Websense Security Labs Blog

Websense Security Labs discovers, investigates and reports on advanced Internet threats that traditional security
research methods miss.

View all posts > 

Filtered by : Social Networks

LinkedIn Lure Looking for Love-ly Profiles, Possibly More

Posted: 31 Oct 2013 01:15 AM | Carl Leonard


Websense® Security Labs™ ThreatSeeker® Intelligence Cloud has identified a LinkedIn profile configured to use social engineering techniques in order to target fellow LinkedIn users.  Here at Websense we refer to The 7 Stages of Advanced Attacks.  This model of describing the kill chain discusses Stage 1: Reconnaissance - the act of uncovering information that will facilitate the attacker to conduct a later, more successful attack .  We believe that this particular campaign may be a precursor to a more specialized targeted attack.

...

Read more > 

Filed under: , , , ,

no comments

Twitter Adopt 2FA; Here Is What You Can Do

Posted: 23 May 2013 09:01 AM | Drendell_


In the wake of recent account compromises, including Associated Press and the rampant breaches orchestrated by the "Syrian Electronic Army", Twitter have recently released 2FA (2 Factor Authentication), which is a most welcome addition to bolster users' security. It is not, however, the be-all and end-all: users are still responsible for choosing strong, hard-to-guess passwords. If your password is compromised, control of your account may be lost to malicious actors.

 

While it's true that, given enough time and resources, all passwords are crackable regardless of their complexity – a pass-string of 200 random characters is ultimately just as vulnerable to brute forcing as a password containing just one character – the aim of a complex pass-string  is to make an attack chronologically infeasible. Let’s first take a look at the total number of possible combinations for a given base of elements:

 

 

 

...

Read more > 

Filed under: , ,

no comments

2013 Threat Report: More Than Scary Stats and Chilling Charts

Posted: 13 Feb 2013 08:30 AM | Carl Leonard


The 2013 Threat Report from the Websense® Security Labs™ is now available.

 

The report details mobile, social, email and web-based threats, and while it is full of ominous data points, it is a very interesting read. The report is designed to help security professionals keep current with threat trends and improve the effectiveness of existing security solutions. It can also be used to identify and prioritize security gaps that may require new approaches and more innovative strategies.

 

Creating the report began with the ThreatSeeker® Network, composed of big data clusters used by the WSL to collect and manage up to 5 billion inputs each day from 900 million global endpoints. Malware samples, mobile applications, email content, web links and other information were then passed through deep analysis processes including our Advanced Classification Engine (ACE), which applied over 10,000 different analytics.

 

...

Read more > 

Filed under: , , , , , , , , , , , , , ,

no comments

Battered Twitter, Phish but no Chips! [Updated]

Posted: 05 Feb 2013 04:47 PM | Jason Hill


Hot on the heels of Friday’s announcement by Twitter that they ‘detected unusual access patterns that led to us identifying unauthorized access attempts to Twitter user data’ and subsequent confirmation that ‘attackers may have had access to limited user information’ for  ‘approximately 250,000 users’,  Websense® Security Labs™ are tracking a phishing campaign propagated via Twitter’s direct message functionality.

...

Read more > 

Filed under: , ,

no comments

'Jacked Frost' Facebook Scam Goes Wild and Doubles Over the Weekend

Posted: 10 Dec 2012 11:51 AM | Elad Sharf


Last week we wrote a blog about a specific Facebook scam that appeared to spread rather aggresively. We have decided to nickname the scam "Jacked frost". The Websense® ThreatSeeker™ network detected that the scam has increased and multiplied over the weekend - particularly on Saturday where we saw the amount of unique URLs related to this scam double. This shows how cyber crooks time their attacks to times where users are more laid back and when the security community is less likely to alert users on this type of threat.

 

...

Read more > 

Filed under: , , ,

no comments

Black Friday/Cyber Monday Survival Guide

Posted: 23 Nov 2012 01:00 AM | Jason Hill


Many of our colleagues, customers and readers would have now enjoyed their fill of turkey and pumpkin pie for Thanksgiving and are preparing for a second day of festivities with the arrival of Black Friday.  This traditionally, for North American retailers and consumers, marks the start of the holiday shopping season and although it is not observed for many as a national holiday, more and more retailers across the globe are launching Black Friday promotions in order to entice consumers and increase sales.  Additionally, given that Black Friday is typically a physical 'bricks-and-mortar' retail affair, online retailers seek to continue the shopping frenzy with additional offers, promotions and sales with Cyber Monday, a marketing term coined in 2005 by Shop.org.

...

Read more > 

Filed under: , , , , ,

no comments

Unsolicited Secret Admirers Via Email

Posted: 02 Oct 2012 08:47 AM | Jason Hill


The Websense® ThreatSeeker® Network has detected an unsolicited email campaign in which love-struck or curious recipients may have their appetites whetted by the thought of a secret admirer. Although Websense customers are protected from this and other threats by ACE™, our Advanced Classification Engine, this post provides an insight into the campaign, which appears to be on the increase today.

 

The messages, sent from various Yahoo.com accounts, suggest that the sender has "to let you know how [they] feel" and provide an enticing Facebook link to "View Your Ecard".

 

...

Read more > 

Filed under: , , ,

no comments

Reports of 6.4 Million Stolen LinkedIn Passwords

Posted: 06 Jun 2012 03:44 PM | Carl Leonard


LinkedIn is investigating reports that approximately 6.4 million user passwords have been posted on the Web. While the breach is still unconfirmed by LinkedIn (as of the time that we wrote this blog), they have acknowledged on their Twitter feed that their investigations have begun.

If you're a LinkedIn user, Websense® Security Labs recommends that you change your password immediately to help prevent your password from falling into the wrong hands.

 

After retrieving the password files that are being distributed on forums in the .ru TLD space, it appears that the passwords are hashed. However, based on samples seen by us, it is easy to translate them into clear text. Our initial investigations reveal that a password of "linkedin" features heavily.

It is uncertain how the hackers retrieved the stolen passwords; however, the passwords that users are finding in the hashed files do appear to be real.

...

Read more > 

Filed under: , , ,

1 comment(s)