Websense Security Labs Blog

Websense Security Labs discovers, investigates and reports on advanced Internet threats that traditional security
research methods miss.

Latest Blog Posts

View all posts > 

(March 2012) Posts

I have the latest WordPress version - is my Website protected?

Posted: 13 Mar 2012 04:00 AM | Tamas Rudnai | no comments

A few days ago, Websense® SecurityLabs™ detected a large-scale malware campaign mainly targeting WordPress pages. We have received many questions about who and which websites are in danger and how to protect against this attack. While many forum posts and comments speculate that outdated WordPress versions are at fault, unfortunately, we found that this is not true. We dug a bit into this subject and analyzed 30,000 domains to see what types and versions of CMS (Content Management System) have been compromised so far.



Filed under: , , ,

New Mass Injection Wave of WordPress Websites on the Prowl

Posted: 05 Mar 2012 08:00 AM | uwang | 13 comment(s)


The Websense® ThreatSeeker® Network has detected a new wave of mass-injections of a well-known exploit that we've been following in Security LabsTM for months. The majority of targets are Web sites hosted by the WordPress content management system. At the time of writing, more than 200,000 Web pages have been compromised, amounting to close to 30,000 unique Web sites (hosts). The injection hijacks visitors to the compromised sites and rediects them to rogue AV sites that attempt to trick them into downloading and installing a Trojan onto their computer. 


The injected code is very short and is placed at the bottom of the page, just before </body> tag.





Filed under: , ,

Who is already an Olympic Games 2012 winner?

Posted: 01 Mar 2012 03:05 AM | Anonymous | no comments

As announced by our Security Predictions for 2012, the imminent start of the Olympic Games 2012 is a good worldwide event for phishing authors as well as malicious bots. They will most likely begin utilizing this vector to spread their attempts at masquerading as legitimate sites, organizations, or services to trick users into divulging information. Websense® Security LabsTM and the Websense ThreatSeeker® Network have detected and tracked a significant number of these kinds of Olympic phishing messages whose goal is to entice users to submit their personal information.



Filed under: ,