Websense Security Labs Blog

Websense Security Labs discovers, investigates and reports on advanced Internet threats that traditional security
research methods miss.

View all posts > 

Filtered by : Malware

Labs Research: Using Anomalies in Crash Reports to Detect Unknown Threats

Posted: 19 Feb 2014 05:00 AM | AlexWatson

Websense Research Report Details New Targeted Campaigns and Unreported POS Systems Attack Today, we released a research white paper detailing the use of Windows Error Reporting (WER) to detect advanced targeted campaigns in the wild, including: a campaign against a government agency; a major cellular...


Filed under: , , , , , ,

no comments

iOS7 announcement prompts themed ransomware kits

Posted: 31 May 2013 06:15 AM | Gianluca Giuliani

At Websense® Security Labs™ we recently spotted an interesting case of a phishing domain related to the imminent release of the Apple iOS7 Operating System.  

As gossips circulate news in the wild about iOS7 after the D11 conference presented by Apple CEO Tim Cook, cybercriminals are setting up a foundation for phishing and malicious activities. The domain name was registered about 22 days ago (from the date of this analysis), as also reported by our ThreatSeeker™ network



Filed under: , , , ,

no comments

Margaret Thatcher's Death Used in Cyber Attacks

Posted: 10 Apr 2013 03:39 AM | uwang

As the world remembers former British Prime Minister Margaret Thatcher, cyber attackers are participating too, but in their own tricky ways. Websense® Security Labs™ and the Websense ThreatSeeker® Intelligence Cloud have detected that attackers are sending malicious email spam with a topic...


Filed under: , , , , ,

1 comment(s)

2013 Threat Report: More Than Scary Stats and Chilling Charts

Posted: 13 Feb 2013 08:30 AM | Carl Leonard

The 2013 Threat Report from the Websense® Security Labs™ is now available.


The report details mobile, social, email and web-based threats, and while it is full of ominous data points, it is a very interesting read. The report is designed to help security professionals keep current with threat trends and improve the effectiveness of existing security solutions. It can also be used to identify and prioritize security gaps that may require new approaches and more innovative strategies.


Creating the report began with the ThreatSeeker® Network, composed of big data clusters used by the WSL to collect and manage up to 5 billion inputs each day from 900 million global endpoints. Malware samples, mobile applications, email content, web links and other information were then passed through deep analysis processes including our Advanced Classification Engine (ACE), which applied over 10,000 different analytics.




Filed under: , , , , , , , , , , , , , ,

no comments

The Hunt for Red October

Posted: 21 Jan 2013 04:30 PM | RM

“Red October” in the title of Tom Clancy’s bestselling novel referred to a Soviet submarine whose silent propulsion system made it undetectable to sonar. It’s a fitting name for the sophisticated cyber-espionage network that has recently been identified after collecting high-level...


Filed under:

no comments

Shamoon/DistTrack affecting energy sector

Posted: 16 Aug 2012 09:42 PM | Patrik Runald

Today news broke that at least one organization in the energy sector was hit by malware named Shamoon or DistTrack. We’ve been looking at the related malware samples and can confirm that Websense products that have our Advanced Classification Engine (ACE) have had proactive detection in place since...


Filed under: ,

no comments