HP Security Research Blog
The HP Security Research blog provides a platform for security experts from across HP to discuss innovative research, industry observations, and updates on the threat landscape to help organizations proactively identify and manage risk.

HPSR Software Security Content 2014 Update 4

HP Software Security Research is pleased to announce the immediate availability of updates to HP Application Defender, HP WebInspect SecureBase (available via SmartUpdate), the HP Fortify Secure Coding Rulepacks (English language, version 2014.4.0), HP ArcSight Application View, and HP Fortify Premium Content. As of today, HPSR Software Security Content supports over 890 vulnerability categories across 22 programming languages, and spans more than 815,000 individual APIs.

North Korea and the attack on Sony Pictures Entertainment

34012373_s.jpgThe Sony Pictures Entertainment breach has taken a number of unprecedented turns since it came to light in late November. We analyze the situation and weigh in on what has transpired, and whether the smoking gun is definitely in North Korea’s hand.

Labels: Field| north korea| sony

HP Security Research OSINT (OpenSource Intelligence) articles of interest – December 12, 2014

OSINT.jpgWelcome to the December 12th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.  

Labels: HPSR

HP Security Research OSINT (OpenSource Intelligence) articles of interest – December 6, 2014

OSINT.jpgWelcome to the December 6th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.

Labels: HPSR

HP Security Briefing, episode 19 - Fifty shades of black hat: Turkey’s hacker underground

28818008_m.jpgIn the latest edition of the HP Security Briefing, we discuss the cyber threat landscape inside the Republic of Turkey.

HP Security Research OSINT (OpenSource Intelligence) articles of interest – November 21, 2014

OSINT.jpgWelcome to the November 21st edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.

Labels: HPSR

SandWorm’s target: A patch history of Object Packager

Object Packager, a component of Microsoft Windows OLE (Object Linking and Embedding), has drawn the attention of attackers and Microsoft twice in the last two months. We examine the patch history of the venerable component.

Reverse engineering NAND Flash Memory – POS device case study (part 3/3)

In my first blog, I talked about a method for acquiring a NAND Flash memory image by directly interacting with the chip. After you acquire a raw firmware image, using the various approaches I proposed with my second blog, you should be able to easily identify the layout of the firmware. At this point in the process, it’s time to extract the data and manipulate it.

HP Security Research OSINT (OpenSource Intelligence) articles of interest – November 15, 2014

OSINT.jpgWelcome to the November 15th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.

Labels: HPSR

Mobile Pwn2Own 2014: The day two recap

Two more competitors stepped up to the test bench on the second and final day of the annual contest in Tokyo

Labels: mobile| pwn2own| security

Mobile Pwn2Own 2014: The day one recap

ZDILogo.PNGA record number of contestants set a fast pace for this year’s Tokyo competition – five teams, five targets, five wins.

Labels: mobile| pwn2own| security

Mobile Pwn2Own begins: Competitors and targets

26725808_s.jpgThe third Mobile Pwn2Own competition begins in Tokyo with the largest competitor lineup in its history. We have the full schedule -- and the list of devices and platforms that await their fate.

Labels: mobile| pwn2own| security

HP Security Research OSINT (OpenSource Intelligence) articles of interest – November 7, 2014

OSINT.jpgWelcome to the November 7th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.

Mobile malware – shows us the money

The mobile-malware population may still be smaller than that targeting the desktop, but this year’s payloads prove that the breed is not to be ignored.

Labels: HPSR

Mystery, ubiquity and you - The mobile attack surface 2014

Why do we host Mobile Pwn2Own? Does anyone care about vulnerabilities in mobile devices? We take a moment to look at the trends before events begin in Tokyo.

Labels: HPSR

Cross-frame scripting protection: A case of doing it wrong

Finding a true positive in a “false positive” report reminds us that while browsers try to self-correct some HTML issues, it doesn’t always turn out as expected.

HP Security Research OSINT (OpenSource Intelligence) articles of interest – November 1, 2014

OSINT.jpgWelcome to the November 1st edition of the HP Security Research OSINT articles of interest. This is a list of publicly available articles that we find relevant in today's security news.

