Official Website of Popular Science Compromised
Posted: Tuesday, October 28, 2014 6:25 PM by AToro
Websense® ThreatSeeker® Intelligence Cloud has detected that the official website of Popular Science has been compromised and is serving malicious code. Popular Science is a well-established monthly magazine with a readership of more than a million...   Read more >
When Did You Last Look Into a Crystal Ball? Announcing our 2014 Predictions Accuracy Report
Posted: Friday, October 24, 2014 8:10 PM by Carl Leonard
Hindsight is a wonderful thing. If the open source community had anticipated the implications of the vulnerability that lead to OpenSSL Heartbleed and businesses had anticipated the fallout from Shellshock would things have been different? They sure would...   Read more >
Ebola Spreads - In Cyber Attacks Too
Posted: Thursday, October 23, 2014 7:38 AM by uwang
The Ebola virus has been spreading in West Africa since first appearing in Guinea in December, 2013. Its rising rate of infection, high mortality rate, and challenging isolation and containment requirements have raised world-wide alarm. Against that backdrop...   Read more >
POODLE Vulnerability: This Pooch is a Pain
Posted: Thursday, October 16, 2014 7:04 PM by Bob Hansmann
Tuesday the Google Security Team announced the discovery of a bug in web-encryption technology that could allow hackers to view confidential information like passwords and other encrypted information sent over web connections. What is it? A new critical...   Read more >
Filed under: , , ,
SSLv3 "POODLE" Vulnerability CVE-2014-3566
Posted: Wednesday, October 15, 2014 3:40 AM by ngriffin
CVE-2014-3566 Overview Websense® Security Labs are aware of a critical vulnerability that exists in SSLv3, dubbed as "POODLE" by the Google Security Team . The vulnerability has also been explained in a security advisory by OpenSSL and given...   Read more >
Filed under: , ,
National Cyber Security Awareness Month – Take The Opportunity to Make Changes for the Future
Posted: Thursday, October 09, 2014 12:56 AM by Carl Leonard
Security awareness is a year-round responsibility for all of us. However, take the opportunity during National Cyber Security Awareness Month (NCSAM), a U.S.-led initiative, to further promote cyber security best practice and awareness within your own...   Read more >
Your Best Response to BadUSB
Posted: Monday, October 06, 2014 10:47 PM by Bob Hansmann
A newly discovered flaw in USBs, dubbed BadUSB , that allows them to become automated hacking tools is the latest challenge for data security professionals. This recently announced vulnerability may fundamentally change how the world uses and shares information...   Read more >
Shellshock Brief
Posted: Thursday, October 02, 2014 5:09 PM by Bob Hansmann
One week after its discovery, the fallout from the Shellshock or 'BashBug' Vulnerability continues to grow. As noted in our initial assessment, Linux and Mac OS X systems, including those running Bash versions up to 4.3, may be exploitable by...   Read more >
Malware in the Wild Abusing "Shellshock" Vulnerability
Posted: Wednesday, October 01, 2014 3:08 AM by Carl Leonard
Since the Shellshock vulnerability became public knowledge , our ThreatSeeker® Intelligence Cloud has seen evidence of this vulnerability being exploited in the wild to drop malware. We shall illustrate one such example below: Backdoors and Bot Nets...   Read more >
Brace for “Shellshock” – 25-year-old Vulnerability is Set to Detonate Against Global Webservers
Posted: Friday, September 26, 2014 11:04 PM by Bob Hansmann
Like an unexploded artillery shell laying dormant for decades, a highly dangerous vulnerability affecting widespread operating system code developed in the 1980’s has placed website operators and security professionals around the world on high alert...   Read more >
CVE-2014-6271 - Remote 'Shellshock' Vulnerability in Bash
Posted: Thursday, September 25, 2014 9:30 AM by ngriffin
CVE-2014-6271 Overview A vulnerability present in Bash up to version 4.3 has been found by Stephane Chazelas. Bash is a shell program found in a range of Unix-based operating systems such as Linux and Mac OS X - a very large population of affected systems...   Read more >
Ongoing Targeted Attacks Continue to Plague Healthcare
Posted: Friday, September 12, 2014 9:00 AM by AToro
Websense® ThreatSeeker® Intelligence Cloud has detected a phishing campaign that targets the Healthcare sector--especially hospitals--phishing for Outlook credentials. This campaign is part of an ongoing trend of campaigns phishing for credentials...   Read more >
Time to Refresh: Overhauling Security Technology and Systems
Posted: Monday, September 08, 2014 6:53 PM by Neil Thacker
The recent Websense/Ponemon Institute report gave a number of poignant insights into the minds of security professionals. Possibly most telling of all was the number stating that given the resources and opportunity, they would completely overhaul their...   Read more >
Celebrity Photo Data Hack: Lessons for Businesses and Consumers
Posted: Thursday, September 04, 2014 10:52 PM by Charisse Castagnoli
If you're a fan of Jennifer Lawrence, Kirsten Dunst, Kate Upton and others, you may be aware that some of their sensitive personal photos were apparently leaked online over the weekend. These photographs were allegedly obtained through a brute force...   Read more >
Time to Refresh? Communication Roadblocks are Barriers to Reducing the Risk of a Cyber Attack.
Posted: Monday, August 25, 2014 6:46 PM by Neil Thacker
Continuing our analysis of "Roadblocks, Refresh & Raising the Human Security IQ", we now dig deeper into the apparent communication disconnect between executives and security teams. Decision makers and front line security professionals need...   Read more >
Kelihos Botnet Trying to Expand by Harnessing Russian National Sentiments
Posted: Friday, August 22, 2014 2:40 PM by Ran Mosessco
Websense® Security Labs™ has come across an interesting campaign, targeting Russian nationals, trying to lure them to download and run executables on their computers, under the guise of attacking Western government websites. This is presented...   Read more >
Filed under: , ,
Black Hat Takeaways, API Security Roundtable: Lessons Learned in API Security
Posted: Wednesday, August 20, 2014 7:35 PM by Charisse Castagnoli
At Black Hat, Zane Lackey (Signals Sciences, Internet Bug Bounty Program), lead a well-attended discussion about the need to be more thoughtful in our design and implementation of APIs. Externalized APIs are enabling new information sharing paradigms...   Read more >
4.5 Million Customer Data Records Stolen from US Hospitals
Posted: Tuesday, August 19, 2014 3:05 AM by Tamas Rudnai
4.5 million sensitive patient data records have been exfiltrated by a Chinese hacker group, according to a report made on Monday by the US Securities and Exchange Commission. The data includes names, addresses, phone numbers, and Social Security Numbers...   Read more >
Websense Launches Innovative Marketplace to Rapidly Deliver Advanced Cyber Security Value and Address Security Skills Shortage
Posted: Thursday, August 14, 2014 1:05 PM by Adam Bennett
Websense expands best-in-class, cost-effective security services options for customers and partners AUSTIN , August 14, 2014 - Websense, Inc. the global leader in protecting organizations from the latest cyber attacks and data theft, today announced the...   Read more >
Time to Refresh? Global Survey Raises Concerns over Security
Posted: Monday, August 11, 2014 2:20 AM by Neil Thacker
The last thing you want to hear is that a critical security countermeasure is not fit for purpose, but that is precisely what a significant number of security professionals are saying, in the second instalment of findings from Ponemon Institute's...   Read more >
More News & Views...