Websense Security Labs Blog

Websense Security Labs discovers, investigates and reports on advanced Internet threats that traditional security
research methods miss.

Latest Blog Posts

View all posts > 

(April 2010) Posts

Analyzing Malwares Using Microsoft Tools

Posted: 29 Apr 2010 01:04 PM | Anonymous | no comments


We have been seeing reverse engineering on malware for a while. Some time ago you needed to have magic tools from some underground hackers, but the situation has changed a lot since then. This is especially true for reverse engineering on the Windows platform, where there are a lot of good Microsoft...

Read more > 

New blog!!

Posted: 25 Apr 2010 11:00 PM | Patrik Runald | no comments


As you can see we have a new blog. In addition to the new look-and-feel we have a few new things in place. - We have merged the blog and alerts. If you subscribe to our Alerts you will still get emails when we see something that warrants an alert - Added Categories to posts. This will make it much easier...

Read more > 

Spammers also "Recycle"

Posted: 25 Apr 2010 09:09 PM | Anonymous | no comments


Imagine how much trash or rubbish is being recycled on a daily basis in real life. The same thing is happening on the Internet. Spammers create new Web sites, then they use all sorts of techniques to deliver those sites to end users. However, in most cases there is a Web/email filtering service like...

Read more > 

Oversharing and a powerful search engine = FAIL

Posted: 23 Apr 2010 10:56 AM | Patrik Runald | no comments


Users of the Blippy service, a website that lets people share their credit card purchases online, are scrambling to change their settings or even closing their accounts after VentureBeat published a story about how Google searches can disclose users credit card details. As can be seen in the screenshot...

Read more > 

De-obfuscating the obfuscated binaries with visualization

Posted: 19 Apr 2010 07:42 AM | WebsenseSecurityLabs | no comments


Recently I spent an afternoon reverse-engineering a few packed and obfuscated malware binaries. I was curious as to what kind of tactics and methods had been applied, so I dissected several binaries. I want to share some of my notes about the techniques that these malware programs used. I also want to...

Read more > 

Multi-layer Obfuscated JavaScript Using Twitter API

Posted: 16 Apr 2010 07:26 AM | Tamas Rudnai | no comments


Nowadays infected Web pages are probably the biggest threat to the IT sector. Most compromised HTML documents contain a JavaScript that generates the malicious content dynamically to make it less obvious what it is doing. To avoid detection, they are using more and more complex obfuscation techniques...

Read more > 

New Zbot campaign comes in a PDF

Posted: 15 Apr 2010 11:45 AM | Patrik Runald | no comments


Websense Security Labs™ has received several reports of a Zbot trojan campaign spreading via email. We have seen over 2200 messages so far. Zbot (also known as Zeus) is an information stealing trojan (infostealer) collecting confidential data from each infected computer. The main vector for spreading...

Read more > 

This Month in the Threat Webscape - March 2010

Posted: 12 Apr 2010 02:37 PM | Jay Liew | no comments


We presented at RSA 2010 and spoke at the Cloud Security Alliance Summit . Here is our recap of the event . Major hits 1. Highlight pwns from CanSecWest's Pwn2Own hacker 2010 contest include: 2. Contest winner (Peter Vreugdenhil): IE 8 vulnerability exploited on a fully patched Windows 7 machine...

Read more > 

Celebrity life of Black Hat SEO

Posted: 08 Apr 2010 10:22 PM | Patrik Runald | no comments


It’s not a secret that cybercriminals use all sorts of techniques to promote their fake products and services on the Web. To increase the rating of the newly-created fake medical or rogue AV Web site, criminals sharpen their skills in Black Hat SEO (search engine optimization). While White Hat...

Read more >