Websense Security Labs Blog

Websense Security Labs discovers, investigates and reports on advanced Internet threats that traditional security
research methods miss.

Latest Blog Posts

View all posts > 

The Bitly API key and MSNBC unvalidated redirects

Posted: 21 Jul 2014 08:00 AM | Pietro Bempos | no comments


Websense Security Labs™ has observed a spam/fraud campaign whereby a user is redirected from a real news site to a fake news site. In this case the real site is msnbc.com, which belongs to the well-known cable and satellite channel MSNBC. We have discovered that cyber criminals appear to have gained...

Read more > 

Filed under: , ,

Zberp - is there anything to fear?

Posted: 19 Jun 2014 10:31 AM | ngriffin | no comments


Websense Security Labs™ see a lot of new malware names on a daily basis. Some are brand new and unique, and others are spin-off variants of well known malware. Recently the name 'Zberp' appeared in the media, with reports suggesting it combines some of the most powerful features of the...

Read more > 

Filed under: , , , ,

Zeus GameOver

Posted: 03 Jun 2014 05:36 PM | ngriffin | no comments


Zeus is a malware family that we encounter frequently, due to its popularity with cyber-criminal groups. Ever since the Zeus source code was leaked in 2011, there have been many new variants. One such variant is dubbed ‘GameOver’, which recently made a mark in the media after its infrastructure...

Read more > 

Filed under: , , , , , ,

IE Zero-Day Patch on the Way

Posted: 01 May 2014 07:01 PM | Charles Renert | no comments


A quick note on CVE-2014-1776 — Microsoft will have a patch out tonight. Especially noteworthy is the decision to patch Windows XP. Good call. Beyond the proactive security provided at all other stages of the threat lifecycle, we've added protection for known variants of the vulnerability and...

Read more > 

Filed under: , , ,