Log in
E-mail
Password
Show password
Remember
Forgot password ?
Become a member for free
Sign up
Sign up
New member
Sign up for FREE
New customer
Discover our services
Settings
Settings
Dynamic quotes 
OFFON
  1. Homepage
  2. Equities
  3. United States
  4. Nyse
  5. HP Inc.
  6. News
  7. Summary
    HPQ   US40434L1052

HP INC.

(HPQ)
  Report
Delayed Quote. Delayed Nyse - 11/26 01:10:00 pm
34.58 USD   -2.43%
11/24Wall Street ends higher; Nvidia surge offsets Nordstrom, Gap slide
RE
11/24Tech Stocks Adding to Morning Rise
MT
11/24Wall Street mixed; Nordstrom and Gap tumble after results
RE
SummaryQuotesChartsNewsRatingsCalendarCompanyFinancialsConsensusRevisions 
SummaryMost relevantAll NewsAnalyst Reco.Other languagesPress ReleasesOfficial PublicationsSector newsMarketScreener Strategies

HP : Threat Research Shows Attackers Exploiting Zero?Day Vulnerability Before Enterprises Can Patch

10/15/2021 | 09:06am EST

PALO ALTO, Calif. - HP Inc. (NYSE: HPQ) released its latest global HP Wolf Security Threat Insights Report, providing analysis of real-world cybersecurity attacks. By isolating threats that have evaded detection tools and made it to user endpoints, HP Wolf Security has a unique insight into the latest techniques being used by cybercriminals.

The HP Wolf Security threat research team found evidence that cybercriminals are mobilizing quickly to weaponize new zero-day vulnerabilities. Exploits of the zero-day CVE-2021-404441 - a remote code execution vulnerability that enables exploitation of the MSHTML browser engine using Microsoft Office documents - were first captured by HP on September 8, a week before the patch was issued on September 14.

By September 10 - just three days after the initial threat bulletin - the HP threat research team saw scripts designed to automate the creation of this exploit being shared on GitHub. Unless patched, the exploit enables attackers to compromise endpoints with very little user interaction. It uses a malicious archive file, which deploys malware via an Office document. Users don't have to open the file or enable any macros, viewing it in File Explorer's preview pane is enough to initiate the attack, which a user often will not know has happened. Once the device is compromised, attackers can install backdoors to systems, which could be sold on to ransomware group.

Other notable threats isolated by the HP Wolf Security threat insight team include

Rise in cybercriminals using legitimate Cloud and web providers to host malware: A recent GuLoader campaign was hosting the Remcos Remote Access Trojan (RAT) on major platforms like OneDrive to evade intrusion detection systems and pass whitelisting tests. HP Wolf Security also discovered multiple malware families being hosted on gaming social media platforms like Discord.

JavaScript malware slipping past detection tools: A campaign spreading various JavaScript RATs spread via malicious email attachments. JavaScript downloaders have a lower detection rate than Office downloaders or binaries. RATs are increasingly common as attackers aim to steal credentials for business accounts or crypto wallets.

Targeted campaign found posing as the Ugandan National Social Security fund: Attackers used 'typosquatting' - using a spoofed web address similar to an official domain name - to lure targets to a site that downloads a malicious Word document. This uses macros to run a PowerShell script that blocks security logging and evades the Windows Antimalware Scan Interface feature.

Switching to HTA files spreads malware in a single click: The Trickbot Trojan is now being delivered via HTA (HTML application) files, which deploy the malware as soon as the attachment or achive file containing it is opened. As an uncommon file type, malicious HTA files are less likely to be spotted by detection tools.

'The average time for a business to apply, test and fully deploy patches with the proper checks is 97 days, giving cybercriminals an opportunity to exploit this 'window of vulnerability'. While only highly capable hackers could exploit this vulnerability at first, automated scripts have lowered the bar for entry, making this type of attack accessible to less knowledgeable and resourced threat actors. This increases the risk to businesses substantially, as zero-day exploits are commoditized and made available to the mass market in venues like underground forums,' explains Alex Holland, Senior Malware Analyst, HP Wolf Security threat research team, HP Inc. 'Such novel exploits tend to be effective at evading detection tools because signatures may be imperfect and become obsolete quickly as the understanding of the scope of an exploit changes. We expect threat actors to adopt CVE-2021-40444 as part of their arsenals, and potentially even replace common exploits used to gain initial access to systems today, such as those exploiting Equation Editor.'

'We are also seeing major platforms like OneDrive allowing hackers to conduct 'flash in the pan' attacks. While malware hosted on such platforms are generally taken down quickly, this does not deter attackers because they can often achieve their objective of delivering malware in the few hours the links are live,' Holland continues. 'Some threat actors are changing the script or file type they are using every few months. Malicious JavaScript and HTA files are nothing new, but they are still landing in employee inboxes, putting the enterprise at risk. One campaign deployed Vengeance Justice Worm, which can spread to other systems and USB drives.'