HP Security Briefing, episode 18 - New directions in use-after-free mitigations

25370003_ml.jpgIn the latest edition of the HP Security Briefing, we discuss two new tools in Microsoft's onggoing effort to mitigate use-after-free vulnerabilities in Internet Explorer

Pack your POCs – only two weeks to Mobile Pwn2Own 2014

The third annual Mobile Pwn2Own contest kicks off in Tokyo at PacSec in two weeks time on November 12, 2014.
What are you waiting for?

Labels: HPSR

POS malware - a look at Dexter and Decebal


POS.jpgPoint of Sale (POS) systems continue to make the news for all the wrong reasons. Consumers and retailers are under siege when shopping. While there are a number of methods and malware used to effectively collect critical customer data this blog explains two of the many - Decebal and Dexter.

Labels: HPSR

CVE-2014-6352 OLE packager vulnerability and a failed patch for SandWorm

A few days ago, Microsoft disclosed a new vulnerability related to the Microsoft Office OLE object (CVE-2014-6352) that looks like a variant of the SandWorm vulnerability (CVE-2014-4114). While the original vulnerability was patched with MS14-060, Microsoft has released a FixIt for this new vulnerability - and we  recommend you install it to protect yourself from this attack. I spent some time on this new FixIt module and wanted to share what I found.

Technical analysis of the SandWorm Vulnerability (CVE-2014-4114)

fig00.png

Malware, Russian cyber-espionage campaign, and Microsoft PowerPoint are not necessarily three things one expects to go together and yet they did just recently. We take a technical dive into the world of the SandWorm vulnerability (CVE-2014-4114).

HP Security Research OSINT (OpenSource Intelligence) articles of interest – October 17, 2014

OSINT.jpgWelcome to the October 17th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news

The New BEAST – Poodle

7387541_m.jpgA newly revealed vulnerability in the SSLv3 protocol made the news this week. We look at POODLE to see whether its bark is worse than its bite.

Don’t let anyone shock your shells

It’s been the better part of a month since the ShellShock vulnerability disclosure, and the whole Internet has been buzzing ever since. There are probably more posts, POCs, and FUD articles right now than vulnerable systems. Why write another post about it, you ask? Keep on reading ...

Hacking my smart TV - an old new thing

It’s hard to conceive of now, but there was a time when hacking a system was something easy enough for pretty much anyone to do. Developers were barely cognizant of the concept of security and many security holes were thought of as just minor glitches in the software. It took considerable effort from the security community to bring these security issues to the attention of vendors and it was a long road to the current level of security we have now. Having said that, the current security of software isn’t exactly perfect, but what I’m getting at is how the current security status of new things resembles the security status of old things in the ‘bad’ old days. Old vulnerabilities are new vulnerabilities again in the Internet of Things (IoT) and smart appliance space. Vulnerability types we thought were gone are now reappearing. I keep having déjà vu.

HP Security Research OSINT (OpenSource Intelligence) articles of interest – October 10, 2014

OSINT.jpgWelcome to the October 10th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.  

Labels: HPSR

Mail server-related injections: Whose problem?

During September, the SSR team conducted new research on mail server-related vulnerabilities. The results expand Fortify detections for numerous Java, PHP, and Python libraries and frameworks, but revealed a problem developers can’t expect library or framework vendors to fix.

Update your Struts 1 ClassLoader manipulation filters

In May, the SSR team discussed a vulnerability affecting both versions 1 and 2 of Struts, Apache’s open-source web application framework. The ensuing five months indicate that new protections are now necessary.

HP Security Research OSINT (OpenSource Intelligence) articles of interest – Friday, October 3, 2014

OSINT.jpgWelcome to the October 3rd edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.

Labels: HPSR| OSINT
Search
Showing results for 
Search instead for 
Do you mean 
About the Author(s)
HP Blog

HP Software Solutions Blog

Featured


Follow Us
Labels
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.