Websense Security Labs Blog

Websense Security Labs discovers, investigates and reports on advanced Internet threats that traditional security
research methods miss.

Latest Blog Posts

View all posts > 

(May 2010) Posts

Game Channel of MOP BBS compromised

Posted: 30 May 2010 11:19 PM | Xue Yang | no comments

Websense Security Labs™ ThreatSeeker™ Network has discovered that the game channel of MOP BBS has been compromised. Mop.com is one of the largest and most influential forums in China. It was the birthplace of Chinese network culture and has grown into a website with integrated forum, news...


Filed under: , ,

A bad applet in the barrel...

Posted: 26 May 2010 12:06 PM | Chris Astacio | no comments

Injecting malicious html code into legitimate Web sites has become commonplace in the past few years. More often than not, the attackers inject a script or iframe tag in a legitimate site which is meant to redirect visitors to attack sites without their knowledge. Last week, however, we discovered an...


Filed under: , , ,

Chinaz.com compromised

Posted: 25 May 2010 05:08 AM | WebsenseSecurityLabs | no comments

Websense Security Labs™ ThreatSeeker™ Network has discovered that the speed testing site of chinaz.com has been compromised. Chinaz.com is a very famous Web master site that provides technical and resource downloading services in China. The daily traffic to this site is over 50,000 hits,...


Filed under:

Deciphering in psychological terms

Posted: 21 May 2010 02:18 AM | Hermes Li | no comments

Cryptography is an interesting topic for security research. Recently a researcher put out a " decode me " challenge, and this blog describes what we did that may help others with more experience in cryptography solve the challenge once and for all. The first step was to decode a garbled message...


Filed under: , ,

A Simple N-gram Calculator: pyngram

Posted: 20 May 2010 07:53 AM | Jay Liew | no comments

Updated v1.0.1 5/21/2010 - Improved the exception handling, and changed xrange(len(inputstring)) to xrange(len(inputstring)-nlen+1)). Thanks to colleague Arik Baratz! Recently, as I was trying to solve a cryptogram , I wrote a tool to parse the bigrams and trigrams from the ciphertext, tally the frequency...


3 times lucky?

Posted: 20 May 2010 09:55 AM | Anonymous | no comments

Websense® Security Labs™ ThreatSeeker™ Network has detected a new batch of malicious emails containing Zeus payloads. This campaign takes advantage on free site host to delivery malicious files using many social engineering techniques. From Porn attraction, e-greeting cards, to your system...


My Wordpress blog got injected - again!

Posted: 19 May 2010 06:00 AM | Elad Sharf | no comments

At the beginning of the week and last week the WPSecurityLock Web site published alerts on prominent Wordpress injections. These injections redirect the visitor to a scareware site which falsely claims to have found an infection, i.e. a Rogue AV Web site. Here is a video that shows what exactly is going on from the user's perspective when accessing a compromised Web site with this attack: 




Filed under: , ,