HP Security Research Blog
The HP Security Research blog provides a platform for security experts from across HP to discuss innovative research, industry observations, and updates on the threat landscape to help organizations proactively identify and manage risk.

Displaying articles for: October 2013

Trick or treat? Who’s afraid of mobile malware?

We thought today might be a good time to dig a little into the specter of mobile malware. Spooky stories abound, but is it really the tale of terror it's told to be?

Labels: Malware| mobile| security| ZDI

Verifying Windows Kernel Vulnerabilities

Outside of the Pwn2Own competitions, HP’s Zero Day Initiative (ZDI) does not require that researchers provide us with exploits. ZDI analysts evaluate each submitted case, and as part of that analysis we may choose to take the vulnerability to a full exploit.

 

In this post, we examine the steps involved in taking a 'write-what-where' vulnerability from a crash to full system compromise.

Labels: security

SEA attack on President’s social media tools

The Syrian Electronic Army continued their western targeted attacks this week by attacking President Barack Obama’s campaign media. Once again, by targeting a third-party and insiders’ email, they were able to modify shortened urls to redirect visitors to their own website, as well as a YouTube video.

Search
About the Author(s)
  • Twitter: @ohjeongwook .
  • Steve Povolny manages the Digital Vaccine team at HP TippingPoint. The team is composed of security researchers and filter/signature developers for the Intrusion Prevention System.
Follow Us
Twitter Stream


HP Blog

HP Software Solutions Blog

The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation