Flash forward – Angler, here we come
Posted: Tuesday, January 27, 2015 2:40 AM by Tamas Rudnai

As mentioned in the post, “Happy Nucl(y)ear - Evolution of an Exploit Kit”, we were planning to discuss the Angler exploit kit in detail in an upcoming post. However, the exploitation of a critical Adobe Flash 0-day vulnerability (CVE-2015-0311, patched) via the Angler exploit kit has fast-tracked our efforts and in this blog, we present the strategy adopted by the exploit kit to evade detection of the 0-day by security scanners. 0-days are valuable commodities and the longer they remain undiscovered, the more value they appropriate for the attacker(s).

 

 

Just as defense-in-depth is used as a strategy in the protection scenario, layered obfuscation is its equivalent in the evasion scenario. The attacker is interested in adopting a defense-in-depth approach to protect his / her investment and get the most ROI from exploits. A parallel in the physical world is a medieval castle which was protected by multiple wall system, so even when the external wall had taken down by catapults the so called inner castle was still standing strong.

...   Read more >
Presidential Proposals and Good Governance
Posted: Monday, January 26, 2015 3:50 PM by Charisse Castagnoli
Recently, the President proposed several pieces of legislation meant to increase cyber security and prevent cyber-crime. These new proposals aim to expand federal data protection requirements, currently only applied to healthcare organizations, financial...   Read more >
Flash 0-day being distributed by Angler Exploit Kit
Posted: Thursday, January 22, 2015 4:41 AM by ngriffin
Websense is aware of a new zero-day vulnerability in Adobe Flash Player, which has been seen exploited in-the-wild by the Angler Exploit Kit. The exploit, as reported by security researcher Kafeine , is known to affect the latest 16.0.0.287 version of...   Read more >
Happy Nucl(y)ear - Evolution of an Exploit Kit
Posted: Thursday, January 15, 2015 5:50 AM by AToro
This blog post discusses how Nuclear Pack, one of the most popular exploit kits, has evolved, and highlights the constant, ongoing arms race between attackers and defenders. While Nuclear Pack is not the most sophisticated exploit kit--that dubious distinction...   Read more >
Websense Announces John Starr as New Channel VP
Posted: Wednesday, January 14, 2015 1:05 PM by News Release Archive
Experienced Executive Will Grow Global Channel Collaboration and Innovative New Security Markets for Partners AUSTIN, Texas , Jan. 14, 2015 -- Websense, Inc. , the global leader in protecting organizations from the latest cyber attacks and data theft...   Read more >
Filed under: ,
Websense Transformation Delivers New TRITON® APX 8.0 Platform to Surface Threats, Combat Skills Deficit & Provide Advanced Data Theft Prevention
Posted: Tuesday, January 13, 2015 7:05 AM by Adam Bennett
Websense Addresses Skills Gap with TRITON APX 8.0, the Result of 18 Months of Business Transformation & Innovation AUSTIN, Texas - January 13, 2015 - Websense, Inc. a global leader in protecting organizations from the latest cyber attacks and data...   Read more >
Why Methodology Matters: Guidelines for Evaluating a Real-World Security Test
Posted: Wednesday, January 07, 2015 9:31 PM by Websense Technical Marketing
In the last year, we have seen security vendors and well-known testing labs go toe-to-toe in headlines, blogs and social media over the methodology used to produce final test results. Claims of flawed methodologies, out-of-date software, improperly configured...   Read more >
'Tis the Season For…A New Year of Cyber Threats
Posted: Monday, January 05, 2015 5:39 PM by Bob Hansmann
For the cyber security industry, 2014 was a year of high-profile hacks. Data breaches hit every sector, from retail stores and financial instiutions to health care providors, and the fall-out was felt from the C-suite to the man in the street. As we begin...   Read more >
Sony Pictures Entertainment Hack – Truly motion picture worthy
Posted: Monday, December 22, 2014 7:45 AM by ngriffin
Blackmail, secretive master-plan, sabotage, drama, politics, thriller, hostage, the list goes on - this is not the plot-line of an immersive Hollywood motion picture, but rather the highlights of the recent hack on Sony Pictures Entertainment (SPE). Although...   Read more >
