Websense Security Labs Blog

Websense Security Labs discovers, investigates and reports on advanced Internet threats that traditional security
research methods miss.

Latest Blog Posts

View all posts > 

(April 2010) Posts

New blog!!

Posted: 25 Apr 2010 11:00 PM | Patrik Runald | no comments


As you can see we have a new blog. In addition to the new look-and-feel we have a few new things in place. - We have merged the blog and alerts. If you subscribe to our Alerts you will still get emails when we see something that warrants an alert - Added Categories to posts. This will make it much easier...

Read more > 

Spammers also "Recycle"

Posted: 25 Apr 2010 09:09 PM | Artem Gololobov | no comments


Imagine how much trash or rubbish is being recycled on a daily basis in real life. The same thing is happening on the Internet. Spammers create new Web sites, then they use all sorts of techniques to deliver those sites to end users. However, in most cases there is a Web/email filtering service like...

Read more > 

Filed under:

Oversharing and a powerful search engine = FAIL

Posted: 23 Apr 2010 10:56 AM | Patrik Runald | no comments


Users of the Blippy service, a website that lets people share their credit card purchases online, are scrambling to change their settings or even closing their accounts after VentureBeat published a story about how Google searches can disclose users credit card details. As can be seen in the screenshot...

Read more > 

Filed under:

De-obfuscating the obfuscated binaries with visualization

Posted: 19 Apr 2010 07:42 AM | WebsenseSecurityLabs | no comments


Recently I spent an afternoon reverse-engineering a few packed and obfuscated malware binaries. I was curious as to what kind of tactics and methods had been applied, so I dissected several binaries. I want to share some of my notes about the techniques that these malware programs used. I also want to...

Read more > 

Filed under: ,

Multi-layer Obfuscated JavaScript Using Twitter API

Posted: 16 Apr 2010 07:26 AM | Tamas Rudnai | no comments


Nowadays infected Web pages are probably the biggest threat to the IT sector. Most compromised HTML documents contain a JavaScript that generates the malicious content dynamically to make it less obvious what it is doing. To avoid detection, they are using more and more complex obfuscation techniques...

Read more > 

Filed under: ,

New Zbot campaign comes in a PDF

Posted: 15 Apr 2010 11:45 AM | Patrik Runald | no comments


Websense Security Labs™ has received several reports of a Zbot trojan campaign spreading via email. We have seen over 2200 messages so far. Zbot (also known as Zeus) is an information stealing trojan (infostealer) collecting confidential data from each infected computer. The main vector for spreading...

Read more > 

Filed under:

This Month in the Threat Webscape - March 2010

Posted: 12 Apr 2010 02:37 PM | Jay Liew | no comments


We presented at RSA 2010 and spoke at the Cloud Security Alliance Summit . Here is our recap of the event . Major hits 1. Highlight pwns from CanSecWest's Pwn2Own hacker 2010 contest include: 2. Contest winner (Peter Vreugdenhil): IE 8 vulnerability exploited on a fully patched Windows 7 machine...

Read more > 

Filed under:

Celebrity life of Black Hat SEO

Posted: 08 Apr 2010 10:22 PM | Patrik Runald | no comments


It’s not a secret that cybercriminals use all sorts of techniques to promote their fake products and services on the Web. To increase the rating of the newly-created fake medical or rogue AV Web site, criminals sharpen their skills in Black Hat SEO (search engine optimization). While White Hat...

Read more > 

Filed under: , ,