Websense Security Labs Blog

Websense Security Labs discovers, investigates and reports on advanced Internet threats that traditional security
research methods miss.

Latest Blog Posts

View all posts > 

(April 2012) Posts

Websense Security Labs at Infosec2012

Posted: 30 Apr 2012 11:00 AM | Artem Gololobov | no comments


Last week, Websense® Security Labs™ team members attended the Infosec2012 conference at Earls Court in London. It was quite busy and exciting for us, as we assisted Sales Engineers and Sales teams to work with customers at the Websense booth. We also attended workshops and chapter meetings for (ISC)2 (International Information Systems Security Certification Consortium) and ISACA (Information Systems Audit and Control Association).


The Infosec conference presents high-level security information, such as security product demonstrations, rather than technical talks on topics like exploits and vulnerabilities. So we expected to hear presentations and general discussions about enterprise security and issues of concern to our customers.

...

Read more > 

Filed under:

Is CVE-2012-0507 the best toolkit to exploit Mac OS X?

Posted: 16 Apr 2012 10:23 AM | Gianluca Giuliani | no comments


The recent advent of flashback malware that includes exploit code for CVE-2012-0507 has been creating waves and quickly adopted by various other attackers as Websense® Security Labs™ has shown. This blog post detail some of the aspects of CVE-2012-0507 and how this exploit has been used in...

Read more > 

Filed under: , , , , ,

Flashback Mac malware

Posted: 12 Apr 2012 11:48 PM | Patrik Runald | no comments


We in Websense® Security Labs™ have been following the developments of the Flashback trojan for Mac that has infected over 600,000 Apple computers worldwide. The number of infected computers seems to be dropping steadily now and will continue to do so as Apple yesterday released a removal tool as part of their Software Update:

 

...

Read more > 

Filed under: ,

The Android "GoldDream" Malware Server is Still Alive

Posted: 12 Apr 2012 01:05 AM | uwang | no comments


Many anti-virus vendors have reported on and dissected the suspicious and malicious Android "GoldDream" malware threat. The C&C server (lebar.gicp.net), which hosts this malware, has been revealed in many articles. But, to our surprise, this C&C server is still alive after several months and is still serving users with "GoldDream" malware. Currently, only Websense® ThreatSeeker® Network has blocked the malware server sites, out of the 19 vendors listed by VirusTotal! 

...

Read more >