packages fix vulnerabilities, security
Previous by Thread:  [Full-disclosure] Using CSRF to Attack Mobile Phones, avivra
Next by Thread:  [Full-disclosure] [ MDKSA-2007:224-2 ] - Updated samba packages fix vulnerabilities, security
Indexes:  [Date] [Thread] [Top] [All Lists]