Websense Security Labs Blog

Websense Security Labs discovers, investigates and reports on advanced Internet threats that traditional security
research methods miss.

Latest Blog Posts

View all posts > 

(September 2011) Posts

Social Media usage increases malware risks - Websense Survey

Posted: 29 Sep 2011 12:55 PM | Patrik Runald | no comments

Recently, Websense sponsored a global survey of 4,640 IT and IT security practitioners about social media and security in their organizations. We asked them about: The importance of social media in meeting business goals today. Social media policies in their organizations The security risks created by...


Malicious Emails with Subject “ACH Payment xxxxx Canceled”

Posted: 28 Sep 2011 01:00 AM | Anonymous | no comments

Have you received an email with an “ACH Payment xxxxx Canceled” subject line? Please don’t open the link in the email, as it will take you to a malicious URL. Websense® ThreatSeeker® Network has detected that an email campaign broke out on 27th September, 2011. In this campaign...


Websense Labs Video: Speaking in Tongues: Malware C&C Encryption

Posted: 27 Sep 2011 11:56 AM | Patrik Runald | no comments

Historically, malware uses IRC to communicate outbound once it has infected a host. But what exactly is malware doing now? In this week’s Websense Security Labs video, researchers Ali Mesdaq and Stephan Chenette guide us through an explanation of malware that communicates using custom encryption...


Cuevana.tv is compromised, be aware of this .cx.cc attack!

Posted: 26 Sep 2011 11:04 PM | Ran Qiong | no comments

Websense® ThreatSeeker® Network has detected that the Cuevana.tv ( hxxp://www.cuevana.tv) Web site was compromised on 25th September, 2011. Cuevana.tv is a very popular Spanish online TV Web site in South American, especially in Argentina, Uruguay, Mexico, Colombia, and Panama. Cuevana.tv has...


Did you hear about the new Facebook changes?

Posted: 23 Sep 2011 10:46 PM | Elisabeth Olsen | no comments

At their f8 Developers Conference in San Francisco last week, Facebook announced their recent major makeover and how this is just the beginning. These are the largest changes to Facebook since the early beginnings of the site. Their newly released features are: A redo of their Friends Lists (like Google...


Fake malware notifications from "Websense Labs"

Posted: 22 Sep 2011 08:34 AM | Elad Sharf | no comments

Earlier this week we detected malicious email messages that appeared to be sent from "Websense Labs" that contain an alert about detected malicious activity. We have published this blog to let all of our customers know that we would never notify you in this manner and that these messages were...


What's More Scary, Hurricanes or Black Holes?

Posted: 20 Sep 2011 08:52 PM | Ran Mosessco | no comments

By now, it has become somewhat of a cliché to mention how cyber-criminals try to exploit the latest hot topics to lure victims to malicious content. The recent hurricane scares, however, provided an example that we found interesting. A few weeks ago, Websense Security Labs and the Websense ThreatSeeker® Network came across an email campaign that redirected users to Web pages downloading rogue AV via the Blackhole exploit kit.

Websense Email Security and Websense Web Security protect against this kind of blended threat with ACE, our Advanced Classification Engine.

This post examines how various vectors (email and Web) lead to Blackhole exploit kits and rogue AV, all hosted on a single IP address.

It also shows how some messages from the same email campaign, as well as similar variants, lead to pharmaceutical sites related to the "Yambo Family" group of Web sites.



Últimas Noticias has been compromised

Posted: 20 Sep 2011 11:22 AM | Hermes Li | no comments

Websense® ThreatSeeker® Network has detected that the Últimas Noticias Web site (ultimasnoticias.com.ve) was compromised on 19th September, 2011. Últimas Noticias is the highest-selling daily newspaper in Venezuela. It was founded in Caracas in 1941 after the pro-freedom measures...

Read more >