HP Security Research Threat Intelligence Briefing - Episode 4

SR-FI_Team ‎06-05-2013 04:17 PM - edited ‎06-05-2013 04:25 PM

Thank you for subscribing to Episode 4 of the HP Security Research Threat Intelligence Briefing. This briefing covers the following topics:

 

Web-based Malware: This section highlights prominent malware campaigns and exploit kits known to target vulnerabilities in web applications, web browsers and browser plugins. It offers an overview of several recent incidents employing a “watering hole” distribution tactic and the specific vulnerabilities targeted by these campaigns.

 

Attack Techniques: The emphasis of this section is on explaining the web application security weaknesses that frequently aid in malware infection. It describes how these weaknesses are exploited using different attack techniques for distributing and installing malware. By reviewing the malware infection process from start to finish, this section aims to emphasize the risk posed by insecure web applications to the users.

 

Declarative Security using HTTP Response Headers: This section explains how developers can take advantage of a declarative security approach for mitigating web-based malware using HTTP response headers. Additionally, detailed information on configuration options and browser support for all the major declarative security headers is included.

 

This companion report supports Episode 4 of the HP Security Research Threat Intelligence Briefing podcast available on the Web and iTunes. The regular podcasts and the associated companion reports are published through the HP Security Research blog at hp.com/go/hpsrblog.

About the Author

SR-FI_Team

Comments
Gregorio Degonia
on ‎08-19-2013 08:01 AM
I really like your writing style, wonderful information, regards for putting up :D.