Websense Security Labs Blog

Websense Security Labs discovers, investigates and reports on advanced Internet threats that traditional security
research methods miss.

Latest Blog Posts

View all posts > 

Adobe Flash Player 0-day Abused In The Wild (CVE-2015-3113), Our Customers Protected

Posted: 24 Jun 2015 08:20 AM | Carl Leonard | no comments

Websense® Security Labs™ researchers are aware of a vulnerability within Adobe Flash Player, CVE-2015-3113. Exploitation of the vulnerability leads to a buffer overflow which can be abused by a malware author to execute arbitrary code on the compromised machine. Adobe have deemed this vulnerability...


Filed under: , , , ,

More SSL Mess - Logjam

Posted: 21 May 2015 03:18 AM | Tamas Rudnai | no comments

More SSL Mess - Logjam

Can we get through a quarter without a major high profile SSL vulnerability? OpenSSL regularly patches high severity issues, however only certain vulnerabilities catch the media’s fancy. Logjam adds to the list of recently discovered high profile SSL vulnerabilities, which include Heartbleed, Poodle and FREAK to name a few. With an estimated 8.4 percent of the Top 1 million domains affected at the time of publication of this blog, this vulnerability poses a significant risk to the internet ecosystem much the same way its predecessors have and still do.



Filed under: , , , , , ,

Turn $1 into $100 right away…..Your personal files are encrypted!

Posted: 29 Apr 2015 03:00 PM | MarkHaffenden | no comments

Those are the five words that no one wants to see pop up on their screen. Websense® Security Labs™ researchers have identified an interesting tactic in the proliferation of Crypto ransomware. One published example exploits the very human vulnerability concerning the fear of receiving a parking...


Filed under: , , ,

Andromeda – An attack kill chain analysis

Posted: 28 Apr 2015 04:00 PM | uwang | no comments

The Andromeda botnet, initially discovered in late 2011, is a highly modular platform for malicious activity. While it consists of key loggers, rootkits, anti-VM, anti-debugging and proxy features, it is mostly used as a method to establish a reliable backdoor to further deliver additional malware. Recently...


Filed under: , , , ,

Charting the Unexplored Threat Galaxy

Posted: 27 Apr 2015 10:30 AM | Ran Mosessco | no comments

We live in a world where the cyber threat landscape is very dynamic. Actionable threat intelligence is buried deep within terabytes of seemingly interesting but irrelevant data. Plausible deniability, false positives, lack of traceability and attribution, skillful attackers, adaptation of warfare techniques...


Filed under: , , , , ,

Low volume targeted attack linked to US Government targets, uses multiple evasion tactics

Posted: 22 Apr 2015 01:00 PM | Carl Leonard | no comments

Over the last few months, Websense® Security Labs™ researchers have tracked and analyzed the attack methods of a low-volume, targeted attack linked to the US Federal government space. The attack uses a combination of evasion tactics throughout its lifecycle in order to remain elusive. In this...


Filed under: , ,