Websense Security Labs Blog

Websense Security Labs discovers, investigates and reports on advanced Internet threats that traditional security
research methods miss.

Latest Blog Posts

View all posts > 

Exploits tagged in these posts

Charting the Unexplored Threat Galaxy

Posted: 27 Apr 2015 10:30 AM | Ran Mosessco | no comments


We live in a world where the cyber threat landscape is very dynamic. Actionable threat intelligence is buried deep within terabytes of seemingly interesting but irrelevant data. Plausible deniability, false positives, lack of traceability and attribution, skillful attackers, adaptation of warfare techniques...

Read more > 

Filed under: , , , , ,

Eight Security Predictions for 2014

Posted: 14 Nov 2013 03:18 PM | Elisabeth Olsen | no comments


2013 was not an easy year in cybersecurity—and we expect 2014 attacks will be even more complex. In a new report out today, Websense Security Labs researchers collectively outlined eight predictions and recommendations for 2014. To read the full report, please visit www.websense.com/2014predictions...

Read more > 

Filed under: , , , , , , ,

Zero-Day Attack for Internet Explorer (CVE-2013-3897) Goes High Profile

Posted: 09 Oct 2013 03:26 AM | Elad Sharf | no comments


Websense® Security Labs™ has seen a new zero-day exploit for Internet Explorer (CVE-2013-3897) used in highly targeted, low-volume attacks in Korea, Hong Kong, and the United States, as early as September 18th, 2013. The publication of the vulnerability details ( CVE-2013-3897 ) were shared...

Read more > 

Filed under: , , , , ,

Cybercriminals Behind CVE-2013-3893 Launched Attacks Earlier Than Previously Reported; More Widespread

Posted: 26 Sep 2013 11:59 AM | AlexWatson | no comments


Websense Security Labs™ Websense ThreatSeeker® Intelligence Cloud has discovered that attacks utilizing the most recent Internet Explorer 0-day (CVE-2013-3893) are more prevalent than previously thought.  In this write up we shall analyze the exploit code and perform analysis on the dropped malicious file.

 

Executive Summary

  • Websense protected our customers using real-time analytics that have been in place for nearly three years.
  • We have seen the CVE-2013-3893 exploit targeting Japanese firms in the financial industry, being hosted on a Taiwanese IP address.
  • Our ThreatSeeker Intelligence Cloud reported a potential victim organization in Taiwan attempting to communicate with the associated malicious command & control server.
  • Our telemetry indicates that the attack described above has a suitably high degree of segmentation between previous attacks as to indicate that possibly different team are using the same tool sets.
...

Read more > 

Filed under: , , , , , ,

Up To 70% of PCs Vulnerable to Zero-Day: CVE-2013-3893

Posted: 18 Sep 2013 06:35 AM | Anonymous | no comments


Another new vulnerability found in Microsoft Internet Explorer affects Internet Explorer versions 8, and 9 and used in a wild by cybercriminals, also specific configurations of Internet Explorer 6, 7, 8, 9, 10 and 11 are also potentially vulnerable. The vulnerability allows attackers to execute code on a machine by just having the user visit a malicious website. This can happen, for example, when the user is tricked into clicking a link in an email or via compromised legitimate websites.

...

Read more > 

Filed under: , , , , ,

New Java and Flash Research Shows a Dangerous Update Gap

Posted: 05 Sep 2013 05:51 PM | Matthew Mors | no comments


Today we're continuing our Java security research series by analyzing other plug-ins, browser extensions and rich internet applications that are commonly exploited. Our previous research indicated that the current state of Java affairs isn't pretty. At that time, ninety-three percent of enterprises...

Read more > 

Filed under: , , , , , , ,