Choose from several options for complete web, email and data security.
Evaluate Websense products by watching demos and installing evaluation software.
Learn how Websense solutions help keep our customer safe, secure and productive
Get information on product updates, support resources and more.
Get the most out of support in five simple steps.
Find tools and assets to help sell Websense solutions.
Come work for the global leader in unified information security.
Every day, organizations worldwide are targeted by data-stealing attacks. While these attacks have evolved in frequency and sophistication, many security defenses have failed to adapt. Old techniques don’t address containment against data theft and cybercrime call-home communications. The growing prevalence of cloud apps, along with increases in SSL traffic, mobility and remote users are also adding more blind spots to traditional defenses.
It’s imperative that we continue to stay up-to-date on the latest tactics and tricks. Join me this Wednesday, August 8, 2012 from 10 a.m. - 11 a.m. PT for a webinar on the seven stages of data theft. We’ll be covering each of these steps:
Reconnaissance - Targeted
attackers access credentials and research online profiles, email IDs, org.
chart information, hobbies and interests from social profiles to gain insight
on their victims.
Lures - Designed to prey
on human curiosity, web lures often link to videos or breaking news, while
email lures are more business-focused on transaction and fake delivery notices.
Redirects - Users are
usually directed to a survey, rogue anti virus offer or a fake web page where
an exploit kit is waiting. Traditional redirects are injection attacks, while
newer ones focus on social networking wall postings, fake plug-ins, fake
certificates and heavily obfuscated java script.
Exploit Kits - The
exploit kit objective is like that of a sniper: take the shot with a malware
dropper file only when an open door for tested vulnerabilities is found.
Dropper Files - This stage
is what most people consider the focus of their forward-facing defenses:
analyze every file that comes into the network for malware. The problem is
dropper files use dynamic packers, so known signatures and patterns are not
Call-Home - This stage
involves calling home for malware downloads and tools, and for sending back
information, standard procedure for any successful online attack. The problem
is that most defenses are only forward-facing and do not analyze the outbound
traffic from infected systems.
Data Theft - This is
what they are after. The ability to contain an attack and stop data theft raises
many questions that we will address. Can your defenses detect password files
leaving your network or the use of custom encryption on outbound files?
In addition, we’ll be covering: why current defenses are failing; today’s new security requirements; and the newest, bleeding edge advanced threat and data theft defenses to emerge thus far.
We look forward to having you join the webinar. Bring your questions and be ready to talk threats!
When we were looking at putting out our Websense Security Labs predictions for 2012, we knew that mobile threats were going to be big this year. While we included one prediction on it, there was one piece that I had thought of, but didn’t include. It’s still a ways away, but Paul Henry has an excellent write up on “QR Codes – Leading Lambs To the Slaughter.”
He correctly points out that these “ultimate url-obfuscators” can be a serious threat down the line.
It’s a good reminder that any applications on workforce mobile devices need to be properly sandboxed from the operating system. We’ve already noted in Websense Security Labs research that there are challenges with certain platforms and there are a number of mobile malware variants, including Trojans on handhelds.
It’s interesting to think QR codes as threats continue to evolve in the mobile landscape. What’s funny is as I was writing this, our Security Labs researches discovered QR codes being used a new way – through a spam campaign.
What do you think about QR codes?
Follow us on SpiceWorks
We want to hear from you!