More SSL Mess - Logjam
Posted: Thursday, May 21, 2015 3:18 AM by Tamas Rudnai

More SSL Mess - Logjam

Can we get through a quarter without a major high profile SSL vulnerability? OpenSSL regularly patches high severity issues, however only certain vulnerabilities catch the media’s fancy. Logjam adds to the list of recently discovered high profile SSL vulnerabilities, which include Heartbleed, Poodle and FREAK to name a few. With an estimated 8.4 percent of the Top 1 million domains affected at the time of publication of this blog, this vulnerability poses a significant risk to the internet ecosystem much the same way its predecessors have and still do.

...   Read more >
The Radicati Group Positions Websense as Top Player in APT Protection
Posted: Monday, May 4, 2015 8:05 AM by Susan Helmick
Independent Market Research Firm Names TRITON APX Market Leader in Market Quadrant AUSTIN, Texas, May 4, 2015 – Websense, Inc. a global leader in protecting organizations from the latest cyber attacks and data theft, was designated today as a Top...   Read more >
Turn $1 into $100 right away…..Your personal files are encrypted!
Posted: Wednesday, April 29, 2015 3:00 PM by MarkHaffenden
Those are the five words that no one wants to see pop up on their screen. Websense® Security Labs™ researchers have identified an interesting tactic in the proliferation of Crypto ransomware. One published example exploits the very human vulnerability...   Read more >
Andromeda – An attack kill chain analysis
Posted: Tuesday, April 28, 2015 4:00 PM by uwang
The Andromeda botnet, initially discovered in late 2011, is a highly modular platform for malicious activity. While it consists of key loggers, rootkits, anti-VM, anti-debugging and proxy features, it is mostly used as a method to establish a reliable...   Read more >
Charting the Unexplored Threat Galaxy
Posted: Monday, April 27, 2015 10:30 AM by Ran Mosessco
We live in a world where the cyber threat landscape is very dynamic. Actionable threat intelligence is buried deep within terabytes of seemingly interesting but irrelevant data. Plausible deniability, false positives, lack of traceability and attribution...   Read more >
Websense Comes First in Miercom Web Gateway Study
Posted: Friday, April 24, 2015 5:40 PM by Susan Helmick
On Tuesday of this week, premier independent test lab Miercom released the results of its ‘ Secure Web Gateway Industry Study ,’ featuring Websense TRITON AP-WEB and seven competing security solutions. Websense distinguished itself at protecting...   Read more >
Opportunity Knows No Boundary: A Case Study of Acquisition
Posted: Friday, April 24, 2015 10:35 AM by uwang
On Monday, April 20, Raytheon and Websense announced a new venture , outlining the defense industry contractor’s planned acquisition of 80% of the internet security firm. By Thursday, April 23, an ambitious attack was unleashed and directed at Websense...   Read more >
Low volume targeted attack linked to US Government targets, uses multiple evasion tactics
Posted: Wednesday, April 22, 2015 1:00 PM by Carl Leonard
Over the last few months, Websense® Security Labs™ researchers have tracked and analyzed the attack methods of a low-volume, targeted attack linked to the US Federal government space. The attack uses a combination of evasion tactics throughout...   Read more >
Miercom 2015 Secure Web Gateway Industry Assessment Testing Results
Posted: Tuesday, April 21, 2015 2:00 PM by Susan Helmick
PRINCETON, New Jersey—April 21, 2015 — Miercom , leading the industry in security testing, has completed the 2015 Secure Web Gateway Industry Assessment Review. The latest products from market leaders were put through a series of tests that...   Read more >
Raytheon and Vista Equity Partners enter agreement to form new cybersecurity company
Posted: Monday, April 20, 2015 6:05 AM by Susan Helmick
Joint venture combines Raytheon Cyber Products with Websense ®, Inc. Raytheon will invest $1.57 billion in net cash for majority ownership of the new company; Vista will also invest into the new company New company will provide broad set of defense...   Read more >
Websense 2015 Threat Report: Top Takeaways for the C-Suite
Posted: Wednesday, April 15, 2015 4:34 PM by Neil Thacker
Last week, Websense released its 2015 Threat Report. This year’s report dives into how existing tools, not technical expertise, are being increasingly used to infiltrate and navigate networks. Rather than reinvent the wheel, or in this case the...   Read more >
