HP Security Research Blog
The HP Security Research blog provides a platform for security experts from across HP to discuss innovative research, industry observations, and updates on the threat landscape to help organizations proactively identify and manage risk.

Reverse Engineering NAND Flash Memory – POS device case study (part 1/3)

Modern life wouldn’t be quite so modern without NAND Flash memory. It is used everywhere - from USB sticks and smart phones to security cameras and the Internet of Things (IoT). I’ve spent some time reverse engineering the NAND flash memory used in popular POS (Point of Sale) devices.  (Figure 1) Aside from sharing my findings from the evaluation of these devices, I wanted to share the process I followed to acquire the right firmware and to perform the reverse engineering. You can find a brief introduction to this area in one of my previous blogs. I also recently presented the details of my research at Recon and Black Hat 2014. While the Recon presentation focused on the technical details of the technique, at Black Hat 2014, I showcased an advanced tool called DumpFlash and shared my experience with tamper detection, including a workaround method. In this series of blogs, I’m going to share these details and some other interesting facts as well.

 

How to Identify (and contribute) mobile platform vulnerabilities - Building your own SMS/MMS fuzzer

This past weekend at DEF CON 22, Matt Molinyawe and I presented to a full house. Clearly, there is a growing interest in mobile phones as an attack surface.

Labels: HPSR

HP Security Research OSINT (OpenSource Intelligence) articles of interest--August 15, 2014

OSINT.jpgWelcome to the August 15th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.  

Labels: HPSR

HP Security Research OSINT (OpenSource Intelligence) articles of interest--August 1, 2014

hpsr.jpgIt's the August 1st edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news. 

Labels: HPSR

HP Security Briefing, episode 15 - Bitcoin and security

In the July 2014 Security Briefing we look at Bitcoin, the largest of the emerging class of value-exchange mechanisms called cryptocurrencies.

There’s No Place Like Localhost: A Welcoming Front Door To Medium Integrity

This year, Abdul Aziz Hariri, Jasiel Spelman, and myself (Matt Molinyawe) of the Zero Day Initiative were involved in producing an exploit for this year’s Pwn4Fun. It demonstrated our work and that people from major companies could produce a full exploit in the name of charity, good will, and trying to make positive change in software without asking for anything in return. The Zero Day Initiative had also disclosed 6 additional Microsoft Internet Explorer vulnerabilities found by Abdul Aziz Hariri over the two weeks prior to this event.

Efficacy of MemoryProtection against use-after-free vulnerabilities

As of the July 2014 patch of Internet Explorer, Microsoft has taken a major step in the evolution of exploit mitigations built into its browser. The new mitigation technology is called MemoryProtection (or MemProtect, for short) and has been shown to be quite effective against a range of use-after-free (UAF) vulnerabilities. Not all UAFs are equally affected, however. Here we’ll discuss what MemoryProtection is and how it operates, and evaluate its effectiveness against various types of UAFs.

Labels: IE| MemoryProtection| UAF| ZDI

HP Security Research OSINT (OpenSource Intelligence) articles of interest--July 25, 2014

OSINT.jpgWelcome to the July 25th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.  

Labels: HPSR

HP Security Research ‘Talkapalooza’ dates released!

HP Security Research (HPSR) giants will hit the road for a four-month global tour that touches down on four continents. View the roster of conferences at which team members will be speaking and plan to join us!

Tags: conferences| HPSR
Labels: conferences| HPSR

Dyre times for online banking customers

HP DVLabs security researcher Mat Powell provides details on a one of the newer banking trojans on the scene. Customers in the US and UK should be aware of "Dyreza" or "Dyre" and its browser-hooking ways.

HP Security Research OSINT (OpenSource Intelligence) articles of interest--July 18, 2014

OSINT.jpgIt's the July 18th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.  

Labels: HPSR

Bitcoin and security (part 3 of 3)

In the final post of our Bitcoin series, we look at the possibilities for cybercrime involving the cryptocurrency – as a target, as an exchange mechanism, and as a contributing element.

Four years and counting: ZDI leads Frost & Sullivan disclosure field

HP Security Research has just learned that our Zero Day Initiative (ZDI) team has received the Global Frost & Sullivan Company of the Year Award for 2013 – the fourth year in a row we’ve been honored as the pre-eminent public vulnerability research program.  The award is an honor; reading Frost & Sullivan's report on the current state of vulnerability research is a treat.

Hacking POS Terminal for Fun and Non-profit

Point-of-Sale (POS) devices are an essential part of modern life; the blood line for merchants. As plastic payment cards have become the default payment method, the security of POS devices has become more crucial. I was interested in learning how real-world POS machines maintain security but “close examination” without the owner’s consent is a crime. I have no friends in business using POS devices, so I decided to order a used device for investigation. The Aloha POS system is known to be very popular in the hospitality sector. 

HP Security Research OSINT (OpenSource Intelligence) articles of interest--July 7th, 2014

OSINT.jpgIt's the July 7th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.  

