Websense Security Labs Blog

Websense Security Labs discovers, investigates and reports on advanced Internet threats that traditional security
research methods miss.

Latest Blog Posts

View all posts > 

APT tagged in these posts

Labs Research: Using Anomalies in Crash Reports to Detect Unknown Threats

Posted: 19 Feb 2014 05:00 AM | AlexWatson | no comments


Websense Research Report Details New Targeted Campaigns and Unreported POS Systems Attack Today, we released a research white paper detailing the use of Windows Error Reporting (WER) to detect advanced targeted campaigns in the wild, including: a campaign against a government agency; a major cellular...

Read more > 

Filed under: , , , , , ,

MSIE 0-day Exploit CVE-2014-0322 - Possibly Targeting French Aerospace Association

Posted: 13 Feb 2014 11:32 AM | AlexWatson | 1 comment(s)


Executive Overview Websense researchers have discovered the use of CVE-2014-0322 as early as January 20, 2014 - nearly 3 weeks before the previously known first date of the attacks The attack may be targeting organizations associated with the French aerospace association, GIFAS The CVE-2014-0322 exploit...

Read more > 

Filed under: , , , , , ,

Nitro targeted attacks

Posted: 02 Nov 2011 08:39 AM | Patrik Runald | no comments


Recently, our friends over at Symantec released a report about an attack named Nitro. This targeted attack allowed unknown attackers to target several types of organizations, the latest known attacks occurring in the chemical sector, where 29 different targets were confirmed. The attacks follow a standard...

Read more > 

Filed under: ,

Duqu - Stuxnet 2.0

Posted: 19 Oct 2011 06:10 PM | Patrik Runald | no comments


The security industry is buzzing today after Symantec released a whitepaper on a threat known as Duqu . What's interesting about Duqu is that it's heavily based on the Stuxnet source code, a worm that targets industrial control systems (ICS). The Stuxnet source code has never been made available...

Read more > 

Filed under: ,