Websense Security Labs Blog

Websense Security Labs discovers, investigates and reports on advanced Internet threats that traditional security
research methods miss.

Latest Blog Posts

View all posts > 

Data loss tagged in these posts

Eight Security Predictions for 2014

Posted: 14 Nov 2013 03:18 PM | Elisabeth Olsen | no comments


2013 was not an easy year in cybersecurity—and we expect 2014 attacks will be even more complex. In a new report out today, Websense Security Labs researchers collectively outlined eight predictions and recommendations for 2014. To read the full report, please visit www.websense.com/2014predictions . In addition, below is an infographic for quick reference. Here are the highlights: 1. Advanced malware volume will decrease. According to the real-time telemetry feeds in Websense ThreatSeeker® Intelligence Cloud, the quantity of new malware is beginning to decline. Unfortunately, this is bad news for organizations. Cybercriminals will rely less on high-volume advanced malware because over time it runs a higher risk of detection. They will instead use lower volume, more targeted attacks to secure a foothold, steal user credentials and move unilaterally throughout infiltrated networks. Although the volume of attacks will decrease, the risk is even greater. 2. A major data-destruction attack will happen. Historically, most attackers have used a network breach to steal information for profit. In 2014, organizations need to be concerned about nation-states and cybercriminals using a breach to destroy data. 3. Attackers will be more interested in cloud data than your network. Cybercriminals will focus their attacks more on data stored in the cloud vs. data stored on the network. This tactical shift follows the movement of critical business data to cloud-based solutions. Hackers will find that penetrating the data-rich cloud can be easier and more profitable than getting through the “castle walls” of an on-premises enterprise network. 4. Redkit, Neutrino, and other exploit kits will struggle for power in the wake of the Blackhole author arrest. We will see a fight for market leadership between a number of new entrants and existing exploit kits in 2014. We anticipate Redkit and the Neutrino exploit kit will secure a strong foothold in the coming year. 5. Java will remain highly exploitable and highly exploited—with expanded repercussions. Most end points will continue to run older versions of Java and therefore remain extremely exposed to exploitation. In 2014, cybercriminals will devote more time to finding new uses for tried-and-true attacks and crafting other aspects of advanced, multi-stage attacks. 6. Attackers will increasingly lure executives and compromise organizations via professional social networks. As social networking continues to appeal to the business community in 2014, attackers will increasingly use professional websites, such as LinkedIn, to research and lure executives. This highly targeted method will be used to gather intelligence and compromise networks. 7. Cybercriminals will target the weakest links in the “data-exchange chain.” Attackers will go after the weakest links in the information chain and target the consultants outside the network who have the most information. This includes consultants...

Read more > 

Filed under: , , , , , , ,

2013 Threat Report: More Than Scary Stats and Chilling Charts

Posted: 13 Feb 2013 08:30 AM | Carl Leonard | no comments


The 2013 Threat Report from the Websense® Security Labs™ is now available.

 

The report details mobile, social, email and web-based threats, and while it is full of ominous data points, it is a very interesting read. The report is designed to help security professionals keep current with threat trends and improve the effectiveness of existing security solutions. It can also be used to identify and prioritize security gaps that may require new approaches and more innovative strategies.

 

Creating the report began with the ThreatSeeker® Network, composed of big data clusters used by the WSL to collect and manage up to 5 billion inputs each day from 900 million global endpoints. Malware samples, mobile applications, email content, web links and other information were then passed through deep analysis processes including our Advanced Classification Engine (ACE), which applied over 10,000 different analytics.

 

...

Read more > 

Filed under: , , , , , , , , , , , , , ,

Reports of 6.4 Million Stolen LinkedIn Passwords

Posted: 06 Jun 2012 03:44 PM | Carl Leonard | 1 comment(s)


LinkedIn is investigating reports that approximately 6.4 million user passwords have been posted on the Web. While the breach is still unconfirmed by LinkedIn (as of the time that we wrote this blog), they have acknowledged on their Twitter feed that their investigations have begun.

If you're a LinkedIn user, Websense® Security Labs recommends that you change your password immediately to help prevent your password from falling into the wrong hands.

 

After retrieving the password files that are being distributed on forums in the .ru TLD space, it appears that the passwords are hashed. However, based on samples seen by us, it is easy to translate them into clear text. Our initial investigations reveal that a password of "linkedin" features heavily.

It is uncertain how the hackers retrieved the stolen passwords; however, the passwords that users are finding in the hashed files do appear to be real.

...

Read more > 

Filed under: , , ,

Beware of scams related to Facebook Timeline!

Posted: 05 Jan 2012 08:26 PM | Devi | no comments


First it was the Cheesecake Factory ; now, it’s Timeline . Facebook, like many other social networking companies, is experiencing some user dissatisfaction, and scammers are taking advantage of anti-Timeline sentiment. According to Insidefacebook , scammers are creating pages that assure the public that by “liking” the page, watching the linked video, downloading a certain browser application, or inviting their friends to the page, they will be allowed to opt out of Timeline. These pages all ask readers to "Like" the account, and some even ask them to subscribe. Some pages ask readers to install a browser application; Google Chrome and Firefox are common targets of such scams. Though some Facebook pages may look harmless, remember that being cautious is the best way to prevent potential data loss. Timeline was introduced by Mark Zuckerberg during the F8 developer conference. There, he announced that the beta version of the interface would be available to Facebook users on September 22nd. So, what is Timeline? Facebook engineers implemented an algorithm that gathers all of your Facebook activity and organizes it based on what it deems important: your birth, high school graduation, first job, wedding, special events, and so on. The Timeline profile page is divided into two columns that contain recent photos, games, posts, and other activity. Since the algorithm decides what is relevant and what is not, there is a chance an event or a post you think is relevant might not show up in Timeline. But fear not, the new page layout will allow editing so that users can manually change what information is shared or deemed important. Facebook employee Paul McDonald explains that Timeline allows users to add details of their lives before Facebook was created, providing an easy way to rediscover things once shared in real life. You have seven days to review and modify the timeline before it goes live and anyone else can see it. As long as Facebook remains the top social networking site, scammers will use new and innovative methods to try to steal and exploit user information, but rest assured that ACE ( Advanced Classification Engine ) protects our customers from such scams.

Read more > 

Filed under: , , ,

Chinese Internet Suffers the Most Serious User Data Leak in History

Posted: 27 Dec 2011 03:23 AM | Xue Yang | no comments


Last week, China's largest software programmers' Web site CSDN (China Software Developer Network) was hacked, and account information for more than 6 million users was leaked and quickly spread via the Internet. One day later, Tianya, the biggest Chinese online forum, was reportedly hacked for the account information of 40 million users. This cyber attack has continued, with several well-known sites like the Duowan game, the 7k7k game, the e-commerce sites 360buy and Dangdang, the popular dating sites like Zhenai being hacked and user data leaked. Some sites' databases have been published on the Internet and can be easily downloaded.

...

Read more > 

Filed under: , ,

Epsilon Data Breach

Posted: 04 Apr 2011 09:25 AM | Carl Leonard | 1 comment(s)


On Friday 1 April 2011 Epsilon, a marketing services firm, notified their customers of "unauthorised entry into email system" .  Their press release can be seen here.

The press release advises that the information stolen during the attack included only customer email addresses and customer names.

In the wrong hands however even this limited amount of information can have consequences for those to whom the data pertains.  We shall explore some typical scenarios.

...

Read more > 

Filed under: , ,