The HP Security Laboratory

News of Michael Jackson's death blazes across the web--what if it were a hoax?

Chris Sullo — Fri, 26 Jun 2009 17:59:00 GMT

Over at the SEOmozBlog , Danny Dover has a really interesting post about how, and how fast, the news of Michael Jackson's death travelled across the web. I won't go through it here, but it's a fascinating read. Less than an hour after the...(read more)

Uncharted Territories: the personal-corporate-social-web-mashup

Chris Sullo — Wed, 24 Jun 2009 15:19:00 GMT

Corporate web communications have grown from simple web pages to massive and complex applications. The security department has mostly kept up and maintained a secure perimeter—even when that perimeter included outsourced and vendor systems. Contracts...(read more)

Top Five Web Application Vulnerabilities 6/08/09 - 6/23/09

mark.painter — Tue, 23 Jun 2009 19:04:00 GMT

1) F5 Networks FirePass SSL VPN Unspecified Cross-Site Scripting Vulnerability F5 Networks FirePass SSL VPN is susceptible to a Cross-Site Scripting vulnerability. If successful, Cross-Site Scripting can be exploited to manipulate or steal cookies, create...(read more)

Hello darknets, my old friend...

mark.painter — Wed, 17 Jun 2009 18:31:00 GMT

Billy Hoffman and Matt Wood of the HP Web Security Research Group are generating serious heat with their upcoming BlackHat USA presentation which will detail their browser-based darknet. Articles on Dark Reading, Forbes.com, and Slashdot are just the...(read more)

Top Five Web Application Vulnerabilities 5/26/09 - 6/07/09

mark.painter — Mon, 08 Jun 2009 19:06:00 GMT

1) Sun Java System Web Server Reverse Proxy Plug-in Cross-Site Scripting Vulnerability Sun Java System Web Server is susceptible to a Cross-Site Scripting vulnerability. If successful, Cross-Site Scripting can be exploited to manipulate or steal cookies...(read more)

Talking Headers: Part 3: The Fun

Chris Sullo — Mon, 08 Jun 2009 12:29:00 GMT

In Part 1 of the series on interesting headers, I talked about leaking hostnames. In Part 2 , it was PHP errors. In Part 3 I bring you... the funny stuff. Not funny, like how Mark Mcgwire's rookie card is now $5 on ebay compared to the hundreds it...(read more)

Schneier on security in the age of cloud computing

mark.painter — Thu, 04 Jun 2009 16:03:00 GMT

Bruce Schneier offers a great perspective on why security is even more important in the age of cloud computing. As the expression goes, three can keep a secret if two of them are dead. In a nutshell, cloud computing forces you to increase the number of...(read more)

Talking Headers: Part 2

Chris Sullo — Wed, 03 Jun 2009 13:30:00 GMT

While my rookie Mark McGwire cards aren't appreciating at all, my header collection is. Check these actual headers out: php warning: Unknown(): Unable to load dynamic library '/usr/local/lib/php/extensions/no-debug-non-zts-20020429/mysql.so'...(read more)

Hacking has evolved

mark.painter — Tue, 02 Jun 2009 14:22:00 GMT

This is a great article about the value of a hacked PC to an attacker. While this focuses on personal PCs, all of these reasons can also apply to compromised web servers. Remember, web hacking has evolved. Script kiddies began by defacing web sites and...(read more)

Instant High Score!

mark.painter — Fri, 29 May 2009 17:49:00 GMT

One of our security researchers just happened to stumble across this interesting Highscores area of a free Flash skeet shooting game. Notice scores 6-10. Now I'm not saying he had anything to do with this. What I am saying is that if your query parameters...(read more)

Talking Headers: Part 1

Chris Sullo — Fri, 29 May 2009 14:58:00 GMT

Some people collect coins, DVDs or comic books. Others collect cars or Star Wars toys. Among other things, I like to collect HTTP headers. They take up a lot less space than cars, and can have a much higher return value than Mark McGwire's rookie...(read more)

Social Insecurity

todd.densmore — Thu, 28 May 2009 20:57:00 GMT

Not too long ago, one could trust the big corporate names to run clean websites. You had to go surfing down some shady back alleys of the web to expose yourself to malware. Those were the naïve days of the pre-adolescent internet, when firewalls...(read more)

Top Five Web Application Vulnerabilities 5/12/09 - 5/25/09

mark.painter — Wed, 27 May 2009 15:16:00 GMT

1) Novell GroupWise WebAccess Multiple Security Vulnerabilities Novell GroupWise WebAccess is susceptible to multiple vulnerabilities including Cross-Site Scripting and issues of security restriction bypass. Attackers who successfully exploit these vulnerabilities...(read more)

The Internet is an unsafe place

mark.painter — Fri, 22 May 2009 15:36:00 GMT

Two recent studies have cast some light on the current state of web application security. How bad is it out there? Bad. 82% of web sites had either a Critical, High, or Urgent vulnerability within the past calendar year, with Cross-Site Scripting being...(read more)

Microsoft's ClickOnce Firefox add-on

Chris Sullo — Fri, 22 May 2009 14:35:00 GMT

With Firefox, I just went to download a certain new version 2.0 web browser and and was surprised that after hitting the license accept button Firefox started up an installer, downloaded the application and installed it without any prompts or questions...(read more)