Websense Security Labs Blog

Websense Security Labs discovers, investigates and reports on advanced Internet threats that traditional security
research methods miss.

Latest Blog Posts

View all posts > 

(November 2010) Posts

Facebook used for phishing attacks and open redirects

Posted: 29 Nov 2010 06:02 AM | Patrik Runald | no comments

Recently, at Websense Security Labs, we have seen Facebook being used to display phishing pages for different services, as well as to redirect to phishing pages hosted elsewhere. Below are two examples of what the phishing attempts look like...



Instant Previews: A Pawn for Malicious Intent

Posted: 17 Nov 2010 06:08 PM | Anonymous | no comments

Ever noticed a magnifying glass next to your Google search results lately? It is actually a new service that Google launched last week called Instant Previews . This service allows users to see what a page looks like before going to it by hovering or clicking the magnifying glass next to the Google search...


Attackers using Prince William engagement for attacks

Posted: 16 Nov 2010 11:19 PM | Patrik Runald | no comments

It didn't take long for attackers to take advantage of the big news that Prince William and Kate Middleton are getting married . As we have explained before, attackers have the process down to a science. They monitor breaking news, trending topics, and buzz words, then automatically manipulate search...


This Month in the Threat Webscape - October 2010

Posted: 12 Nov 2010 07:30 PM | Jay Liew | no comments

Month of October 2010 Major Hits Websense Security Labs discovered that the official Web site of the Nobel Peace Prize was compromised by malicious hackers. The hackers inserted code that infects visitors using Mozilla Firefox. This zero day vulnerability has since been patched. The exploitation of vulnerabilities...


Veteran's Day spurs Poisoned Search

Posted: 10 Nov 2010 11:58 PM | Anonymous | no comments

Today is Veteran's Day and like any other holidays, black hat SEO and spam emails have been visible since Monday this week. Websense customers are protected against this attack through our Advanced Classification Engine . Search terms like veteran's day , veteran's day 2010 , veteran's...


New 0-day Vulnerability in Adobe Acrobat Reader

Posted: 08 Nov 2010 01:16 PM | Tamas Rudnai | 1 comment(s)

A new, potentially critical vulnerability in Adobe Acrobat Reader has come to our attention at Websense Security Labs. Quick analysis shows that malicious PDF documents invoke a function call to Doc.printSeps() to take advantage of the vulnerability. Proof of concept code plants shell code in memory...

Read more >