HP Security Research Blog
The HP Security Research blog provides a platform for security experts from across HP to discuss innovative research, industry observations, and updates on the threat landscape to help organizations proactively identify and manage risk.

HP Security Research OSINT (OpenSource Intelligence) articles of interest – June 26, 2015

field-logo.jpgWelcome to the June 26th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.  

Labels: HPSR

HP Security Research OSINT (OpenSource Intelligence) articles of interest – June 19, 2015

field-logo.jpgWelcome to the June 19th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.  

Labels: HPSR

HP Security Research OSINT (OpenSource Intelligence) articles of interest – June 12, 2015

field-logo.jpgWelcome to the June 12th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.  

Labels: HPSR

HP Security Research OSINT (OpenSource Intelligence) articles of interest – June 5, 2015

field-logo.jpgWelcome to the June 5th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.  

Labels: HPSR

HP Security Research OSINT (OpenSource Intelligence) articles of interest – May 29, 2015

field-logo.jpgWelcome to the May 29th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.

Labels: HPSR

Oh, behave!: Breaches, APT, and activity monitoring

defense.jpgA recent Gartner survey indicates that an overwhelming majority of breaches are application-related. We look at how that knowledge can be power in the right defenders’ hands.

Common Web mistakes that invite trouble

web security.jpgSometimes it seems as if security folk simply can’t shut off the part of their brain that looks for trouble. Unfortunately, years of questionable web site development tactics have made trouble plenty easy to find. See if any of these misbehaviors ring a bell.

Adult Friend Finder leak – what can we learn?

too-many-friends-found.jpgThe recent breach and data dump of records on 3.8 million Adult Friend Finder subscribers may have provided a certain degree of amusement to the Internet – though it’s safe to say that the subscribers and the site owners aren’t laughing. However, a breach of employees’ (very) personal information can still spell trouble for your network. We look at the implications.

Labels: HPSR

HP Security Research OSINT (OpenSource Intelligence) articles of interest – May 22, 2015

field-logo.jpgWelcome to the May 22nd edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.  

Labels: HPSR

Software Development KITchen sink

bug picture.jpgCVE-2014-8361 (ZDI-15-155), recently disclosed by the Zero Day Initiative, provides a depressing example of why near-intractable vulnerabilities will continue to plague the tech industry – and will only get worse as we fully embrace the Internet of Things.

Labels: HPSR

HP Security Research OSINT (OpenSource Intelligence) articles of interest – May 15, 2015

OSINT.jpgWelcome to the May 15th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.  

Labels: HPSR

Milestone today, good times ahead

zdi-small.pngIs today’s group of Zero Day Initiative disclosures the largest ever? We look at the numbers and analyze the trend – and what it means for the ZDI as we approach the program’s tenth anniversary.

Labels: HPSR

HP Security Research OSINT (OpenSource Intelligence) articles of interest – May 8, 2015

OSINT.jpgWelcome to the May 8th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.  

Labels: HPSR

Cloud "shiny rocks" and your SOC

32380942_s.jpgIt’s easy to turn the heads of IT folk – or of their C-level execs – with promises of easy access and fast implementation. But the “shiny rock” of cloud security can easily block a clear view of the realities of working well within known security operations center (SOC) parameters. Fortunately, you already have the expertise; we have a bit of advice for minimizing the distraction.

Tags: HPSR| OpSec| siem| SOC
Labels: HPSR| OpSec| SIEM| SOC

HP Security Research OSINT (OpenSource Intelligence) articles of interest – May 1, 2015

field-logo.jpgWelcome to the May 1st edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.  

Labels: HPSR

HP Security Research OSINT (OpenSource Intelligence) articles of interest – April 24, 2015

field-logo.jpgWelcome to the April 24th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.  

Labels: HPSR

HP Security Research OSINT (OpenSource Intelligence) articles of interest – April 17, 2015

OSINT.jpgWelcome to the April 17th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.  

Labels: HPSR

HP Security Research OSINT (OpenSource Intelligence) articles of interest – April 10, 2015

OSINT.jpgWelcome to the April 10th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.  

