Websense Security Labs Blog

Websense Security Labs discovers, investigates and reports on advanced Internet threats that traditional security
research methods miss.

Latest Blog Posts

View all posts > 

(September 2010) Posts

Websense Insight: The Route to Malware

Posted: 28 Sep 2010 01:35 PM | Patrik Runald | no comments


How many clicks does it take to get to the malicious code of an infected website? Surprisingly, the answer is usually, just two . In this Websense Insight we look at how most Internet users are only two clicks away from malicious content in one of three ways: from top sites, poisoned search results,...

Read more > 

Filed under: , ,

Websense Insight: Link Analysis - What links are people sharing on Facebook and Twitter?

Posted: 28 Sep 2010 01:13 PM | Patrik Runald | no comments


With millions of Tweets and Facebook postings flying around daily from personal and business users, have you ever wondered where the links in these postings go? In this Websense Insight we have analyzed hundreds of thousands of social networking links to determine the ecosphere of links and the potential...

Read more > 

Filed under: , ,

Phoenix the supervisor

Posted: 22 Sep 2010 04:34 PM | Ivan Sabo | no comments


In general, spammers will try everything and stop at nothing to deliver content to users. When people don't trust one kind of email, spammers change their tactics and use something else. This process never stops, and is very interesting to follow. It's interesting, at least, if we know we're...

Read more > 

Filed under: , ,

Twitter OnMouseOver Flaw In The Wild

Posted: 21 Sep 2010 02:28 PM | Carl Leonard | no comments


As of this morning we have been monitoring a flaw on twitter.com that delivers pop-ups to Twitter users when they move their mouse cursor over a specially crafted tweet. There is also the potential to deliver status updates when mousing over a tweet and altering the display of the Twitter status on user's...

Read more > 

Filed under: , ,

Can rogue AV ever be legitimate?

Posted: 21 Sep 2010 09:04 AM | Mary Grace Timcang | no comments


Over the past year, the prevalence of search results laced with rogue AV seemed to never end. Whether the search was about celebrity, politics, calamity, or anything that was hot and trending, blackhat SEO was sure to follow. Now, search engines are being more proactive in producing safer search results...

Read more > 

Filed under: , ,

Singing a malicious song

Posted: 16 Sep 2010 04:23 PM | Ivan Sabo | 4 comment(s)


Every now and then we look for song lyrics on the Internet. Using the newest Google Instant technology we immediately find what we need. At least, we think so. Websense Security Labs™ ThreatSeeker™ Network has detected that the popular site S onglyrics.com ( with approximately 200,000 daily...

Read more > 

Filed under: ,

Cash and "Labels and such" lead to ZEUS

Posted: 15 Sep 2010 03:34 PM | Artem Gololobov | no comments


Websense® Security Labs™ ThreatSeeker™ Network has detected another wave of Zeus malicious email messages. This campaign is related to the familiar "pharma" spam messages that we see everyday, with one exception. This campaign combines an HTML or ZIP attachment with a social...

Read more > 

Filed under: ,

This Month in the Threat Webscape - August 2010

Posted: 15 Sep 2010 08:49 AM | Jay Liew | no comments


Month of August 2010 Major hits Mass compromises & infections Network Solutions, one of the oldest domain registrars in the world, was found to be serving up a malicious widget on its customers' Web sites. All sites that opted to display a " Small Business Success Index " widget were...

Read more > 

Filed under: