HP Security Research Blog
The HP Security Research blog provides a platform for security experts from across HP to discuss innovative research, industry observations, and updates on the threat landscape to help organizations proactively identify and manage risk.

Displaying articles for: April 2014

Microsoft IE zero day and recent exploitation trends (CVE-2014-1776)

The latest Microsoft Security Advisory concerning Internet Explorer involves the Vector Markup Language (VML) – and that’s nothing new. Let’s take a look at the difficult history of the VGX.DLL, which has been involved in eight Microsoft security releases in the last eight years. Where does CVE-2014-1776 fit into the picture?

HP Security Research OSINT (OpenSource Intelligence) articles of interest--April 28, 2014

OSINT newsletter.jpgIt’s the April 28th edition of the HP Security Research OSINT News Feed—a list of publically available articles that we find interesting in today’s security news.  

Labels: HP| security

Struts2 zero day in the wild

Remote code execution zero day in up-to-date Struts 2 applications:

 

Several months ago the Struts2 team announced security vulnerability S2-020 that allowed ClassLoader manipulation resulting in Remote Code Execution on certain application servers like Tomcat 8.

Tags: 0day| Struts2
Labels: 0day| Struts2

Patch analysis of latest Microsoft Office vulnerability (CVE-2014-1761)

I wrote about a Microsoft Word vulnerability, which was at that point a zero day, a few weeks ago,. Microsoft released the update for this vulnerability with their April 2014 Patch Tuesday. There is some confusion in the industry about the nature of this vulnerability, so I analyzed the patch -- in the process, confirming my previous findings. This blog discusses my results, along with some additional interesting findings related to previous security updates of the RTF parser in Microsoft Office.

HP Security Research OSINT (OpenSource Intelligence) articles of interest--April 14, 2014

OSINT.jpgWelcome to the April 14th edition of the HP Security Research OSINT News Feed—a list of publically available articles that we find interesting in today’s security news.  

Labels: HP| security

Heartbleed causes heartache

The latest and scariest news in security is the “Heartbleed” bug. This evocative name comes from the fact that there is a buffer overread flaw in the implementation of the “heartbeat” extension to TLS that leaks information, potentially including usernames, passwords, secret keys and other communications. This serious flaw has been present in OpenSSL, a very popular open source implementation of the protocol used to secure the internet, for years.

Tags: OpenSSL

Advanced Persistent Threats and the rise of the app stores

For malware writers, the old days on the Internet were a volume business – infect as many computers as possible. Defenders responded with blacklisting. But modern Advanced Persistent Threat (APT) attacks are precisely tested and targeted. Will whitelisting – in the form of app stores – save us? And what will we lose if they do?

Technical Analysis of CVE-2014-1761 RTF Vulnerability

Recently, Microsoft announced that an RTF sample exploiting CVE-2014-1761 is in the wild. The sample has just become publicly known. I spent some time analyzing the vulnerability and this blog describes what I found. The sample I analyzed has a SHA1 value of 200f7930de8d44fc2b00516f79033408ca39d610. The main module that was used in my analysis is wwlib.dll with file version of 14.0.7113.5001 used in Microsoft Office 2010.

HP Security Research OSINT (OpenSource Intelligence) articles of interest--April 4, 2014

OSINT.jpgIt's time for the April 4th edition of the HP Security Research OSINT News Feed—a list of publically available articles that we find interesting in today’s security news.  

Labels: HP| security

HP Security Research Threat Intelligence Briefing episode 12 - The evolution of credit card crime

The recent Target attack reminds us that we are not safe in this world from credit card criminals. If you look at the last 10 years or so, you can see that the Target attack is actually nothing new. The trend for attacking card processing networks and POS machines has been occurring since the mid-2000s.

Four legs good: Recent advances in secure password generation

New research approaches to password generation utilize common household pets for more effective random string generation at minimal cost.

Tags: April Fools
Labels: April Fools
Search
About the Author(s)
Follow Us


HP Blog

HP Software Solutions Blog

The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation