HP Security Research Blog
The HP Security Research blog provides a platform for security experts from across HP to discuss innovative research, industry observations, and updates on the threat landscape to help organizations proactively identify and manage risk.

HP Security Research OSINT (OpenSource Intelligence) articles of interest – December 20, 2014

OSINT.jpgWelcome to the December 20th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.

Labels: HPSR

HP Security Research OSINT (OpenSource Intelligence) articles of interest – December 12, 2014

OSINT.jpgWelcome to the December 12th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.  

Labels: HPSR

HP Security Research OSINT (OpenSource Intelligence) articles of interest – December 6, 2014

OSINT.jpgWelcome to the December 6th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.

Labels: HPSR

HP Security Briefing, episode 19 - Fifty shades of black hat: Turkey’s hacker underground

28818008_m.jpgIn the latest edition of the HP Security Briefing, we discuss the cyber threat landscape inside the Republic of Turkey.

HP Security Research OSINT (OpenSource Intelligence) articles of interest – November 21, 2014

OSINT.jpgWelcome to the November 21st edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.

Labels: HPSR

HP Security Research OSINT (OpenSource Intelligence) articles of interest – November 15, 2014

OSINT.jpgWelcome to the November 15th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.

Labels: HPSR

Mobile malware – shows us the money

The mobile-malware population may still be smaller than that targeting the desktop, but this year’s payloads prove that the breed is not to be ignored.

Labels: HPSR

Mystery, ubiquity and you - The mobile attack surface 2014

Why do we host Mobile Pwn2Own? Does anyone care about vulnerabilities in mobile devices? We take a moment to look at the trends before events begin in Tokyo.

Labels: HPSR

HP Security Briefing, episode 18 - New directions in use-after-free mitigations

25370003_ml.jpgIn the latest edition of the HP Security Briefing, we discuss two new tools in Microsoft's onggoing effort to mitigate use-after-free vulnerabilities in Internet Explorer

Pack your POCs – only two weeks to Mobile Pwn2Own 2014

The third annual Mobile Pwn2Own contest kicks off in Tokyo at PacSec in two weeks time on November 12, 2014.
What are you waiting for?

Labels: HPSR

POS malware - a look at Dexter and Decebal


POS.jpgPoint of Sale (POS) systems continue to make the news for all the wrong reasons. Consumers and retailers are under siege when shopping. While there are a number of methods and malware used to effectively collect critical customer data this blog explains two of the many - Decebal and Dexter.

Labels: HPSR

HP Security Research OSINT (OpenSource Intelligence) articles of interest – October 10, 2014

OSINT.jpgWelcome to the October 10th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.  

Labels: HPSR

HP Security Research OSINT (OpenSource Intelligence) articles of interest – Friday, October 3, 2014

OSINT.jpgWelcome to the October 3rd edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.

Labels: HPSR| OSINT

HP Security Briefing episode 17 - Thinking outside the sandbox

In this edition of the HP Security Briefing we discuss the modern browser, its plug-ins, the ever-shrinking attack surface and how to violate the trust boundaries of the sandbox.

HP Security Research: GNU Bash vulnerability "Shellshock" (CVE-2014-6271)

HP Security Research takes a look at GNU Bash vulnerability, CVE-2014-6271, offering their unique insight and recommendations for remediation.

Labels: HPSR

HP Security Research OSINT (OpenSource Intelligence) articles of interest – September 12, 2014

OSINT.jpgWelcome to the September 12th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.  

Labels: HPSR

Converting executable file structure metadata to a feature vector, cook book examples

One of the major hurdles in the research we conducted on malicious files visualisation and clustering was trying to convert executable file structure metadata to a feature vector, also known as a data frame. To clarify the path we’ve taken and to make it easier to reproduce the results, we are showing the steps (with code examples) on how to convert the PE-structure raw data to an R package data frame.

Labels: HPSR

HP Security Research OSINT (OpenSource Intelligence) articles of interest – September 5, 2014

OSINT.jpgWelcome to the September 5th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.

Labels: HPSR| OSINT

Threat: Cryptographic Locker- Ransomware on a Budget

You’ve been hit by the new ransomware, Cryptographic Locker. Time to dust off that backup (you have a backup, don’t you?) and do a system restore, Right?

Labels: DVLabs| HPSR

Mobile Pwn2Own Tokyo 2014

HP Security Research’s Zero Day Initiative (ZDI) invites you to join us for the third annual Mobile Pwn2Own competition, to be held this year on November 12-13 at PacSec Applied Security Conference in Tokyo, Japan.  We’re looking forward to rewarding the world’s top researchers for demonstrating and disclosing their stealthy attacks on mobile devices, and we’re delighted that our friends at Google’s Android Security Team and BlackBerry are joining us again as sponsors.

Labels: HPSR

HP Security Research OSINT (OpenSource Intelligence) articles of interest--August 29, 2014


OSINT.jpgWelcome to the August 29th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.

Labels: HPSR

Working together toward secure development

IEE-14-TA-026-TA_CFSD_Logo_300dpi.png

 

Secure coding doesn’t have to be an exercise in developer pain, as a new whitepaper shows

Labels: HPSR

HP Security Briefing, episode 16 - Profiling an enigma: North Korea’s cyber threat landscape

In the latest edition of the HP Security Briefing, we discuss the cyber threat landscape within the Democratic People’s Republic of Korea.

The importance of languages for the professional developer

How building a small custom fuzzer demonstrates the importance of fluency in multiple programming languages. 

HP Security Research OSINT (OpenSource Intelligence) articles of interest--August 22, 2014

OSINT.jpgWelcome to the August 22nd edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.

Labels: HPSR

How to Identify (and contribute) mobile platform vulnerabilities - Building your own SMS/MMS fuzzer

This past weekend at DEF CON 22, Matt Molinyawe and I presented to a full house. Clearly, there is a growing interest in mobile phones as an attack surface.

Labels: HPSR

HP Security Research OSINT (OpenSource Intelligence) articles of interest--August 15, 2014

OSINT.jpgWelcome to the August 15th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.  

Labels: HPSR

HP Security Research OSINT (OpenSource Intelligence) articles of interest--August 1, 2014

hpsr.jpgIt's the August 1st edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news. 

Labels: HPSR

There’s No Place Like Localhost: A Welcoming Front Door To Medium Integrity

This year, Abdul Aziz Hariri, Jasiel Spelman, and myself (Matt Molinyawe) of the Zero Day Initiative were involved in producing an exploit for this year’s Pwn4Fun. It demonstrated our work and that people from major companies could produce a full exploit in the name of charity, good will, and trying to make positive change in software without asking for anything in return. The Zero Day Initiative had also disclosed 6 additional Microsoft Internet Explorer vulnerabilities found by Abdul Aziz Hariri over the two weeks prior to this event.

HP Security Research OSINT (OpenSource Intelligence) articles of interest--July 25, 2014

OSINT.jpgWelcome to the July 25th edition of the HP Security Research OSINT articles of interest. This is a list of publically available articles that we find relevant in today's security news.  

Labels: HPSR
Search
Showing results for 
Search instead for 
Do you mean 
About the Author(s)
HP Blog

HP Software Solutions Blog

Featured


Follow Us
Labels
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.