Kelihos Botnet Trying to Expand by Harnessing Russian National Sentiments
Posted: Friday, August 22, 2014 2:40 PM by Ran Mosessco
Websense® Security Labs™ has come across an interesting campaign, targeting Russian nationals, trying to lure them to download and run executables on their computers, under the guise of attacking Western government websites. This is presented...   Read more >
Filed under: , ,
Black Hat Takeaways, API Security Roundtable: Lessons Learned in API Security
Posted: Wednesday, August 20, 2014 7:35 PM by Charisse Castagnoli
At Black Hat, Zane Lackey (Signals Sciences, Internet Bug Bounty Program), lead a well-attended discussion about the need to be more thoughtful in our design and implementation of APIs. Externalized APIs are enabling new information sharing paradigms...   Read more >
4.5 Million Customer Data Records Stolen from US Hospitals
Posted: Tuesday, August 19, 2014 3:05 AM by Tamas Rudnai
4.5 million sensitive patient data records have been exfiltrated by a Chinese hacker group, according to a report made on Monday by the US Securities and Exchange Commission. The data includes names, addresses, phone numbers, and Social Security Numbers...   Read more >
Websense Launches Innovative Marketplace to Rapidly Deliver Advanced Cyber Security Value and Address Security Skills Shortage
Posted: Thursday, August 14, 2014 1:05 PM by Adam Bennett
Websense expands best-in-class, cost-effective security services options for customers and partners AUSTIN , August 14, 2014 - Websense, Inc. the global leader in protecting organizations from the latest cyber attacks and data theft, today announced the...   Read more >
Time to Refresh? Global Survey Raises Concerns over Security
Posted: Monday, August 11, 2014 2:20 AM by Neil Thacker
The last thing you want to hear is that a critical security countermeasure is not fit for purpose, but that is precisely what a significant number of security professionals are saying, in the second instalment of findings from Ponemon Institute's...   Read more >
1.2 Billion Passwords Accumulated by CyberVor Cybercriminals
Posted: Thursday, August 07, 2014 5:26 PM by Carl Leonard
Websense® Security Labs™ has seen reports that a small group of cybercriminals, dubbed CyberVor, has amassed a total of 4.5 billion records. These records pertain to a reported quantity of 1.2 billion unique username and password combinations...   Read more >
"BackOff" POS High Level Analysis: Exposing Additional Sensitive Targets and Additional Toolkits in The Cyber Criminal Arsenal
Posted: Wednesday, August 06, 2014 7:00 AM by Elad Sharf
Websense® Security Labs™ has received reports about the new "Point Of Sale" malware dubbed "BackOff" as published by The US Homeland Security office. We have decided to explore the activity through ThreatSeeker® Intelligence...   Read more >
METRO.US Website Compromised to Serve Malicious Code
Posted: Tuesday, July 22, 2014 4:18 PM by Ran Mosessco
Websense® ThreatSeeker® Intelligence Cloud has detected that the U.S. version of the Metro International website (metro.us) has been compromised and is serving malicious code. Metro newspaper editions are distributed in high-traffic commuter zones...   Read more >
The Bitly API key and MSNBC unvalidated redirects
Posted: Monday, July 21, 2014 8:00 AM by Pietro Bempos
Websense Security Labs™ has observed a spam/fraud campaign whereby a user is redirected from a real news site to a fake news site. In this case the real site is msnbc.com, which belongs to the well-known cable and satellite channel MSNBC. We have...   Read more >
Filed under: , ,
Global Study: Nearly 30 Percent of Security Professionals Would Completely Overhaul Their Current Enterprise Security System Given Resources & Opportunity
Posted: Thursday, July 17, 2014 8:05 AM by Adam Bennett
AUSTIN , July 17, 2014 - Today, Websense, Inc. released new findings from the global Ponemon Institute survey, “Roadblocks, Refresh, & Raising the Human Security IQ,” which uncovered the communication challenges between IT security professionals...   Read more >
Zeus PIF - The evolving strain looking to defeat your security software
Posted: Monday, July 07, 2014 2:34 PM by Elad Sharf
Websense Security Labs™ have identified a Zeus strain that implements information stealing procedures that appear to be an evolution of the 'DNA' of previous emerging Zeus variants. The Zeus variants in the campaign we're about to describe...   Read more >
Latest Gartner Magic Quadrant for Secure Web Gateways Recognizes Websense as a Leader for Fifth Time
Posted: Monday, July 07, 2014 1:05 PM by Adam Bennett
Independent analysis recognizes Websense and TRITON solutions for completeness of vision and ability to execute SAN DIEGO , July 7, 2014 - Websense, Inc. , a global leader in protecting organizations from advanced cyber attacks and data theft, today announced...   Read more >
Dragonfly's Attacks Against Energy Suppliers - Are You Protected?
Posted: Monday, July 07, 2014 10:47 AM by Carl Leonard
Dragonfly, a group of attackers making headlines recently , has been conducting a malicious campaign targeting the energy sector and industrial control systems (ICS). While the attack vectors in use are common, the group's compromise of update sites...   Read more >
Demystifying NIST – Part 3 – The Future
Posted: Wednesday, July 02, 2014 10:57 AM by Lamont Orange
In the field, I hear a lot of questions about why the NIST framework is particularly more effective than other standards and if it's designed to protect against future threats. The answer to both questions is "yes." Q. How do other current...   Read more >
Demystifying NIST – Part 2 – Implementation
Posted: Tuesday, July 01, 2014 10:00 AM by Lamont Orange
During my last blog post on NIST , I discussed the impact the framework will have on business, specific industries and critical infrastructure. Let's now discuss how businesses can it use to drive business processes. Through the introduction of the...   Read more >
Demystifying NIST – What the New Cybersecurity Framework Means to You
Posted: Tuesday, June 24, 2014 10:00 AM by Lamont Orange
In February 2013, President Obama issued Executive Order 13636: Improving Critical Infrastructure Cybersecurity. The order called for the development of a voluntary, risk-based Cybersecurity Framework - a set of existing standards, guidelines and practices...   Read more >
The official website of AskMen is compromised to serve malicious code
Posted: Monday, June 23, 2014 2:55 PM by AToro
Websense® ThreatSeeker® Intelligence Cloud has detected that the official website of AskMen (at www.askmen.com ), a popular free online men's web portal , has been compromised and injected with malicious "drive by" code that appears...   Read more >
Zberp - is there anything to fear?
Posted: Thursday, June 19, 2014 10:31 AM by ngriffin
Websense Security Labs™ see a lot of new malware names on a daily basis. Some are brand new and unique, and others are spin-off variants of well known malware. Recently the name 'Zberp' appeared in the media, with reports suggesting it combines...   Read more >
Filed under: , , , ,
Putting Cyber Criminals on Notice: Watch Your Flank
Posted: Thursday, June 12, 2014 8:45 AM by AToro
In their rush to exploit users, hackers have littered their own creations with easily exploitable vulnerabilities. They're learning that it's not so easy to write secure code. In fact, most of us in the business of securing our applications and...   Read more >
Zeus GameOver
Posted: Tuesday, June 03, 2014 5:36 PM by ngriffin
Zeus is a malware family that we encounter frequently, due to its popularity with cyber-criminal groups. Ever since the Zeus source code was leaked in 2011, there have been many new variants. One such variant is dubbed ‘GameOver’, which recently...   Read more >
More News & Views...