Tis the Season for…Financial Crime
Posted: Wednesday, December 17, 2014 5:32 PM by Carl Leonard
Advances in internet technology have chnaged much about our day-to-day lives. We no longer need fumble with maps to get where we're going. Global Positioning System (GPS) technology allows us to connect to satellites for instant driving directions...   Read more >
Websense Now a Member of Cloud Security Alliance’s Security, Trust and Assurance Registry (STAR) Registry
Posted: Tuesday, December 16, 2014 8:11 PM by Charisse Castagnoli
Websense is pleased to announce its inclusion on the Cloud Security Alliance (CSA) STAR registry with its completion of the CSA STAR Self Assessment. The CSA Security, Trust and Assurance Registry (STAR) Program is “a publicly accessible registry...   Read more >
Time to act on Corporate Data Protection*
Posted: Monday, December 15, 2014 3:17 PM by Neil Thacker
Data breaches and security threats continue to make global news, serving as a constant reminder of the need to improve monitoring and protection of corporate data. European businesses, as well as those operating globally in the region, face particular...   Read more >
'Tis the Season For…Reassessing Your Security Posture
Posted: Tuesday, December 09, 2014 5:51 PM by Charisse Castagnoli
As we near the end of another year – a year that as of the beginning of December has seen 708 data breaches publically reported resulting in an estimated 81,501,185 records exposed* – now is the perfect time to reassess and optimize your organization’s...   Read more >
What protection can be offered from sophisticated malware such as Regin?
Posted: Monday, November 24, 2014 4:59 AM by Carl Leonard
Websense® Security Labs™ researchers are continuing the analysis of a sophisticated malware attack which has been observed to conduct espionage against Russian, Saudi Arabian, and Irish targets, amongst others. Regin, as the malware family ...   Read more >
Filed under: ,
Black Friday Themed Amazon Voucher Scam
Posted: Friday, November 21, 2014 3:15 AM by Xue Yang
The Websense ® ThreatSeeker ® Intelligence Cloud has detected Amazon voucher scams using Black Friday Gift Card themes as a lure. We have observed a surge of over 20,000 spam emails with the subject of "Amazon Black Friday Gift Card #XXXXXXXXX"...   Read more >
Filed under: , ,
Webcast: Preparing for Big Data and the Internet of Things
Posted: Thursday, November 20, 2014 1:17 AM by Bob Hansmann
Big Data and the Internet of Things are causing an exponential rise in threat risks to organizations of all sizes. In our webcast with Lamont Orange, Chief Information Security Officer at Websense and Rick McElroy, Director of Information Security for...   Read more >
Websense Security Labs™ Publishes 2015 Security Predictions
Posted: Tuesday, November 18, 2014 1:30 PM by Carl Leonard
Websense Security Labs gives their predictions on where they expect new and innovative cyber threats to emerge in the coming year. Websense Security Labs (WSL) has completed their 2015 Security Predictions report and it’s now available to the data...   Read more >
Websense Security Labs Reveals Cybersecurity Predictions for 2015
Posted: Tuesday, November 18, 2014 1:05 AM by Adam Bennett
Predictions Explore Healthcare Data as a Top Target, Internet of Things Attacks on Businesses and the Evolution in Credit Card Hacks AUSTIN, Texas - August 14, 2014 - Cybersecurity created headlines and headaches in 2014, with large-scale data breaches...   Read more >
Official Website of Popular Science Compromised
Posted: Tuesday, October 28, 2014 6:25 PM by AToro
Websense® ThreatSeeker® Intelligence Cloud has detected that the official website of Popular Science has been compromised and is serving malicious code. Popular Science is a well-established monthly magazine with a readership of more than a million...   Read more >
When Did You Last Look Into a Crystal Ball? Announcing our 2014 Predictions Accuracy Report
Posted: Friday, October 24, 2014 8:10 PM by Carl Leonard
Hindsight is a wonderful thing. If the open source community had anticipated the implications of the vulnerability that lead to OpenSSL Heartbleed and businesses had anticipated the fallout from Shellshock would things have been different? They sure would...   Read more >
More News & Views...