Choose from several options for complete web, email and data security.
Learn more
Evaluate Websense products by watching demos and installing evaluation software.
Learn how Websense solutions help keep our customer safe, secure and productive
Get information on product updates, support resources and more.
Get the most out of support in five simple steps.
Find tools and assets to help sell Websense solutions.
Come work for the global leader in unified information security. Go
Contact us>
A new vulnerability found in Microsoft Internet Explorer affects Internet Explorer version 8. The vulnerability allows attackers to execute code on a machine by just having the user visit a malicious website. This can happen, for example, when the user is tricked into clicking a link in an email or via compromised legitimate websites such as the recently compromised Department of Labor website which was subsequently used in a water-hole attack. Malicious payloads delivered from this compromise were confirmed by Microsoft to exploit the new vulnerability, designated CVE-2013-1347.
This blog describes briefly what WebShells are, and how attackers can use WebShells to gain powerful shell level/system level access to a server. WebShells have been used in attacks for quite a long time now, but with changes in attack trends, cyber criminals are getting more sophisticated with deployment techniques and methods to circumvent detection. With the help of our Websense® ThreatSeeker® Intelligence Cloud, we came across a few examples in which attackers have used different techniques. These are elaborated on further in this blog.
Many mass compromises are accomplished in an automated fashion: vulnerabilities are enumerated, and after one is found, exploits are automatically deployed. The takeover process usually involves downloading a remote administration tool for the compromised website. One common tool deployed by attackers once they compromise a website is a WebShell.
Whilst the world recoils in shock at the atrocious events at Monday's Boston Marathon, cyber-criminals are actively seeking to exploit people's thirst for information and eagerness to help those affected by the attacks.The Websense ThreatSeeker® Network is currently detecting and blocking multiple email-borne campaigns that attempt to lure unsuspecting recipients to malicious websites in order to exploit their machines for criminal gains.
Let's follow this campaign through the 7 Stages of Advanced Threats (as explained in our whitepaper) to see how cyber-criminals attempt to dupe and compromise users and their machines. We'll also show that breaking any one link in the chain can protect potential victims.
Websense® Security Labs™ got an alert from Websense ThreatSeeker® Network just one hour ago. The ThreatSeeker Network has detected that a DNS poisoning attack is happening in Kenya, with local big name websites in information technology targeted including Google, Bing, and LinkedIn. Although it is just a defaced page, it could easily be replaced with a malicious page by the attackers.
Follow us on SpiceWorks
BlogRoll
We want to hear from you!
