Websense Security Labs Blog

Websense Security Labs discovers, investigates and reports on advanced Internet threats that traditional security
research methods miss.

Latest Blog Posts

View all posts > 

(May 2010) Posts

Game Channel of MOP BBS compromised

Posted: 30 May 2010 11:19 PM | Xue Yang | no comments


Websense Security Labs™ ThreatSeeker™ Network has discovered that the game channel of MOP BBS has been compromised. Mop.com is one of the largest and most influential forums in China. It was the birthplace of Chinese network culture and has grown into a website with integrated forum, news...

Read more > 

Filed under: , ,

A bad applet in the barrel...

Posted: 26 May 2010 12:06 PM | Chris Astacio | no comments


Injecting malicious html code into legitimate Web sites has become commonplace in the past few years. More often than not, the attackers inject a script or iframe tag in a legitimate site which is meant to redirect visitors to attack sites without their knowledge. Last week, however, we discovered an...

Read more > 

Filed under: , , ,

Chinaz.com compromised

Posted: 25 May 2010 05:08 AM | WebsenseSecurityLabs | no comments


Websense Security Labs™ ThreatSeeker™ Network has discovered that the speed testing site of chinaz.com has been compromised. Chinaz.com is a very famous Web master site that provides technical and resource downloading services in China. The daily traffic to this site is over 50,000 hits,...

Read more > 

Filed under:

Deciphering in psychological terms

Posted: 21 May 2010 02:18 AM | Hermes Li | no comments


Cryptography is an interesting topic for security research. Recently a researcher put out a " decode me " challenge, and this blog describes what we did that may help others with more experience in cryptography solve the challenge once and for all. The first step was to decode a garbled message...

Read more > 

Filed under: , ,

A Simple N-gram Calculator: pyngram

Posted: 20 May 2010 07:53 AM | Jay Liew | no comments


Updated v1.0.1 5/21/2010 - Improved the exception handling, and changed xrange(len(inputstring)) to xrange(len(inputstring)-nlen+1)). Thanks to colleague Arik Baratz! Recently, as I was trying to solve a cryptogram , I wrote a tool to parse the bigrams and trigrams from the ciphertext, tally the frequency...

Read more > 

3 times lucky?

Posted: 20 May 2010 09:55 AM | Elson Lai | no comments


Websense® Security Labs™ ThreatSeeker™ Network has detected a new batch of malicious emails containing Zeus payloads. This campaign takes advantage on free site host to delivery malicious files using many social engineering techniques. From Porn attraction, e-greeting cards, to your system...

Read more > 

My Wordpress blog got injected - again!

Posted: 19 May 2010 06:00 AM | Elad Sharf | no comments


At the beginning of the week and last week the WPSecurityLock Web site published alerts on prominent Wordpress injections. These injections redirect the visitor to a scareware site which falsely claims to have found an infection, i.e. a Rogue AV Web site. Here is a video that shows what exactly is going on from the user's perspective when accessing a compromised Web site with this attack: 

 

...

Read more > 

Filed under: , ,