Security Research
Showing results for 
Search instead for 
Do you mean 

HP Security Research OSINT (OpenSource Intelligence) articles of interest--July 11, 2014

SR-FI_Team ‎07-11-2014 08:37 AM - edited ‎07-11-2014 08:37 AM

Key Articles of Interest for July 11th, 2014


CrowdStrike Intelligence Report: Putter Panda
Crowdstrike has been tracking the activity of a cyber espionage group operating out of shanghai, China, with connections to the People’s liberation army third General staff department (Gsd) 12th Bureau Military Unit Cover designator (MUCd) 61486, since 2012. the attribution provided in this report points to Chen Ping, aka cpyy (born on May 29, 1979), as an individual responsible for the domain registration for the Command and Control (C2) of PUttEr Panda malware. In addition to cpyy, the report identifies the primary location of Unit 61486.

Protection from Kerberos Golden Ticket
Kerberos authentication protocol is the preferred authentication mechanism used by Windows in a domain- based environment, and interoperates with Kerberos implementations supported by other operating systems. While the pass-the-hash technique (PtH) is still used by Advanced Persistent Threats (APT), the equivalent technique misusing the Kerberos protocol, known as pass-the-ticket (PtT), is increasing1.


Chinese Hackers Target Logistics & Shipping Firms With Poisoned Inventory Scanners
Malware-poisoned handheld inventory scanners from China are stealing information from logistics and shipping firms as well as manufacturing companies around the globe in an attack campaign dubbed “ZombieZero” by the researchers who discovered it.

Brazilians in the Russian Underground
Monitoring the cybercriminal underground sometimes leads us down some interesting paths. We recently encountered a cybercriminal posting in a Russian underground forum which led to the discovery of more than 136,000 stolen credit card credentials.

On Cryptolocker and the Commercial Malware Delivery Platform behind It
In an ever-connected world, malware thrives and multiplies at an incredible rate. More than 200,000 samples are built, packed and pushed on the market daily. Few of these threats manage to cause widespread havoc and only a meager handful become so successful that they spawn vast numbers of clones.

Information controls during Thailand’s 2014 Coup
The May 2014 coup d’etat in Thailand was the 19th coup attempt in the country’s history. It stands out from previous coups due to the military junta’s focus on information controls (defined below in more detail). It was also the first time that martial law was imposed before the coup, allowing the military to impose immediate restrictions on freedom of speech, association, and the press.

The Emperor’s New Password Manager: Security Analysis of Web-based Password Managers
We conduct a security analysis of five popular web-based password managers. Unlike “local” password managers, web-based password managers run in the browser. We identify four key security concerns for web-based password managers and, for each, identify representative vulnerabilities through our case studies.

When Adware Goes Bad: The Installbrain and Sefnit Connection
Adware is often perceived as low-risk, because these usually display unwanted popups and pop under advertisements. However, they can pose serious security risks when used by adware companies to load malware onto systems wherein their adware has been installed.


The information contained in this blog post is from publicly available sources. Avoid suspicious links and advertisements. These articles do not represent HP’s view or position on any of the topics listed. This blog post is provided as a news service only – it is not an official position by HP. The intent of this blog post is to share current events related to the cyber security industry within HP. 

0 Kudos
About the Author


27 Feb - 2 March 2017
Barcelona | Fira Gran Via
Mobile World Congress 2017
Hewlett Packard Enterprise at Mobile World Congress 2017, Barcelona | Fira Gran Via Location: Hall 3, Booth 3E11
Read more
Each Month in 2017
Software Expert Days - 2017
Join us online to talk directly with our Software experts during online Expert Days. Find information here about past, current, and upcoming Expert Da...
Read more
View all