The findings are based on data from the millions of endpoints running HP Wolf Security. HP Wolf Security tracks malware by opening risky tasks in isolated, micro Virtual Machines (micro VMs) to understand and capture the full infection chain, helping to mitigate threats that have slipped past other security tools. This has let customers click on over 10 billion email attachments, web pages, and downloads with no reported breaches2. By better understanding the behavior of malware in the wild, HP Wolf Security researchers and engineers can bolster endpoint security protection and overall system resilience.

Key findings in the report include: 12% of email malware isolated had bypassed at least one gateway scanner, 89% of malware detected was delivered via email, while web downloads were responsible for11%, and other vectors like removable storage devices for less than 1%, The most common attachments used to deliver malware were archive files (38% - up from 17.26% last quarter), Word documents (23%), spreadsheets (17%), and executable files (16%), The top five most common phishing lures were related to business transactions such as 'order', 'payment', 'new', 'quotation' and 'request'

The report found 12% of malware captured was previously unknown3

'We can't keep relying on detection alone. The threat landscape is too dynamic and, as we can see from the analysis of threats captured in our VMs, attackers are increasingly adept at evading detection,' comments Dr. Ian Pratt, Global Head of Security for Personal Systems, HP Inc. 'Organizations must take a layered approach to endpoint security, following zero trust principles to contain and isolate the most common attack vectors like email, browsers, and downloads. This will eliminate the attack surface for whole classes of threats, while giving organizations the breathing room needed to coordinate patch cycles securely without disrupting services.'

About the data

This data was gathered within HP Wolf Security customer virtual-machines from July - September 2021.

About HP

HP Inc. creates technology that makes life better for everyone, everywhere. Through our product and service portfolio of personal systems, printers, and 3D printing solutions, we engineer experiences that amaze. More information about HP Inc. is available at http://www.hp.com.

About HP Wolf Security

From the maker of the world's most secure PCs4 and Printers5, HP Wolf Security is a new breed6 of endpoint security. HP's portfolio of hardware-enforced security and endpoint-focused security services are designed to help organizations safeguard PCs, printers, and people from circling cyber predators. HP Wolf Security provides comprehensive endpoint protection and resiliency that starts at the hardware level and extends across software and services.

Contact:

Vanessa Godsal

HP

E: vgodsal@hp.com

(C) 2021 Electronic News Publishing, source ENP Newswire

All news about HP INC.
11/24Wall Street ends higher; Nvidia surge offsets Nordstrom, Gap slide
RE
11/24Tech Stocks Adding to Morning Rise
MT
11/24Wall Street mixed; Nordstrom and Gap tumble after results
RE
11/24HP Fiscal Q4 Adjusted Earnings, Revenue Rise; Sets FY 2022 Guidance -- Shares Climb
MT
11/24Top Midday Gainers
MT
11/24Equities Mixed Midday to Erase Earlier Losses as Weekly Jobless Claims Plunge
MT
11/24Tech Stocks Rebound, Hold Gains in Afternoon Trading
MT
11/24MIDDAY REPORT : US Stocks Erase Earlier Losses as Weekly Jobless Claims Plunge, PCE Prices..
MT
11/24GLOBAL MARKETS LIVE : Valneva, Dell, HP, The Gap, Booking...
11/24Wells Fargo Adjusts HP's Price Target to $35 From $30, Keeps Equal-Weight Rating
MT
More news
Analyst Recommendations on HP INC.
More recommendations
Financials (USD)
Sales 2021 62 234 M - -
Net income 2021 4 394 M - -
Net Debt 2021 4 489 M - -
P/E ratio 2021 9,63x
Yield 2021 2,37%
Capitalization 39 854 M 39 854 M -
EV / Sales 2021 0,71x
EV / Sales 2022 0,69x
Nbr of Employees 53 000
Free-Float 99,8%
Chart HP INC.
Duration : Period :
HP Inc. Technical Analysis Chart | HPQ | US40434L1052 | MarketScreener
Technical analysis trends HP INC.
Short TermMid-TermLong Term
TrendsBullishBullishNeutral
Income Statement Evolution
Consensus
Sell
Buy
Mean consensus OUTPERFORM
Number of Analysts 18
Last Close Price 34,58 $
Average target price 35,05 $
Spread / Average Target 1,37%
EPS Revisions
Managers and Directors
Enrique Lores President, Chief Executive Officer & Director
Marie E Myers Chief Financial Officer
Charles Victor Bergh Chairman
Glenn Hopkins Chief Technology Officer & Global Head-HP Labs
Barb Barton Weiszhaar Operations Lead & Controller
Sector and Competitors
1st jan.Capi. (M$)
HP INC.40.63%39 854
DELL TECHNOLOGIES INC.-23.35%42 984
GOERTEK INC.38.61%27 047
SEAGATE TECHNOLOGY HOLDINGS PLC58.66%21 956
HEWLETT PACKARD ENTERPRISE COMPANY21.77%18 875
LOGITECH INTERNATIONAL S.A.-8.99%14 189