Websense Security Labs Blog

Websense Security Labs discovers, investigates and reports on advanced Internet threats that traditional security
research methods miss.

Latest Blog Posts

View all posts > 

(October 2010) Posts

All Tricks & No Treat for Anti-Spam Engines

Posted: 29 Oct 2010 09:00 AM | Anonymous | no comments

Spammers don't appear to be running out of tricks off their sleeves when it comes to bypassing anti-spam engines. Websense Security Labs™ ThreatSeeker™ Network found that spammers had slightly changed their tactics on the recent World Pharmacy campaign . Note that the earlier variant...


Lindsay Lohan Leaked Sex Tape fake invites on Facebook

Posted: 28 Oct 2010 02:15 PM | Patrik Runald | 3 comment(s)

Right now there's a campaign ongoing on Facebook where fake invitations are sent to users that claim to be about "Lindsay Lohan Leaked Celebrity Sex Tape" , " Lindsey Lohan Just Leaked Having a THREEWAY on Camera" or variations on this theme. Websense customers are protected with...


Critical Vulnerability in Firefox Browser CVE-2010-3765

Posted: 27 Oct 2010 04:05 PM | Tamas Rudnai | no comments

Yesterday we received reports about a critical vulnerability in Firefox browser that has been detected in the wild. According to the reports, this flaw can potentially allow an attacker to exploit the user's machine through the browser by making it run arbitrary code without user interaction - a...


Opengraphprotocol.org compromised

Posted: 22 Oct 2010 10:46 PM | Patrik Runald | no comments

The opengraphprotocol.org Web site is currently compromised and is redirecting users to rogue AV sites. Websense customers are protected with our ACE technology, which has real-time protection to proactively protect against this attack. Open Graph is a protocol developed by Facebook that allows other...


First we take Canada, then we take the World

Posted: 22 Oct 2010 08:13 PM | Ran Mosessco | no comments

By now, Web sites related to "Canadian Pharmacy" are well-known to email users around the globe, many of whom have had the "pleasure" of receiving spam messages offering a way to buy cheap medications. Recently, Websense Security Labs™ ThreatSeeker™ Network came across...


Piggybacking on Adobe Acrobat and others

Posted: 18 Oct 2010 01:35 PM | Elad Sharf | no comments

Yesterday, Adobe unveiled the next version of its Acrobat software: Adobe Acrobat X. The version is set to hit the market within 30 days. Among other features, the version is going to include a very important security feature that will allow users to view documents safely within a sandbox environment...


Murofet: Domain Generation ala Conficker

Posted: 14 Oct 2010 09:05 PM | Anonymous | no comments

Recently a new piece of malware has emerged that operates similarly to Conficker. This malware, named Murofet, is similar to Conficker in that it generates thousands of domains daily that it then contacts for updates. Our customers are protected from this latest threat by ACE, our Advanced Classification...


This Month in the Threat Webscape - September 2010

Posted: 14 Oct 2010 06:33 PM | Jay Liew | no comments

Month of September Major Hits Stuxnet was the major story last month. After the presentations at Virus Bulletin 2010 [ 1 , 2 ] Stuxnet has gotten even more attention. CVE-2010-2883, a 0-day in Adobe Reader , was another major story. A malicious injection targeting Song Lyrics put Google users at risk...


Eleonore Exploits Pack's Unescape Cipher

Posted: 13 Oct 2010 11:22 PM | Chris Astacio | 1 comment(s)

In this blog post, we will cover Eleonore Exploits Pack's obfuscation, which is meant to conceal the true intent of the source code that the exploit page serves up. Obfuscation is one of a few ways that attack kits try to protect themselves and their malicious intent. The obfuscation of their code...

Read more >