Websense Security Labs Blog

Websense Security Labs discovers, investigates and reports on advanced Internet threats that traditional security
research methods miss.

Latest Blog Posts

View all posts > 

Shellshock - Not a Can of Worms if You Patch

Posted: 14 Apr 2015 08:40 AM | AToro | no comments

In information security, 2014 will undoubtedly remain infamous for at least two vulnerabilities that affected the vast majority of the Internet infrastructure and users: Heartbleed and Shellshock . While most system administrators scrambled to apply patches to mitigate these issues as soon as possible...


Filed under: ,

Websense Security Labs Publishes 2015 Threat Report

Posted: 08 Apr 2015 05:40 AM | Carl Leonard | no comments

The Websense® Security Labs™ team has produced our annual Threat Report, the must-read analysis of what’s really happening in the cyber landscape. The human and technical aspects of cyber threats changed dramatically in 2014. We saw new techniques blended with the old, resulting in highly...


Filed under:

Assertiveness is a valuable quality for the C-Level and cyber crooks alike

Posted: 30 Mar 2015 01:00 PM | Jose Barajas | no comments

Beware, spear-phishing is striking again - Websense Security Labs has become aware of recent spear-phishing attempts utilizing what appear to be forwarded legitimate email messages and a typo-squatted domain. If these targeted attempts are successful, then the combination of a trusting nature, orthographic...


Filed under: , , , ,

SSL - a FREAKishly long existence

Posted: 04 Mar 2015 02:00 AM | Tamas Rudnai | no comments

SSL, widely adopted and living on borrowed time, has clearly had a rough year. After Heartbleed, Poodle, and many other high-profile vulnerabilities comes FREAK (Factoring attack on RSA-EXPORT Keys), which at the time of publication of this blog breaks approximately 36% of all sites trusted by browsers as per this link including websites belonging to the NSA and FBI. About 12% of high ranked Alexa websites are also believed to be vulnerable to the flaw at this time, thereby placing visitors to these sites at high risk.


Exposure and Impact


The vulnerability, discovered by Karthikeyan Bhargavan at INRIA in Paris and the mitLS team allows an active attacker to perform a man-in-the-middle attack by downgrading the encrypted connection between a vulnerable client and a server that accepts export-grade RSA keys to 512-bits. The captured key can then be factored using the public cloud in a matter of hours and further be used for decryption of communication between the client and the server. Once the key has been compromised, all personal information including passwords, financial data, etc. is at risk.



Filed under: , , ,

Angler Exploit Kit – Operating at the Cutting Edge

Posted: 05 Feb 2015 09:00 AM | AToro | no comments

As we promised in one of our previous blog posts about exploit kits ( Nuclear EK ), we are going to take a more in-depth look at Angler Exploit Kit. Angler EK is possibly the most sophisticated exploit kit currently used by cyberciminals. It has pioneered solutions that other exploit kits started using...


Filed under: ,

Another day, another zero-day – Internet Explorer's turn (CVE-2015-0072)

Posted: 05 Feb 2015 02:00 AM | Jose Barajas | no comments

Websense® Security Labs™ researchers are aware of a zero-day vulnerability affecting Internet Explorer that could allow a remote, unauthenticated attacker to bypass the Same-Origin Policy (SOP) to hijack the user’s session. The vulnerability is being called Universal Cross Site Scripting...


Filed under: , , , ,