Websense Security Labs Blog

Websense Security Labs discovers, investigates and reports on advanced Internet threats that traditional security
research methods miss.

Latest Blog Posts

View all posts > 

Data Theft via USB: Combating the Insider Threat

Posted: 28 Jan 2014 12:00 AM | AlexWatson | no comments


Executive Summary Data breaches and the theft of intellectual property as well as personally identifiable information (PII) are one of the biggest risks that businesses face, and an area that very few security solutions address. Just last week, a consultant working for the Korea Credit Bureau was arrested...

Read more > 

Filed under: , , , , , ,

Are Your Windows Error Reports Leaking Data?

Posted: 29 Dec 2013 11:02 AM | AlexWatson | 8 comment(s)


Websense® Security Labs™ recently processed a sample data set from the Websense ThreatSeeker® Intelligence Network to investigate the security risk from popular applications and services. We determined enterprise and public sector networks are inadvertently leaking information, which could...

Read more > 

Filed under: , , , ,

Exploit Kits "Lacking P(a)unch"

Posted: 17 Dec 2013 12:30 AM | Ran Mosessco | no comments


Criminal groups formerly using the Blackhole exploit kit experiment with the Magnitude exploit kit, social engineering techniques, direct attachments, phishing, and fraud Overview Over the past two months, the criminal gangs that were using malicious email redirecting to the BlackHole exploit kit have...

Read more > 

Filed under: , , , , , ,

Gmail's Newest Feature: Image Auto-display

Posted: 13 Dec 2013 11:30 AM | Charles Renert | no comments


If you haven't heard, Google is updating Gmail to automatically display images when an e-mail is clicked. Echoing thoughts by our fellow security researchers, we see some uncomfortable risks accompanying the decision. From a malware perspective, images can be vectors of malicious execution ( here's...

Read more > 

New Phishing Research: 5 Most Dangerous Email Subjects, Top 10 Hosting Countries

Posted: 11 Dec 2013 09:03 AM | Elisabeth Olsen | no comments


With cloud infrastructure easily scalable and rented botnets coming on the cheap, the cost of conducting massive phishing campaigns continues to decline for cybercriminals. Even if the return rate is small or the campaign is poorly executed, phishing can result in serious money for criminals. Phishing will never simply go away—meaning ongoing headaches for security professionals.

...

Read more > 

Filed under: , , ,

Eight Security Predictions for 2014

Posted: 14 Nov 2013 03:18 PM | Elisabeth Olsen | no comments


2013 was not an easy year in cybersecurity—and we expect 2014 attacks will be even more complex. In a new report out today, Websense Security Labs researchers collectively outlined eight predictions and recommendations for 2014. To read the full report, please visit www.websense.com/2014predictions...

Read more > 

Filed under: , , , , , , ,

Up to 37% of Enterprise Computers Vulnerable to Microsoft Office Zero-day CVE-2013-3906

Posted: 07 Nov 2013 12:45 AM | Ran Mosessco | no comments


A new vulnerability related to the parsing of TIFF images was found in the Microsoft Graphics component that affects Microsoft Windows, Microsoft Office, and Microsoft Lync. Microsoft published Security Advisory 2896666 explaining the details. Microsoft Fix it 51004 is available to alleviate the problem until an update is available.

...

Read more > 

Filed under: , ,

LinkedIn Lure Looking for Love-ly Profiles, Possibly More

Posted: 31 Oct 2013 01:15 AM | Carl Leonard | no comments


Websense® Security Labs™ ThreatSeeker® Intelligence Cloud has identified a LinkedIn profile configured to use social engineering techniques in order to target fellow LinkedIn users.  Here at Websense we refer to The 7 Stages of Advanced Attacks.  This model of describing the kill chain discusses Stage 1: Reconnaissance - the act of uncovering information that will facilitate the attacker to conduct a later, more successful attack .  We believe that this particular campaign may be a precursor to a more specialized targeted attack.

...

Read more > 

Filed under: , , , ,

'GWload' - The 'Social Engineering' Based Mass Injection Making Its Rounds

Posted: 28 Oct 2013 07:30 PM | Elad Sharf | no comments


Websense® Security Labs™ ThreatSeeker® Intelligence Cloud has identified that a new mass injection campaign is making its rounds, compromising and injecting content into tens of thousands of legitimate websites. This campaign is an evolution and expansion of an existing injection campaign...

Read more > 

Filed under: , , ,