Websense Security Labs Blog

Websense Security Labs discovers, investigates and reports on advanced Internet threats that traditional security
research methods miss.

View all posts > 

Filtered by : Malicious emails

Low Volume, High Payoff Attacks Target Financial Services Industries in Asia

Posted: 09 Sep 2013 10:00 PM | Ran Mosessco


Executive Summary Malicious email found targeting financial institutions in the Middle East, Pakistan, and Nepal. Very low volume and advanced penetration techniques applied aiming for stealthy payoff. Websense® ThreatScope™ sandboxing reveals the attack most likely seeks monetary gain through...

Read more > 

Filed under: , ,

no comments

Royal Baby: Third in Line to the Throne, First in Line as a Threat Lure!

Posted: 24 Jul 2013 03:27 AM | Jason Hill


Following yesterday's news, the Duke and Duchess of Cambridge are now the proud parents of a baby boy and future heir to the British throne. Whilst they revel in the joy of being a family, cyber-criminals have predictably been busy delivering various malicious campaigns in order to piggy-back on the news.  The Websense ThreatSeeker® Intelligence Cloud has been tracking malicious cyber-campaigns that started in the hours following the official announcement that The Duchess of Cambridge was in labour.

...

Read more > 

Filed under: , , , ,

no comments

Fox News-themed Malicious Email Campaign [UPDATED]

Posted: 28 Jun 2013 02:23 AM | Jason Hill


Websense® Security Labs™ researchers, using our Websense ThreatSeeker® Intelligence Cloud, discovered an interesting malicious email campaign using spoofed email addresses from Fox News domains in an attempt to ultimately lure victims to websites hosting the Blackhole Exploit Kit. Should the exploit and compromise be successful, a malicious payload related to the Cridex family appears to be delivered which, as detailed in an earlier Websense Security Labs blog, is typically used to steal banking credentials as well as the exfiltration of personally identifiable information (PII) and other confidential data for criminal gain. These emails, discovered early on the morning of June 27th,  featured “breaking news” subjects and mimicked legitimate news content related to the US Military moving into Syria in order to entice the victim to 'click' on the malicious links. The campaign appears to have targeted a variety of industries and countries, as of 1600 PST on June 27th, the Websense ThreatSeeker® Intelligence Cloud had detected and blocked over 60,000 samples.

...

Read more > 

Filed under: , , , ,

no comments

Cyber Criminals Exploiting the Boston Marathon Aftermath [UPDATED]

Posted: 17 Apr 2013 12:32 PM | Jason Hill


Whilst the world recoils in shock at the atrocious events at Monday's Boston Marathon, cyber-criminals are actively seeking to exploit people's thirst for information and eagerness to help those affected by the attacks.

The Websense ThreatSeeker® Network is currently detecting and blocking multiple email-borne campaigns that attempt to lure unsuspecting recipients to malicious websites in order to exploit their machines for criminal gains.

Let's follow this campaign through the 7 Stages of Advanced Threats (as explained in our whitepaper) to see how cyber-criminals attempt to dupe and compromise users and their machines. We'll also show that breaking any one link in the chain can protect potential victims.

...

Read more > 

Filed under: , , , ,

no comments

Margaret Thatcher's Death Used in Cyber Attacks

Posted: 10 Apr 2013 03:39 AM | uwang


As the world remembers former British Prime Minister Margaret Thatcher, cyber attackers are participating too, but in their own tricky ways. Websense® Security Labs™ and the Websense ThreatSeeker® Intelligence Cloud have detected that attackers are sending malicious email spam with a topic...

Read more > 

Filed under: , , , , ,

1 comment(s)

2013 Threat Report: More Than Scary Stats and Chilling Charts

Posted: 13 Feb 2013 08:30 AM | Carl Leonard


The 2013 Threat Report from the Websense® Security Labs™ is now available.

 

The report details mobile, social, email and web-based threats, and while it is full of ominous data points, it is a very interesting read. The report is designed to help security professionals keep current with threat trends and improve the effectiveness of existing security solutions. It can also be used to identify and prioritize security gaps that may require new approaches and more innovative strategies.

 

Creating the report began with the ThreatSeeker® Network, composed of big data clusters used by the WSL to collect and manage up to 5 billion inputs each day from 900 million global endpoints. Malware samples, mobile applications, email content, web links and other information were then passed through deep analysis processes including our Advanced Classification Engine (ACE), which applied over 10,000 different analytics.

 

...

Read more > 

Filed under: , , , , , , , , , , , , , ,

no comments