Labels: HPSR

Adventures in PoSeidon genealogy: Tracking a malware family tree

Poseidon Square.jpgThe PoSeidon or Backoff family of malware – known by a plethora of other names – attacks Point-of-Sale (PoS) systems to steal credit card information. This analysis digs deeper into the multiple versions of this malware family and shows how to detect, and potentially remove, the unwanted software.

A brief history of privacy

privacy.jpgWith the rocketing rise in data breaches in the past 18 months, protection of personally identifiable information (PII) has been a frequent topic of discussion and worry. But privacy has been a concern for a very long time. If your privacy knowledge feels a bit thin, spend a few moments with a brief introduction to the landscape.

Tags: HPSR| privacy
Labels: HPSR| Privacy

HP Security Research OSINT (OpenSource Intelligence) articles of interest – April 3, 2015

OSINT.jpgWelcome to the April 3rd edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.  

Labels: HPSR

Naming and graphic design services for bugs now available

ZDI is now offering vulnerability naming and graphic design services for researchers who reach Gold status. No longer will your bug suffer in anonymity; we’ll hook you up with our crack design team to give your bug the name and logo it deserves.

HP Security Research OSINT (OpenSource Intelligence) articles of interest – March 27, 2015

OSINT.jpgWelcome to the March 27th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.  

Labels: HPSR

HP Security Research OSINT (OpenSource Intelligence) articles of interest – March 21, 2015

OSINT.jpgWelcome to the March 21st edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.  

Labels: HPSR

HP Security Research OSINT (OpenSource Intelligence) articles of interest – March 6, 2015

field-logo.jpgWelcome to the March 6th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.  

Labels: HPSR

HP Security Research OSINT (OpenSource Intelligence) articles of interest – February 27, 2015

OSINT.jpgWelcome to the February 27th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.

Labels: HPSR

Infographic: HP Security Research Cyber Risk Report 2015

very teeny tiny chart.pngThe annual Cyber Risk Report from HP Security Research provides organizations with a better understanding of the threat landscape and supplies resources that can aid in minimizing security risk. This year, we’re including an infographic detailing some of the more interesting data points detailed in the report.

HP Security Research OSINT (OpenSource Intelligence) articles of interest – February 20, 2015

OSINT.jpgWelcome to the February 20th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.

Labels: HPSR

HP Security Research OSINT (OpenSource Intelligence) articles of interest – February 13, 2015

OSINT.jpgWelcome to the February 13th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.  

Labels: HPSR
Search
Showing results for 
Search instead for 
Do you mean 
About the Author(s)
  • Head of OpSec Research
  • I am a senior security content developer with Hewlett-Packard Security Research (HPSR). In this role, I write and edit security analysis and supporting content from researchers, including those from HP’s Zero Day Initiative (ZDI) program. The ZDI program augments HP’s Enterprise Security Products with zero-day research through a network of over 3,000 independent researchers around the world. I am also responsible for providing insight into the threat landscape; competitive intelligence to the research team; and providing guidance on the social media roadmap. Part of my role includes speaking publicly and promoting the research and technology of the HPSR.
  • Kernelsmith is senior vulnerability researcher with Hewlett-Packard Security Research (HPSR). In this role, he analyzes and performs root-cause analysis on hundreds of vulnerabilities submitted to the Zero-Day Initiative (ZDI) program. He also tries to automate whenever he can, pulling from the devops and virtualization arenas. Josh is also a developer for the Metasploit Framework and has spoken at a few conferences and holds a few certifications. Prior to joining HP, Smith served in the U.S. Air Force for 10 years and subsequently became a security engineer at the John Hopkins University Applied Physics Laboratory. Smith performed research into weapons systems vulnerabilities as well as evasion and obfuscation techniques to add depth and realism to security device tests. Smith received a B.S. in Aeronautical Engineering from Rensselaer Polytechnic Institute and an M.A. in Management of Information Systems from the University of Great Falls.
  • Security Researcher, Software Security Research
  • Security Researcher, Zero Day Initiative
  • Steve Povolny manages the Digital Vaccine team at HP TippingPoint. The team is composed of security researchers and filter/signature developers for the Intrusion Prevention System.
HP Blog

HP Software Solutions Blog

Featured


Follow Us
Labels
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.