Websense Security Labs Blog

Websense Security Labs discovers, investigates and reports on advanced Internet threats that traditional security
research methods miss.

Latest Blog Posts

View all posts > 

(December 2011) Posts

Facebook launches new features

Posted: 29 Dec 2011 09:26 PM | Elisabeth Olsen | no comments

Timeline A while back, we blogged about some upcoming changes on Facebook . The new Timeline layout is now ready for release. All Facebook accounts will be updated to the new Timeline layout on December 29, 2011. You may already have noticed changes in some profiles. Timeline has been accessible to all...


Chinese Internet Suffers the Most Serious User Data Leak in History

Posted: 27 Dec 2011 03:23 AM | Xue Yang | no comments

Last week, China's largest software programmers' Web site CSDN (China Software Developer Network) was hacked, and account information for more than 6 million users was leaked and quickly spread via the Internet. One day later, Tianya, the biggest Chinese online forum, was reportedly hacked for the account information of 40 million users. This cyber attack has continued, with several well-known sites like the Duowan game, the 7k7k game, the e-commerce sites 360buy and Dangdang, the popular dating sites like Zhenai being hacked and user data leaked. Some sites' databases have been published on the Internet and can be easily downloaded.



Facebook scams kick it up a notch with Firefox/Chrome plugins

Posted: 20 Dec 2011 06:12 AM | Elad Sharf | no comments

Scams on Facebook are a daily thing. Websense ® Threatseeker ® Network recently detected some Facebook scams that now utilize the power of browser extensions to spread to other users' profiles. Scam pages typically utilize social engineering tricks - like enticing users with videos or offers...


Bitcoin Miner with Black Hat SEO Poisoning Campaign

Posted: 20 Dec 2011 03:00 AM | Anonymous | no comments

Bitcoin is a peer-to-peer currency exchange system that features a predictable currency rate. The generation of Bitcoin currency is controlled by an algorithm created by Japanese researcher Satoshi Nakamoto in 2008. Bitcoin system users are essentially "mining" for Bitcoins using their computers...


Lady Gaga's Twitter account tweeting links to survey scam

Posted: 19 Dec 2011 06:40 PM | Anonymous | no comments

The Twitter account of famous singer Lady Gaga has apparently been hacked. It's being used by attackers to lure her more than 17 million followers to click on a link: After a number of redirects, the link ultimately leads to a survey scam that is designed to harvest personal information: The first...


"Lost Weight" Spam Campaign Spreading on Facebook and ibibo

Posted: 15 Dec 2011 11:20 PM | uwang | no comments

Websense® ThreatSeeker® Network detects that a new spam campaign is spreading on Facebook and ibibo (a popular game site in India). The content of the spam messages is: " Lost 30 pounds in just 4 weeks all thanks to hcg. Check it out: http://spam_url ". We have seen a number of similar...


From ".com" to ".anything"

Posted: 12 Dec 2011 06:06 PM | RM | no comments

You may already know about the recent launch of the .xxx domain that is designed for websites with adult content. That is just the tip of the iceberg. ICANN (Internet Corporation for Assigned Names and Numbers), the organization that coordinates the Internet’s addressing system, has announced a...


A typosquat hostname list for Xmas

Posted: 08 Dec 2011 05:06 PM | Elad Sharf | no comments

A few weeks ago, we published a blog about typosquatting. This time, we're going to give an actual example of typosquat hosts found in the wild and show how typosquatting scams work. We'll take you through a typosquatting campaign that abuses tenth of known brands and includes thousands of registered...


Adobe Reader and Acrobat Vulnerability (CVE-2011-2462)

Posted: 07 Dec 2011 07:39 PM | Chris Astacio | no comments

Yesterday, Adobe released a Security Advisory warning about a vulnerability in Adobe Reader and Acrobat. Adobe rated this vulnerability "critical," because it may allow an attacker to execute code remotely and take control of an affected system. Adobe is currently working on a fix and planning...


Let's be adult about it. xxx

Posted: 06 Dec 2011 03:31 PM | Elisabeth Olsen | no comments

On 12/6/2011 at 11 am EST, more than 100,000 Web sites are expected to go live with the new .xxx domain. XXX was approved as a "top-level domain" address last year by ICANN , and was set up to make it easier to identify adult sites. However, it has also had some unintended consequences. For...

Read more >