Websense Security Labs Blog

Websense Security Labs discovers, investigates and reports on advanced Internet threats that traditional security
research methods miss.

Latest Blog Posts

View all posts > 

Turn $1 into $100 right away…..Your personal files are encrypted!

Posted: 29 Apr 2015 03:00 PM | MarkHaffenden | no comments


Those are the five words that no one wants to see pop up on their screen. Websense® Security Labs™ researchers have identified an interesting tactic in the proliferation of Crypto ransomware. One published example exploits the very human vulnerability concerning the fear of receiving a parking...

Read more > 

Filed under: , , ,

Andromeda – An attack kill chain analysis

Posted: 28 Apr 2015 04:00 PM | uwang | no comments


The Andromeda botnet, initially discovered in late 2011, is a highly modular platform for malicious activity. While it consists of key loggers, rootkits, anti-VM, anti-debugging and proxy features, it is mostly used as a method to establish a reliable backdoor to further deliver additional malware. Recently...

Read more > 

Filed under: , , , ,

Charting the Unexplored Threat Galaxy

Posted: 27 Apr 2015 10:30 AM | Ran Mosessco | no comments


We live in a world where the cyber threat landscape is very dynamic. Actionable threat intelligence is buried deep within terabytes of seemingly interesting but irrelevant data. Plausible deniability, false positives, lack of traceability and attribution, skillful attackers, adaptation of warfare techniques...

Read more > 

Filed under: , , , , ,

Low volume targeted attack linked to US Government targets, uses multiple evasion tactics

Posted: 22 Apr 2015 01:00 PM | Carl Leonard | no comments


Over the last few months, Websense® Security Labs™ researchers have tracked and analyzed the attack methods of a low-volume, targeted attack linked to the US Federal government space. The attack uses a combination of evasion tactics throughout its lifecycle in order to remain elusive. In this...

Read more > 

Filed under: , ,

Shellshock - Not a Can of Worms if You Patch

Posted: 14 Apr 2015 08:40 AM | AToro | no comments


In information security, 2014 will undoubtedly remain infamous for at least two vulnerabilities that affected the vast majority of the Internet infrastructure and users: Heartbleed and Shellshock . While most system administrators scrambled to apply patches to mitigate these issues as soon as possible...

Read more > 

Filed under: ,

Websense Security Labs Publishes 2015 Threat Report

Posted: 08 Apr 2015 05:40 AM | Carl Leonard | no comments


The Websense® Security Labs™ team has produced our annual Threat Report, the must-read analysis of what’s really happening in the cyber landscape. The human and technical aspects of cyber threats changed dramatically in 2014. We saw new techniques blended with the old, resulting in highly...

Read more > 

Filed under:

Assertiveness is a valuable quality for the C-Level and cyber crooks alike

Posted: 30 Mar 2015 01:00 PM | Jose Barajas | no comments


Beware, spear-phishing is striking again - Websense Security Labs has become aware of recent spear-phishing attempts utilizing what appear to be forwarded legitimate email messages and a typo-squatted domain. If these targeted attempts are successful, then the combination of a trusting nature, orthographic...

Read more > 

Filed under: , , , ,