Websense Security Labs Blog

Websense Security Labs discovers, investigates and reports on advanced Internet threats that traditional security
research methods miss.

Latest Blog Posts

View all posts > 

Exploits tagged in these posts

Eight Security Predictions for 2014

Posted: 14 Nov 2013 03:18 PM | Elisabeth Olsen | no comments


2013 was not an easy year in cybersecurity—and we expect 2014 attacks will be even more complex. In a new report out today, Websense Security Labs researchers collectively outlined eight predictions and recommendations for 2014. To read the full report, please visit www.websense.com/2014predictions...

Read more > 

Filed under: , , , , , , ,

Zero-Day Attack for Internet Explorer (CVE-2013-3897) Goes High Profile

Posted: 09 Oct 2013 03:26 | Elad Sharf | no comments


Websense® Security Labs™ has seen a new zero-day exploit for Internet Explorer (CVE-2013-3897) used in highly targeted, low-volume attacks in Korea, Hong Kong, and the United States, as early as September 18th, 2013. The publication of the vulnerability details ( CVE-2013-3897 ) were shared...

Read more > 

Filed under: , , , , ,

Cybercriminals Behind CVE-2013-3893 Launched Attacks Earlier Than Previously Reported; More Widespread

Posted: 26 Sep 2013 11:59 | AlexWatson | no comments


Websense Security Labs™ Websense ThreatSeeker® Intelligence Cloud has discovered that attacks utilizing the most recent Internet Explorer 0-day (CVE-2013-3893) are more prevalent than previously thought.  In this write up we shall analyze the exploit code and perform analysis on the dropped malicious file.

 

Executive Summary

  • Websense protected our customers using real-time analytics that have been in place for nearly three years.
  • We have seen the CVE-2013-3893 exploit targeting Japanese firms in the financial industry, being hosted on a Taiwanese IP address.
  • Our ThreatSeeker Intelligence Cloud reported a potential victim organization in Taiwan attempting to communicate with the associated malicious command & control server.
  • Our telemetry indicates that the attack described above has a suitably high degree of segmentation between previous attacks as to indicate that possibly different team are using the same tool sets.
...

Read more > 

Filed under: , , , , , ,

Up To 70% of PCs Vulnerable to Zero-Day: CVE-2013-3893

Posted: 18 Sep 2013 06:35 | Artem Gololobov | no comments


Another new vulnerability found in Microsoft Internet Explorer affects Internet Explorer versions 8, and 9 and used in a wild by cybercriminals, also specific configurations of Internet Explorer 6, 7, 8, 9, 10 and 11 are also potentially vulnerable. The vulnerability allows attackers to execute code on a machine by just having the user visit a malicious website. This can happen, for example, when the user is tricked into clicking a link in an email or via compromised legitimate websites.

...

Read more > 

Filed under: , , , , ,

New Java and Flash Research Shows a Dangerous Update Gap

Posted: 05 Sep 2013 05:51 PM | Matthew Mors | no comments


Today we're continuing our Java security research series by analyzing other plug-ins, browser extensions and rich internet applications that are commonly exploited. Our previous research indicated that the current state of Java affairs isn't pretty. At that time, ninety-three percent of enterprises...

Read more > 

Filed under: , , , , , , ,

Margaret Thatcher's Death Used in Cyber Attacks

Posted: 10 Apr 2013 03:39 | uwang | 1 comment(s)


As the world remembers former British Prime Minister Margaret Thatcher, cyber attackers are participating too, but in their own tricky ways. Websense® Security Labs™ and the Websense ThreatSeeker® Intelligence Cloud have detected that attackers are sending malicious email spam with a topic...

Read more > 

Filed under: , , , , ,