Shellshock - Not a Can of Worms if You Patch
Posted: Tuesday, April 14, 2015 8:40 AM by AToro
In information security, 2014 will undoubtedly remain infamous for at least two vulnerabilities that affected the vast majority of the Internet infrastructure and users: Heartbleed and Shellshock . While most system administrators scrambled to apply patches...   Read more >
"Redirect To SMB" Technique Re-Exposes 18-Year-Old Vulnerability
Posted: Monday, April 13, 2015 11:30 AM by Carl Leonard
The Websense Security Labs™ team is aware of a recent discovery that provides attackers with the potential to intercept sensitive user credentials (username, domain, and hashed password). The attack relies on an end user being directed to, and authenticating...   Read more >
Websense 2015 Threat Report: Cybercrime Gets Easier, Attribution Gets Harder, Quality over Quantity and Old becomes the New
Posted: Wednesday, April 8, 2015 8:05 AM by Susan Helmick
New report examines eight trends that pose significant data theft risks for organizations AUSTIN, Texas—April 8, 2015 — Websense , Inc. a global leader in protecting organizations from the latest cyber attacks and data theft, today released...   Read more >
Websense Security Labs Publishes 2015 Threat Report
Posted: Wednesday, April 8, 2015 5:40 AM by Carl Leonard
The Websense® Security Labs™ team has produced our annual Threat Report, the must-read analysis of what’s really happening in the cyber landscape. The human and technical aspects of cyber threats changed dramatically in 2014. We saw new...   Read more >
Filed under:
Over-indulgence in the Easter Eggsploit Kit
Posted: Monday, April 6, 2015 12:00 PM by Jose Barajas
Photography by User: MrX As Peter Cottontail went hippity-hoppin’ down the bunny trail this past Easter weekend, he found it strewn with a different kind of Easter egg: the Fiesta exploit kit, hidden in insidious fashion among the downloadable coloring...   Read more >
Assertiveness is a valuable quality for the C-Level and cyber crooks alike
Posted: Monday, March 30, 2015 1:00 PM by Jose Barajas
Beware, spear-phishing is striking again - Websense Security Labs has become aware of recent spear-phishing attempts utilizing what appear to be forwarded legitimate email messages and a typo-squatted domain. If these targeted attempts are successful...   Read more >
Shopping for a DLP Solution? Ask Yourself These Five Questions First
Posted: Monday, March 23, 2015 5:36 PM by Websense Technical Marketing
“We will never be 100 percent successful in keeping people out of our systems.” So said Dr. Charles Romine, Director of the Information Technology Laboratory, at the U.S. Department of Commerce in remarks to a Senate Committee just days before...   Read more >
RESEARCH: Penalties, Punishment & Prison for Serious Data Breaches say e-Crime Congress Respondents
Posted: Monday, March 23, 2015 3:43 PM by Susan Helmick
Reasons for companies not taking action against data theft include cyber security skills shortage, lack of prioritization & doing the minimum required for legal compliance AUSTIN, Texas —March 23, 2015 — Websense , Inc. a global leader...   Read more >
SSL - a FREAKishly long existence
Posted: Wednesday, March 4, 2015 2:00 AM by Tamas Rudnai

SSL, widely adopted and living on borrowed time, has clearly had a rough year. After Heartbleed, Poodle, and many other high-profile vulnerabilities comes FREAK (Factoring attack on RSA-EXPORT Keys), which at the time of publication of this blog breaks approximately 36% of all sites trusted by browsers as per this link including websites belonging to the NSA and FBI. About 12% of high ranked Alexa websites are also believed to be vulnerable to the flaw at this time, thereby placing visitors to these sites at high risk.

 

Exposure and Impact

 

The vulnerability, discovered by Karthikeyan Bhargavan at INRIA in Paris and the mitLS team allows an active attacker to perform a man-in-the-middle attack by downgrading the encrypted connection between a vulnerable client and a server that accepts export-grade RSA keys to 512-bits. The captured key can then be factored using the public cloud in a matter of hours and further be used for decryption of communication between the client and the server. Once the key has been compromised, all personal information including passwords, financial data, etc. is at risk.

...   Read more >
Filed under: , , ,
More News & Views...