• Minded Security is 1 of the top 11 Cyber Security firms in UK for innovation!

    Minded Security is 1 of the top 11 Cyber Security firms in UK for innovation!

  • Marco Morana, Director at Minded Security UK has released a brand new book on Process for Attack Simulation and Threat Analysis.

    Marco Morana, Director at Minded Security UK has released a brand new book on Process for Attack Simulation and Threat Analysis.

  • Are your developers aware about how to fix vulnerabilites in the code?

    Are your developers aware about how to fix vulnerabilites in the code?

  •  Is your management aware of cyber security risks?

    Is your management aware of cyber security risks?

  • Do you know which vulnerabilities have most impact to your business?

    Do you know which vulnerabilities have most impact to your business?

  • Are you verifying the JavaScript Code you are developing?

    Are you verifying the JavaScript Code you are developing?

  • Are the online transactions of my service under attack?

    Are the online transactions of my service under attack?

  • Are my outsourcers developing Secure Software?

    Are my outsourcers developing Secure Software?

  • Are my Internet facing applications secure?

    Are my Internet facing applications secure?

  • Is your company aware of cyber security risks?

    Is your company aware of cyber security risks?

  • Are you reviewing in depth your business critical application?

    Are you reviewing in depth your business critical application?

  • Are you reviewing in depth your mobile applications?

    Are you reviewing in depth your mobile applications?

  • Have you got a set of secure coding guidelines for all your technologies?

    Have you got a set of secure coding guidelines for all your technologies?

  • Minded Security Webinar

    Minded Security Webinar

Latest news from our blog

RCE in Oracle NetBeans Opensource Plugins: PrimeFaces 5.x Expression Language Injection

PrimeFaces is a open source User Interface (UI) component library for JavaServer Faces (JSF) based applications, sin...

Posted on Monday February 15, 2016

RAT WARS 2.0: Advanced Techniques for Detecting RAT Screen Control

In the landscape of web maliciousness Remote Administration Trojans [1] are not a new trend but their usage is still strong and growing steady. At its core a RAT is a backdoor facility used to let an attacker enter unnoticed into the victim computer to control it remotely: for example most banking trojan nowadays are using remote desktop modules to open a...

Posted on Friday February 05, 2016

Request parameter "_method" may lead to CakePHP CSRF Token Bypass

In CakePHP we noticed that under certain circumstances is it possible to bypass the built-in security checks offered by CSRF and anti-tampering.As stated in the official documentation "By using the Security Component you automatically get CSRF and form tampering protection" [1], however this is not true in case a form controller does not check whether the request is...

Posted on Tuesday January 12, 2016

3.100.000

end users protected

1000M

dynamic web pages scanned

17

Achieved Countries