Websense Security Labs Blog

Websense Security Labs discovers, investigates and reports on advanced Internet threats that traditional security
research methods miss.

Latest Blog Posts

View all posts > 

Zeus GameOver

Posted: 03 Jun 2014 05:36 PM | ngriffin | no comments

Zeus is a malware family that we encounter frequently, due to its popularity with cyber-criminal groups. Ever since the Zeus source code was leaked in 2011, there have been many new variants. One such variant is dubbed ‘GameOver’, which recently made a mark in the media after its infrastructure...


Filed under: , , , , , ,

IE Zero-Day Patch on the Way

Posted: 01 May 2014 07:01 PM | Charles Renert | no comments

A quick note on CVE-2014-1776 — Microsoft will have a patch out tonight. Especially noteworthy is the decision to patch Windows XP. Good call. Beyond the proactive security provided at all other stages of the threat lifecycle, we've added protection for known variants of the vulnerability and...


Filed under: , , ,

Crimeware based Targeted Attacks: Citadel case, Part III

Posted: 28 Apr 2014 03:50 AM | ngriffin | no comments

In our previous blog (part 2 in this 3 part series), we outlined how Citadel infects a host machine, and we extracted some string references that we used to detect it via YARA. However, we have yet to really understand how this crimeware works and the risk it poses. In this third part, we will dive deeper...


Filed under: , , , ,

Broken Hearted? A Practical Look at the Heartbleed Vulnerability

Posted: 11 Apr 2014 03:15 PM | Carl Leonard | no comments

Following on from our previous Heartbleed post , there have been countless reports on the far-reaching scale of this critical security flaw along with numerous discussions as to what 'exactly' an attacker can gain from exploiting the vulnerability. Given the online and 'connected' nature...


Filed under: , , , ,

"Heartbleed" Vulnerability in OpenSSL (CVE-2014-0160) Could Lead To Data Theft

Posted: 09 Apr 2014 05:56 PM | Carl Leonard | no comments

Websense® Security Labs™ has been tracking news of a vulnerability in the implementation of OpenSSL which has far-reaching implications for it's users and those impacted by it's use. The vulnerability, CVE-2014-0160 , allows a remote attacker to read the memory of systems protected...


Filed under: , , , ,