Marco Morana, Director at Minded Security UK has released a brand new book on Process for Attack Simulation and Threat Analysis.
Latest news from our blog
In the landscape of web maliciousness Remote Administration Trojans  are not a new trend but their usage is still strong and growing steady. At its core a RAT is a backdoor facility used to let an attacker enter unnoticed into the victim computer to control it remotely: for example most banking trojan nowadays are using remote desktop modules to open a...
In CakePHP we noticed that under certain circumstances is it possible to bypass the built-in security checks offered by CSRF and anti-tampering.As stated in the official documentation "By using the Security Component you automatically get CSRF and form tampering protection" , however this is not true in case a form controller does not check whether the request is...
Abusing EL for executing OS CommandsExpression Language injection Wow! It may lead to remote command execution on modern Servlet environments. This was pointed out by Dan Amodio in 2012 with his art work exploit against Spring Double-Evaluation vulnerability (CVE-2011-...
end users protected
dynamic web pages scanned