HP Security Research Blog
The HP Security Research blog provides a platform for security experts from across HP to discuss innovative research, industry observations, and updates on the threat landscape to help organizations proactively identify and manage risk.

HP Security Briefing, episode 19 - Fifty shades of black hat: Turkey’s hacker underground

28818008_m.jpgIn the latest edition of the HP Security Briefing, we discuss the cyber threat landscape inside the Republic of Turkey.

HP Security Briefing, episode 18 - New directions in use-after-free mitigations

25370003_ml.jpgIn the latest edition of the HP Security Briefing, we discuss two new tools in Microsoft's onggoing effort to mitigate use-after-free vulnerabilities in Internet Explorer

HP Security Briefing episode 17 - Thinking outside the sandbox

In this edition of the HP Security Briefing we discuss the modern browser, its plug-ins, the ever-shrinking attack surface and how to violate the trust boundaries of the sandbox.

HP Security Briefing, episode 16 - Profiling an enigma: North Korea’s cyber threat landscape

In the latest edition of the HP Security Briefing, we discuss the cyber threat landscape within the Democratic People’s Republic of Korea.

HP Security Briefing, episode 15 - Bitcoin and security

In the July 2014 Security Briefing we look at Bitcoin, the largest of the emerging class of value-exchange mechanisms called cryptocurrencies.

HP Security Briefing, episode 14 - malicious file vizualization and clustering

In this month’s Security Briefing, we conduct a number of experiments with file geometry visualization and clustering algorithms on malicious and clean files using R language. You can listen to this episode of the HP Security Briefing podcast on the Web or via iTunes, and you can read or download the detailed companion report report here.

HP Security Briefing, episode 13 – The art and near-science of threat modeling

In this month’s briefing, we give an overview of the threat-modeling landscape – what it affects, how it got this way, what the current notable conditions are, and how to introduce the pertinent concepts to your organization.

HP Security Research Threat Intelligence Briefing episode 12 - The evolution of credit card crime

The recent Target attack reminds us that we are not safe in this world from credit card criminals. If you look at the last 10 years or so, you can see that the Target attack is actually nothing new. The trend for attacking card processing networks and POS machines has been occurring since the mid-2000s.

HPSR Threat Intelligence Briefing - Episode 11

Iranian hacker groups and their allies launched increasing numbers of cyber attacks over the last year, despite strict state controls of Internet traffic including: spying, censorship, and filtering laws and technology. 

 

In this report (see attached report for full content), we examine Iran’s cyber warfare capabilities, particularly the hacker groups that serve as a force multiplier to Iran’s continually expanding cyber presence. The report covers how these groups recruit and train members, the primary actors involved, TTPs, motivations, and indicators of state sponsorship by the regime. Through this analysis, the goal is to educate the reader on the capabilities of these groups and the significance and implications of state sponsorship of underground cyber actors. It also advises potential targets on mitigation strategies in the face of state sponsored cyber activities.

 

HP Security Research Threat Intelligence Briefing episode 10 - ZDI 2013 in review

It’s that time again, when we look at the vulnerability year that was and muse about the vulnerability year that will be. 2013 was a huge year for the Zero Day Initiative – we purchased more cases this year than in any other since the inception of the ZDI program 10 years ago. And what cases they were – vulnerabilities unearthed in widespread critical software used by enterprises and the greater computing community alike.  In this month’s Threat Briefing we walk 2013’s vulnerabilities, talk vendors, and think out loud about where this is going in 2014.

HP Security Research Threat Intelligence Briefing - Episode 9

In this Threat Briefing we discuss some of the security implications of using open source and describe a process you can use to minimize the associated risks.

HP Security Research Threat Intelligence Briefing - Episode 8

In this briefing we explore the tools used by attackers. We have focused in previous episodes on various actors and their methods. Here we take a look at the arsenal faced by their targets and provide an in-depth analysis of a discovered PHP-based web shell labeled with “1n73ction v.3.1 special edition by the hacker x’1n73t.” The web shell was discovered on a server that was subjected to a zero day (0day) attack against a Joomla 1.5.26 web site protected by RSFirewall resulting in a successful compromise and defacement.

Labels: threatbriefings

HP Security Research Threat Intelligence Briefing - Episode 7

In this briefing, we discuss various attacks that make use of the Domain Name System (DNS) and the severity of these attacks. DNS is a vital component of the Internet. While some consider DNS to be equivalent to a phone book, it is actually much more. DNS is arguably the most critical service on a network as it is necessary for establishing communications.  When the DNS is compromised, malicious actors can control communications for very large groups of people and applications. With domain hijacking, the attacker can even take over an organization’s domain without ever touching the organization directly.

 

DNS and search engines together control almost ALL communications on the Internet. If you control a DNS resolver, you can control all traffic using that resolver. If you control an authoritative DNS, you can control all users’ traffic destined for that domain. If you own the domain of the search engine (i.e. Google & Bing) you control ALL communications from users and applications on the Internet. DNS is the "key to the kingdom" and attackers are leveraging DNS to hijack users’ traffic and web domains. 

 

 

Labels: threatbriefings

HP Security Research Threat Intelligence Briefing - Episode 6

XML is a simple, logical way to represent data and many developers are unaware of the flaws they could unknowingly be introducing into their applications. In this podcast episode, we review some of the risks associated with processing user-supplied XML documents and learn about countermeasures for mitigating them.

 

To learn more on this interesting topic listen to Episode 6 of the HP Threat Intelligence Briefing Podcast, available on the Web and iTunes, and read the companion report  for more details.

Labels: threatbriefings

HP Security Research Threat Intelligence Briefing - Episode 5

In this month’s Threat Intelligence Briefing, we cover the process of identifying credible threats through intelligence analysis. A podcast and research report are included.

 

Labels: threatbriefings

HP Security Research Threat Intelligence Briefing - Episode 4

In this months Threat Intelligence Briefing we cover web based malware, attack techniques and declarative security using HTTP response headers. A podcast and research report are included.

Labels: threatbriefings

HP Security Research Threat Intelligence Briefing - Episode 3

In this months Threat Intelligence Briefing we cover the Syrian Electronic Army. A podcast and research report are included.

Labels: threatbriefings

HP Security Research Threat Intelligence Briefing - Episode 2

Thank you for reading the latest threat intelligence briefing from HP Security Research, where we will cover topics like Global Malware Activity, ZDI Vulnerabilities and Actor Dispositions.

Labels: threatbriefings

HP Security Research Threat Intelligence Briefing - Episode 1

Thank you for reading the first of many threat intelligence briefings from HP Security Research, where we will cover topics like Global Malware Activity, ZDI Vulnerabilities and Actor Dispositions.

Labels: threatbriefings
Search
Showing results for 
Search instead for 
Do you mean 
About the Author(s)
HP Blog

HP Software Solutions Blog

Featured


Follow Us
Labels
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.