Websense Security Labs Blog

Websense Security Labs discovers, investigates and reports on advanced Internet threats that traditional security
research methods miss.

Latest Blog Posts

View all posts > 

(October 2010) Posts

All Tricks & No Treat for Anti-Spam Engines

Posted: 29 Oct 2010 09:00 AM | Mary Grace Timcang | no comments


Spammers don't appear to be running out of tricks off their sleeves when it comes to bypassing anti-spam engines. Websense Security Labs™ ThreatSeeker™ Network found that spammers had slightly changed their tactics on the recent World Pharmacy campaign . Note that the earlier variant...

Read more > 

Filed under:

Critical Vulnerability in Firefox Browser CVE-2010-3765

Posted: 27 Oct 2010 04:05 PM | Tamas Rudnai | no comments


Yesterday we received reports about a critical vulnerability in Firefox browser that has been detected in the wild. According to the reports, this flaw can potentially allow an attacker to exploit the user's machine through the browser by making it run arbitrary code without user interaction - a...

Read more > 

Filed under: ,

Opengraphprotocol.org compromised

Posted: 22 Oct 2010 10:46 PM | Patrik Runald | no comments


The opengraphprotocol.org Web site is currently compromised and is redirecting users to rogue AV sites. Websense customers are protected with our ACE technology, which has real-time protection to proactively protect against this attack. Open Graph is a protocol developed by Facebook that allows other...

Read more > 

Filed under:

First we take Canada, then we take the World

Posted: 22 Oct 2010 08:13 PM | Ran Mosessco | no comments


By now, Web sites related to "Canadian Pharmacy" are well-known to email users around the globe, many of whom have had the "pleasure" of receiving spam messages offering a way to buy cheap medications. Recently, Websense Security Labs™ ThreatSeeker™ Network came across...

Read more > 

Filed under: ,

Piggybacking on Adobe Acrobat and others

Posted: 18 Oct 2010 01:35 PM | Elad Sharf | no comments


Yesterday, Adobe unveiled the next version of its Acrobat software: Adobe Acrobat X. The version is set to hit the market within 30 days. Among other features, the version is going to include a very important security feature that will allow users to view documents safely within a sandbox environment...

Read more > 

Filed under: ,

Murofet: Domain Generation ala Conficker

Posted: 14 Oct 2010 09:05 PM | Gregory Newman | no comments


Recently a new piece of malware has emerged that operates similarly to Conficker. This malware, named Murofet, is similar to Conficker in that it generates thousands of domains daily that it then contacts for updates. Our customers are protected from this latest threat by ACE, our Advanced Classification...

Read more > 

This Month in the Threat Webscape - September 2010

Posted: 14 Oct 2010 06:33 PM | Jay Liew | no comments


Month of September Major Hits Stuxnet was the major story last month. After the presentations at Virus Bulletin 2010 [ 1 , 2 ] Stuxnet has gotten even more attention. CVE-2010-2883, a 0-day in Adobe Reader , was another major story. A malicious injection targeting Song Lyrics put Google users at risk...

Read more > 

Filed under:

Eleonore Exploits Pack's Unescape Cipher

Posted: 13 Oct 2010 11:22 PM | Chris Astacio | 1 comment(s)


In this blog post, we will cover Eleonore Exploits Pack's obfuscation, which is meant to conceal the true intent of the source code that the exploit page serves up. Obfuscation is one of a few ways that attack kits try to protect themselves and their malicious intent. The obfuscation of their code...

Read more >