HP Security Research Blog
The HP Security Research blog provides a platform for security experts from across HP to discuss innovative research, industry observations, and updates on the threat landscape to help organizations proactively identify and manage risk.

Displaying articles for: August 2014

HP Security Research OSINT (OpenSource Intelligence) articles of interest--August 29, 2014


OSINT.jpgWelcome to the August 29th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.

Labels: HPSR

Working together toward secure development

IEE-14-TA-026-TA_CFSD_Logo_300dpi.png

 

Secure coding doesn’t have to be an exercise in developer pain, as a new whitepaper shows

Labels: HPSR

HP Security Briefing, episode 16 - Profiling an enigma: North Korea’s cyber threat landscape

In the latest edition of the HP Security Briefing, we discuss the cyber threat landscape within the Democratic People’s Republic of Korea.

The importance of languages for the professional developer

How building a small custom fuzzer demonstrates the importance of fluency in multiple programming languages. 

HP Security Research OSINT (OpenSource Intelligence) articles of interest--August 22, 2014

OSINT.jpgWelcome to the August 22nd edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.

Labels: HPSR

Reverse Engineering NAND Flash Memory – POS device case study (part 1/3)

Modern life wouldn’t be quite so modern without NAND Flash memory. It is used everywhere - from USB sticks and smart phones to security cameras and the Internet of Things (IoT). I’ve spent some time reverse engineering the NAND flash memory used in popular POS (Point of Sale) devices.  Aside from sharing my findings from the evaluation of these devices, I wanted to share the process I followed to acquire the right firmware and to perform the reverse engineering. 

How to Identify (and contribute) mobile platform vulnerabilities - Building your own SMS/MMS fuzzer

This past weekend at DEF CON 22, Matt Molinyawe and I presented to a full house. Clearly, there is a growing interest in mobile phones as an attack surface.

Labels: HPSR

HP Security Research OSINT (OpenSource Intelligence) articles of interest--August 15, 2014

OSINT.jpgWelcome to the August 15th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.  

Labels: HPSR

HP Security Research OSINT (OpenSource Intelligence) articles of interest--August 1, 2014

hpsr.jpgIt's the August 1st edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news. 

Labels: HPSR
Search
Showing results for 
Search instead for 
Do you mean 
About the Author(s)
  • Head of OpSec Research
  • I joined HP in 2014 and am currently a Sr. Security Content Developer within HP Security Research. In this role, I write and edit security analysis and supporting content from researchers.
  • Kernelsmith is senior vulnerability researcher with Hewlett-Packard Security Research (HPSR). In this role, he analyzes and performs root-cause analysis on hundreds of vulnerabilities submitted to the Zero-Day Initiative (ZDI) program. He also tries to automate whenever he can, pulling from the devops and virtualization arenas. Josh is also a developer for the Metasploit Framework and has spoken at a few conferences and holds a few certifications. Prior to joining HP, Smith served in the U.S. Air Force for 10 years and subsequently became a security engineer at the John Hopkins University Applied Physics Laboratory. Smith performed research into weapons systems vulnerabilities as well as evasion and obfuscation techniques to add depth and realism to security device tests. Smith received a B.S. in Aeronautical Engineering from Rensselaer Polytechnic Institute and an M.A. in Management of Information Systems from the University of Great Falls.
  • Security Researcher, Software Security Research
  • Security Researcher, Zero Day Initiative
  • Steve Povolny manages the Digital Vaccine team at HP TippingPoint. The team is composed of security researchers and filter/signature developers for the Intrusion Prevention System.
HP Blog

HP Software Solutions Blog

Featured


Follow Us
Labels
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.