HP Security Research Blog
The HP Security Research blog provides a platform for security experts from across HP to discuss innovative research, industry observations, and updates on the threat landscape to help organizations proactively identify and manage risk.

HP Security Research OSINT (OpenSource Intelligence) articles of interest – September 27, 2014

OSINT.jpgWelcome to the September 27th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.

HP Security Briefing episode 17 - Thinking outside the sandbox

In this edition of the HP Security Briefing we discuss the modern browser, its plug-ins, the ever-shrinking attack surface and how to violate the trust boundaries of the sandbox.

Labels: HPSR| threatbriefing

HP Security Research: GNU Bash vulnerability "Shellshock" (CVE-2014-6271)

HP Security Research takes a look at GNU Bash vulnerability, CVE-2014-6271, offering their unique insight and recommendations for remediation.

Labels: HPSR

Reverse engineering NAND Flash Memory – POS device case study (part 2/3)

In my previous blog, I talked about a method for acquiring bare-metal images directly from NAND Flash memory. In that post, I used a Verifone POS device as my reverse engineering example. The next step is to dissect the image and change it into a more meaningful form for our investigation. Let’s start with making sense of the out-of-band (OOB) data from the image and removing bad blocks. After that, we will have a flat image that can be used for further analysis.

HP Security Research OSINT (OpenSource Intelligence) articles of interest – September 19, 2014

OSINT.jpgWelcome to the September 19th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.

HP Security Research OSINT (OpenSource Intelligence) articles of interest – September 12, 2014

OSINT.jpgWelcome to the September 12th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.  

Labels: HPSR

Converting executable file structure metadata to a feature vector, cook book examples

One of the major hurdles in the research we conducted on malicious files visualisation and clustering was trying to convert executable file structure metadata to a feature vector, also known as a data frame. To clarify the path we’ve taken and to make it easier to reproduce the results, we are showing the steps (with code examples) on how to convert the PE-structure raw data to an R package data frame.

Labels: HPSR

Reloaded: The Seven Pernicious Kingdoms, 2014 edition

13016697_ml.jpgJust shy of ten years after the release of the landmark Seven Pernicious Kingdoms taxonomy of software errors, the HP Software Security Research team has released a refreshed and revitalized edition of the ultimate guide to the failings that source code analysis can reveal. What’s new – and what endures? Read the refreshed HP Software Security Taxonomy

 

HP Security Research OSINT (OpenSource Intelligence) articles of interest – September 5, 2014

OSINT.jpgWelcome to the September 5th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.

Labels: HPSR| OSINT

Threat: Cryptographic Locker- Ransomware on a Budget

You’ve been hit by the new ransomware, Cryptographic Locker. Time to dust off that backup (you have a backup, don’t you?) and do a system restore, Right?

Labels: DVLabs| HPSR

Mobile Pwn2Own Tokyo 2014

HP Security Research’s Zero Day Initiative (ZDI) invites you to join us for the third annual Mobile Pwn2Own competition, to be held this year on November 12-13 at PacSec Applied Security Conference in Tokyo, Japan.  We’re looking forward to rewarding the world’s top researchers for demonstrating and disclosing their stealthy attacks on mobile devices, and we’re delighted that our friends at Google’s Android Security Team and BlackBerry are joining us again as sponsors.

Labels: HPSR

HP Security Research OSINT (OpenSource Intelligence) articles of interest--August 29, 2014


OSINT.jpgWelcome to the August 29th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.

Labels: HPSR

Working together toward secure development

IEE-14-TA-026-TA_CFSD_Logo_300dpi.png

 

Secure coding doesn’t have to be an exercise in developer pain, as a new whitepaper shows

Labels: HPSR

HP Security Briefing, episode 16 - Profiling an enigma: North Korea’s cyber threat landscape

In the latest edition of the HP Security Briefing, we discuss the cyber threat landscape within the Democratic People’s Republic of Korea.

The importance of languages for the professional developer

How building a small custom fuzzer demonstrates the importance of fluency in multiple programming languages. 

HP Security Research OSINT (OpenSource Intelligence) articles of interest--August 22, 2014

OSINT.jpgWelcome to the August 22nd edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.

Labels: HPSR

Reverse Engineering NAND Flash Memory – POS device case study (part 1/3)

Modern life wouldn’t be quite so modern without NAND Flash memory. It is used everywhere - from USB sticks and smart phones to security cameras and the Internet of Things (IoT). I’ve spent some time reverse engineering the NAND flash memory used in popular POS (Point of Sale) devices.  Aside from sharing my findings from the evaluation of these devices, I wanted to share the process I followed to acquire the right firmware and to perform the reverse engineering. 

How to Identify (and contribute) mobile platform vulnerabilities - Building your own SMS/MMS fuzzer

This past weekend at DEF CON 22, Matt Molinyawe and I presented to a full house. Clearly, there is a growing interest in mobile phones as an attack surface.

Labels: HPSR

HP Security Research OSINT (OpenSource Intelligence) articles of interest--August 15, 2014

OSINT.jpgWelcome to the August 15th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.  

Labels: HPSR

HP Security Research OSINT (OpenSource Intelligence) articles of interest--August 1, 2014

hpsr.jpgIt's the August 1st edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news. 

Labels: HPSR

HP Security Briefing, episode 15 - Bitcoin and security

In the July 2014 Security Briefing we look at Bitcoin, the largest of the emerging class of value-exchange mechanisms called cryptocurrencies.

There’s No Place Like Localhost: A Welcoming Front Door To Medium Integrity

This year, Abdul Aziz Hariri, Jasiel Spelman, and myself (Matt Molinyawe) of the Zero Day Initiative were involved in producing an exploit for this year’s Pwn4Fun. It demonstrated our work and that people from major companies could produce a full exploit in the name of charity, good will, and trying to make positive change in software without asking for anything in return. The Zero Day Initiative had also disclosed 6 additional Microsoft Internet Explorer vulnerabilities found by Abdul Aziz Hariri over the two weeks prior to this event.

Efficacy of MemoryProtection against use-after-free vulnerabilities

As of the July 2014 patch of Internet Explorer, Microsoft has taken a major step in the evolution of exploit mitigations built into its browser. The new mitigation technology is called MemoryProtection (or MemProtect, for short) and has been shown to be quite effective against a range of use-after-free (UAF) vulnerabilities. Not all UAFs are equally affected, however. Here we’ll discuss what MemoryProtection is and how it operates, and evaluate its effectiveness against various types of UAFs.

Labels: IE| MemoryProtection| UAF| ZDI

HP Security Research OSINT (OpenSource Intelligence) articles of interest--July 25, 2014

OSINT.jpgWelcome to the July 25th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.  

Labels: HPSR

HP Security Research ‘Talkapalooza’ dates released!

HP Security Research (HPSR) giants will hit the road for a four-month global tour that touches down on four continents. View the roster of conferences at which team members will be speaking and plan to join us!

Tags: conferences| HPSR
Labels: conferences| HPSR

Dyre times for online banking customers

HP DVLabs security researcher Mat Powell provides details on a one of the newer banking trojans on the scene. Customers in the US and UK should be aware of "Dyreza" or "Dyre" and its browser-hooking ways.

HP Security Research OSINT (OpenSource Intelligence) articles of interest--July 18, 2014

OSINT.jpgIt's the July 18th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.  

Labels: HPSR

Bitcoin and security (part 3 of 3)

In the final post of our Bitcoin series, we look at the possibilities for cybercrime involving the cryptocurrency – as a target, as an exchange mechanism, and as a contributing element.

Four years and counting: ZDI leads Frost & Sullivan disclosure field

HP Security Research has just learned that our Zero Day Initiative (ZDI) team has received the Global Frost & Sullivan Company of the Year Award for 2013 – the fourth year in a row we’ve been honored as the pre-eminent public vulnerability research program.  The award is an honor; reading Frost & Sullivan's report on the current state of vulnerability research is a treat.

Hacking POS Terminal for Fun and Non-profit

Point-of-Sale (POS) devices are an essential part of modern life; the blood line for merchants. As plastic payment cards have become the default payment method, the security of POS devices has become more crucial. I was interested in learning how real-world POS machines maintain security but “close examination” without the owner’s consent is a crime. I have no friends in business using POS devices, so I decided to order a used device for investigation. The Aloha POS system is known to be very popular in the hospitality sector. 

Search
Showing results for 
Search instead for 
Do you mean 
About the Author(s)
Follow Us


HP Blog

HP Software Solutions Blog

Labels
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation