Charting the Unexplored Threat Galaxy
Posted: Monday, April 27, 2015 10:30 AM by Ran Mosessco
We live in a world where the cyber threat landscape is very dynamic. Actionable threat intelligence is buried deep within terabytes of seemingly interesting but irrelevant data. Plausible deniability, false positives, lack of traceability and attribution...   Read more >
Over-indulgence in the Easter Eggsploit Kit
Posted: Monday, April 6, 2015 12:00 PM by Jose Barajas
Photography by User: MrX As Peter Cottontail went hippity-hoppin’ down the bunny trail this past Easter weekend, he found it strewn with a different kind of Easter egg: the Fiesta exploit kit, hidden in insidious fashion among the downloadable coloring...   Read more >
Ebola Spreads - In Cyber Attacks Too
Posted: Thursday, October 23, 2014 7:38 AM by uwang
The Ebola virus has been spreading in West Africa since first appearing in Guinea in December, 2013. Its rising rate of infection, high mortality rate, and challenging isolation and containment requirements have raised world-wide alarm. Against that backdrop...   Read more >
Windows XP Put to Rest; The Beginning of "Forever Days"?
Posted: Tuesday, April 8, 2014 10:00 AM by Carl Leonard
Microsoft will no longer provide software updates and technical support for Windows XP as of April 8, 2014. The end of Windows XP support should not come as a surprise to most users. Microsoft has a long history of ending support for variations of its...   Read more >
FakeFlash Installation via Silverlight
Posted: Friday, February 14, 2014 11:45 AM by Jose Barajas
Using the Websense® ThreatSeeker® Intelligence Cloud , Websense Security Labs researchers have discovered attempts to infect users using the commonly distributed plug-in, Silverlight. Silverlight allows development of web and mobile applications...   Read more >
Eight Security Predictions for 2014
Posted: Thursday, November 14, 2013 3:18 PM by Elisabeth Olsen
2013 was not an easy year in cybersecurity—and we expect 2014 attacks will be even more complex. In a new report out today, Websense Security Labs researchers collectively outlined eight predictions and recommendations for 2014. To read the full...   Read more > compromised, serving up obfuscated content
Posted: Friday, October 25, 2013 8:51 AM by Anonymous
The Websense® ThreatSeeker® Intelligence Cloud has alerted us regarding content deployed on the web developer's web site hxxp:// Internet users may know that Google Safe Browsing has also alerted users to a possible infection or compromise...   Read more >
Zero-Day Attack for Internet Explorer (CVE-2013-3897) Goes High Profile
Posted: Wednesday, October 9, 2013 3:26 AM by Elad Sharf
Websense® Security Labs™ has seen a new zero-day exploit for Internet Explorer (CVE-2013-3897) used in highly targeted, low-volume attacks in Korea, Hong Kong, and the United States, as early as September 18th, 2013. The publication of the vulnerability...   Read more >
Cybercriminals Behind CVE-2013-3893 Launched Attacks Earlier Than Previously Reported; More Widespread
Posted: Thursday, September 26, 2013 11:59 AM by AlexWatson

Websense Security Labs™ Websense ThreatSeeker® Intelligence Cloud has discovered that attacks utilizing the most recent Internet Explorer 0-day (CVE-2013-3893) are more prevalent than previously thought.  In this write up we shall analyze the exploit code and perform analysis on the dropped malicious file.


Executive Summary

  • Websense protected our customers using real-time analytics that have been in place for nearly three years.
  • We have seen the CVE-2013-3893 exploit targeting Japanese firms in the financial industry, being hosted on a Taiwanese IP address.
  • Our ThreatSeeker Intelligence Cloud reported a potential victim organization in Taiwan attempting to communicate with the associated malicious command & control server.
  • Our telemetry indicates that the attack described above has a suitably high degree of segmentation between previous attacks as to indicate that possibly different team are using the same tool sets.
...   Read more >
Up To 70% of PCs Vulnerable to Zero-Day: CVE-2013-3893
Posted: Wednesday, September 18, 2013 6:35 AM by Anonymous

Another new vulnerability found in Microsoft Internet Explorer affects Internet Explorer versions 8, and 9 and used in a wild by cybercriminals, also specific configurations of Internet Explorer 6, 7, 8, 9, 10 and 11 are also potentially vulnerable. The vulnerability allows attackers to execute code on a machine by just having the user visit a malicious website. This can happen, for example, when the user is tricked into clicking a link in an email or via compromised legitimate websites.

...   Read more >
New Java and Flash Research Shows a Dangerous Update Gap
Posted: Thursday, September 5, 2013 5:51 PM by Matthew Mors
Today we're continuing our Java security research series by analyzing other plug-ins, browser extensions and rich internet applications that are commonly exploited. Our previous research indicated that the current state of Java affairs isn't pretty...   Read more >
Upcoming Webinar: Why Java Exploits Remain a Top Security Risk
Posted: Tuesday, April 30, 2013 11:05 PM by Bob Hansmann
Java vulnerabilities and zero-days are a serious problem in today's businesses. Frequently discovered vulnerabilities are consistently opening the door for data theft. Recent research by the Websense Security Labs found that 94 percent of computers...   Read more >
Margaret Thatcher's Death Used in Cyber Attacks
Posted: Wednesday, April 10, 2013 3:39 AM by uwang
As the world remembers former British Prime Minister Margaret Thatcher, cyber attackers are participating too, but in their own tricky ways. Websense® Security Labs™ and the Websense ThreatSeeker® Intelligence Cloud have detected that attackers...   Read more >
News Of Hugo Chavez's Death Used in Malicious Email Campaigns
Posted: Monday, March 11, 2013 5:40 PM by Carl Leonard
Following news of the death of Venezuelan President Hugo Chavez (as reported by the BBC ) the Websense ThreatSeeker® Intelligence Cloud has identified several malicious email campaigns that make reference to the President's death. Malware authors...   Read more >
Practical IT: How to Deal with Another Round of Zero Day Java Exploits
Posted: Monday, January 28, 2013 10:12 PM by Anonymous


“Patch Java and you’ll be protected against Java threats”

We seem to hear this constantly, not just in the last few months, but for years. Way back in Nov. 2011, we were told that if we had Java 6 Update 29 or Java 7 update 1, we wouldn’t be vulnerable to the security weaknesses in the headlines. Yet, with each update vulnerabilities continue to be discovered and exploited. We even had two Java 0-day exploits included in kits before Oracle had patches prepared. Yet despite the patches, we continue to hear about new vulnerabilities...

So what to do? Based on my discussions with other pros and my own experience I’ll be presenting a series on how to mitigate Java risks to protect your endpoints. We’ll look at: Proactive; Immediate; and Long-Term prophylactic measures. Here’s what you can start acting on now:


...   Read more >
Websense Security Labs Sees the Future - 2013 Security Predictions
Posted: Tuesday, November 13, 2012 8:05 AM by Anonymous
From mass Wordpress compromises to a spear-phishing attack on the White House, there is no doubt cybercriminals gained confidence and momentum in 2012. The Websense Security Labs looked at recent security and attack trends to come up with hypotheses of...   Read more >
What is Scaring Businesses the Most? Spear-phishing. New Websense Security Labs Research
Posted: Tuesday, October 9, 2012 4:58 AM by Patrik Runald
Spear-phishing is a huge concern for today’s government and enterprises. While high profile attacks like last week’s spear-phishing attack against the White House and last year’s attack against Oak Ridge National Laboratory underscore...   Read more >
EMEA Webcast: Seven Stages of Advanced Threats & Data Theft
Posted: Monday, September 10, 2012 7:59 AM by Spencer Parker
The seven stages hackers follow to steal data have been exposed! