Websense Security Labs Blog

Websense Security Labs discovers, investigates and reports on advanced Internet threats that traditional security
research methods miss.

View all posts > 

Filtered by : Malicious emails

Low Volume, High Payoff Attacks Target Financial Services Industries in Asia

Posted: 09 Sep 2013 10:00 PM | Ran Mosessco


Executive Summary Malicious email found targeting financial institutions in the Middle East, Pakistan, and Nepal. Very low volume and advanced penetration techniques applied aiming for stealthy payoff. Websense® ThreatScope™ sandboxing reveals the attack most likely seeks monetary gain through...

Read more > 

Filed under: , ,

no comments

Royal Baby: Third in Line to the Throne, First in Line as a Threat Lure!

Posted: 24 Jul 2013 03:27 AM | Carl Leonard


Following yesterday's news, the Duke and Duchess of Cambridge are now the proud parents of a baby boy and future heir to the British throne. Whilst they revel in the joy of being a family, cyber-criminals have predictably been busy delivering various malicious campaigns in order to piggy-back on the news.  The Websense ThreatSeeker® Intelligence Cloud has been tracking malicious cyber-campaigns that started in the hours following the official announcement that The Duchess of Cambridge was in labour.

...

Read more > 

Filed under: , , , ,

no comments

Fox News-themed Malicious Email Campaign [UPDATED]

Posted: 28 Jun 2013 02:23 AM | Carl Leonard


Websense® Security Labs™ researchers, using our Websense ThreatSeeker® Intelligence Cloud, discovered an interesting malicious email campaign using spoofed email addresses from Fox News domains in an attempt to ultimately lure victims to websites hosting the Blackhole Exploit Kit. Should the exploit and compromise be successful, a malicious payload related to the Cridex family appears to be delivered which, as detailed in an earlier Websense Security Labs blog, is typically used to steal banking credentials as well as the exfiltration of personally identifiable information (PII) and other confidential data for criminal gain. These emails, discovered early on the morning of June 27th,  featured “breaking news” subjects and mimicked legitimate news content related to the US Military moving into Syria in order to entice the victim to 'click' on the malicious links. The campaign appears to have targeted a variety of industries and countries, as of 1600 PST on June 27th, the Websense ThreatSeeker® Intelligence Cloud had detected and blocked over 60,000 samples.

...

Read more > 

Filed under: , , , ,

no comments

Cyber Criminals Exploiting the Boston Marathon Aftermath [UPDATED]

Posted: 17 Apr 2013 12:32 PM | Carl Leonard


Whilst the world recoils in shock at the atrocious events at Monday's Boston Marathon, cyber-criminals are actively seeking to exploit people's thirst for information and eagerness to help those affected by the attacks.

The Websense ThreatSeeker® Network is currently detecting and blocking multiple email-borne campaigns that attempt to lure unsuspecting recipients to malicious websites in order to exploit their machines for criminal gains.

Let's follow this campaign through the 7 Stages of Advanced Threats (as explained in our whitepaper) to see how cyber-criminals attempt to dupe and compromise users and their machines. We'll also show that breaking any one link in the chain can protect potential victims.

...

Read more > 

Filed under: , , , ,

no comments

Margaret Thatcher's Death Used in Cyber Attacks

Posted: 10 Apr 2013 03:39 AM | uwang


As the world remembers former British Prime Minister Margaret Thatcher, cyber attackers are participating too, but in their own tricky ways. Websense® Security Labs™ and the Websense ThreatSeeker® Intelligence Cloud have detected that attackers are sending malicious email spam with a topic...

Read more > 

Filed under: , , , , ,

1 comment(s)