HP Security Research Blog
The HP Security Research blog provides a platform for security experts from across HP to discuss innovative research, industry observations, and updates on the threat landscape to help organizations proactively identify and manage risk.

HP Security Research OSINT (OpenSource Intelligence) articles of interest--August 22, 2014

Below, you will find the HP Security Research key articles of interest for August 22, 2014. These are publically available articles that are provided as a news service only. The intent of this blog post is to share current events related to the cyber security industry.


Targeted threat index: characterizing and quantifying politically-motivated targeted malware

This study highlights the important properties of malware threats with implications on how organizations can defend themselves and how threats can be quantified.


Stealthy, razor thin ATM insert skimmers

An increasing number of ATM skimmers targeting banks and consumers appear to be of the razor-thin insert variety. These card-skimming devices are made to fit snugly and invisibly inside the throat of the card acceptance slot. Here’s a look at a stealthy new model of insert skimmer pulled from a cash machine in southern Europe just this past week.


Checking in on Africa: the latest developments in cybercrime

In the early 2000s, Africa gained notoriety due to the 419 “Nigerian” scam. This scam involved making payments in exchange for a reward for helping so-called high-ranking Nigerian officials and their families. While all the scams may not have necessarily originated from Africa, the use of Nigerian officials was imprinted upon the public consciousness, thereby forever associating this scam with the continent.


White House cybersecurity czar brags about his lack of technical expertise

Michael Daniel is the White House's cybersecurity coordinator, the man who "leads the interagency development of national cybersecurity strategy and policy" for the president. And in a recent interview with GovInfoSecurity, he argued that his lack of technical expertise gave him an advantage in doing that job.


Syrian malware, the ever-evolving threat

The Global Research and Analysis Team (GReAT) at Kaspersky Lab has discovered new malware attacks in Syria, with malicious entities using a plethora of methods from their toolbox to hide and operate malware. In addition to proficient social engineering tricks, victims are often tempted to open and explore malicious files because of the dire need for privacy and security tools in the region. In the hopes of maintaining anonymity and installing the latest “protection”, victims fall prey to these malicious creations. A vast majority of the samples obtained were found on activist sites and in social networking forums.


From the Aether to the Ethernet—attacking the Internet using broadcast digital television

In the attempt to bring modern broadband Internet fea- tures to traditional broadcast television, the Digital Video Broadcasting (DVB) consortium introduced a specifi- cation called Hybrid Broadcast-Broadband Television (HbbTV), which allows broadcast streams to include em- bedded HTML content which is rendered by the televi- sion. This system is already in very wide deployment in Europe, and has recently been adopted as part of the American digital television standard.


Website attack attempts via Vegas Rose during Black Hat, DEF CON

On a "normal" day, an average of 20 malicious web traffic events originating in Las Vegas hit Imperva's security customers. During Black Hat USA and DEF CON earlier this month, that number jumped more than 100 times the volume, according to a snapshot of data the firm compiled. Barry Shteiman, director of security strategy at Imperva, was curious about just how much more malicious activity really does occur during big hacker-heavy conferences like Black Hat and DEF CON, so he measured the malicious traffic coming from Las Vegas the week of the two major shows and found the number reached a high of 2,612 web attacks aimed at its customers.


Researchers find it’s terrifyingly easy to hack traffic lights

Taking over a city’s intersections and making all the lights green to cause chaos is a pretty bog-standard Evil Techno Bad Guy tactic on TV and in movies, but according to a research team at the University of Michigan, doing it in real life is within the realm of anyone with a laptop and the right kind of radio. In a paper published this month, the researchers describe how they very simply and very quickly seized control of an entire system of almost 100 intersections in an unnamed Michigan city from a single ingress point.


Kicking the stool out from under the cybercrime economy

Put simply, cybercrime, especially financial malware, has the potential to be quite the lucrative affair. That's only because the bad guys have the tools to make their work quick and easy, though. Cripple the automated processes presented by certain malware platforms, and suddenly the threats -- and the losses --aren't quite so serious.


Foreign state actors hack US nuke regulator through phishing attacks

A recent investigation has revealed that the United States Nuclear Regulatory Commission (NRC) has been successfully hacked three times in the last three years. Documents were obtained by Nextgov through an open-record request, showing two of the incidents involved hackers from a foreign government, while the other perpetrator has not yet been identified. According to the report, all three attacks used phishing scams to trick personnel into clicking malicious links or unknowingly downloading malware.


Nuclear Regulatory Commission's computers hacked three times in three years

Nuclear Regulatory Commission (NRC) computers were hacked twice by foreigners and once by an unidentifiable individual in the last three years, according to a recently obtained inspector general report. The commission, which handles licensing, inspection and enforcement of nuclear requirements, might have had documents and inner-system workings exposed in the attacks, according to Nextgov, who obtained the report via an open-records request.


Cybercrime exposed part 2: when adware goes bad – a closer look at adware

With the ostensibly harmless nature of adware, we are constantly tricked into believing that they are nothing but online nuisances. But underneath, they are marketing-engineered software that could potentially carry malicious programs to target your browsing behavior and spy on your other online activities.


2.1M stolen credit card numbers found on Russian hacker's laptop

Roman Valerevich Seleznev, a Russian national accused by United States authorities of operating several carding forums and hacking into point of sale (PoS) systems in an effort to steal payment card information, has been denied bail, the Department of Justice announced on Friday.


No VPN on Earth Can Protect Careless Pirates

Many people believe that by simply firing up a VPN their entire real-life identity can be instantly masked from outsiders. The truth is, however, that no amount of encryption or IP address obfuscation can save those who leave huge trails in their regular Internet activities.


The fast, fabulous, allegedly fraudulent life of Megaupload’s Kim Dotcom

The man once known as Kim Schmitz (and as Kimble, and as Kim Tim Jim Vestor, and finally as Kim Dotcom), now awaiting extradition from New Zealand to face charges of conspiracy, money laundering and copyright crimes in the US, has enveloped his actual life in a cloud of hype and bluster that echo the worst of the dot-com bubble from which he took his new surname. In 2001, the Telegraph called Schmitz “a PR man’s nightmare and a journalist’s dream.”


Labels: HPSR
Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Showing results for 
Search instead for 
Do you mean 
About the Author

Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.