Websense Security Labs Blog

Websense Security Labs discovers, investigates and reports on advanced Internet threats that traditional security
research methods miss.

View all posts > 

Filtered by : Malicious emails, Rogue AV

Sorry, but there are no more tags available to filter with.

What's More Scary, Hurricanes or Black Holes?

Posted: 20 Sep 2011 08:52 PM | Ran Mosessco

By now, it has become somewhat of a cliché to mention how cyber-criminals try to exploit the latest hot topics to lure victims to malicious content. The recent hurricane scares, however, provided an example that we found interesting. A few weeks ago, Websense Security Labs and the Websense ThreatSeeker® Network came across an email campaign that redirected users to Web pages downloading rogue AV via the Blackhole exploit kit.

Websense Email Security and Websense Web Security protect against this kind of blended threat with ACE, our Advanced Classification Engine.

This post examines how various vectors (email and Web) lead to Blackhole exploit kits and rogue AV, all hosted on a single IP address.

It also shows how some messages from the same email campaign, as well as similar variants, lead to pharmaceutical sites related to the "Yambo Family" group of Web sites.



Filed under: , , ,

no comments

Can rogue AV ever be legitimate?

Posted: 21 Sep 2010 09:04 AM | Anonymous

Over the past year, the prevalence of search results laced with rogue AV seemed to never end. Whether the search was about celebrity, politics, calamity, or anything that was hot and trending, blackhat SEO was sure to follow. Now, search engines are being more proactive in producing safer search results...


Filed under: , ,

no comments

You have Rogue Mail!

Posted: 06 Aug 2010 05:17 PM | Anonymous

Websense Security Labs™ ThreatSeeker™ Network has detected thousands of malicious emails purporting to be from big-brand companies like Target, Macy’s, Best Buy, and Evite. We blogged about the different attack strategies that malicious authors have been using in their recent tax-themed...


Filed under: , ,

no comments