Labels: HPSR

Bitcoin and Security: part 2 of 3

Delving more deeply into the mechanisms of Bitcoin, I examine how Bitcoin tackles two potential problems – counterfeiting and the fair distribution of currency – through interesting architectural choices, and show how two potential “wrongs” not only make a right, but provide fundamental strength to the system.

Why does Windows rearrange the arguments when executing external process?

Most people, including myself, would expect java.lang.Runtime.exec(String[]) to pass the arguments array to the command without any modification.

HPSR Software Security Content 2014 Update 2

HP Security Research and the Software Security Research group are pleased to announce the immediate availability of updates to HP WebInspect SecureBase (available via SmartUpdate), the HP Fortify Secure Coding Rulepacks (English language, version 2014.2.0), HP Fortify Runtime Application Protection, and HP Fortify Premium Content. 

 

The Software Security Research group translates cutting-edge security research into security intelligence that powers the HP Enterprise Security Products portfolio. Today, HPSR Software Security Content supports over 860 vulnerability categories across 21 programming languages and spanning more than 737,000 individual APIs.

 

 

HP Security Research OSINT (OpenSource Intelligence) articles of interest--June 27, 2014

OSINT.jpgIt's Friday, June 27th, and you know what that means--It's time for the list of HP Security Research OSINT articles of interest! 

Labels: HPSR

HP Security Briefing, episode 14 - malicious file vizualization and clustering

In this month’s Security Briefing, we conduct a number of experiments with file geometry visualization and clustering algorithms on malicious and clean files using R language. You can listen to this episode of the HP Security Briefing podcast on the Web or via iTunes, and you can read or download the detailed companion report report here.

HP Security Research OSINT (OpenSource Intelligence) articles of interest--June 20, 2014

OSINT.jpgIt's the June 20th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.  

Labels: HPSR

HP Security Research OSINT (OpenSource Intelligence) articles of interest--June 13, 2014

OSINT.jpgIt's time for the June 13th list of HP Security Research OSINT articles of interest! This is a list of publically available articles that we find relevant in today's security news.  

Labels: security

Playing with Adobe Flash Player Exploits and Byte Code

Basically, SWF files are not something you can avoid analyzing if you are dealing with real-life exploits. A good methodology when analyzing SWF files is also very beneficial for current malware research. I talked about automating SWF exploits and malware analysis in a previous presentation, but here I want to share a more manual methodology you can use for daily research. All the tools are free and some of them are open source. For this example, I used a sample with a SHA1 value of 300a7e4d54eca8641d7a19ceb4ab68bb76696816. This sample exploits the CVE-2014-0515 vulnerability. 

Bitcoin and security (part 1 of 3)

In the first post of a three-part series, we look at Bitcoin basics: how it works, where its security profile fits into the eternal confidentiality-integrity-availability triad, and why the underpinnings of the currency are a noteworthy attempt to solve one of Internet security’s thorniest problems. We also take a peek at the guts of a Bitcoin ATM – and recognize a familiar operating system under the hood.

HP Security Research OSINT (OpenSource Intelligence) articles of interest--June 6, 2014

OSINT.jpgIt's the first Friday in June--and here are your HP Security Research OSINT articles of interest. This blog post provides links to current events related to the cyber security industry. 

Labels: HP| security

Once Bled, Twice Shy (OpenSSL: CVE-2014-0195)

CVE-2014-0195 is the latest critical vulnerability in a string of OpenSSL bugs.  The bug was submitted through the HP Security Research Zero Day Initiative program and filter guidance was provided immediately in the form of predisclosure filters for TippingPoint customers exclusively.  Read on for more details about this vulnerability and the protection only TippingPoint customers can experience!

ZDI-14-173/CVE-2014-0195 - OpenSSL DTLS Fragment Out-of-Bounds Write: Breaking up is hard to do

Researchers are upping their efforts to review OpenSSL source code to find additional vulnerabilities.  This left us wondering: “What will we find next?”  Well, it didn’t take long for another critical OpenSSL vulnerability to show up in the queues at the Zero Day Initiative.  Jüri Aedla is credited for the original discovery of this vulnerability and this blog describes the vulnerability also known as ZDI-14-173 (CVE-2014-0195).

HP Security Briefing, episode 13 – The art and near-science of threat modeling

In this month’s briefing, we give an overview of the threat-modeling landscape – what it affects, how it got this way, what the current notable conditions are, and how to introduce the pertinent concepts to your organization.

HP Security Research OSINT (OpenSource Intelligence) articles of interest--May 30, 2014

OSINT.jpgIt's time for the May 30th list of HP Security Research OSINT articles of interest! This is a list of publically available articles that we find relevant in today's security news.  

Labels: HP| security
Search
Showing results for 
Search instead for 
Do you mean 
About the Author(s)
Follow Us


HP Blog

HP Software Solutions Blog

Labels
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation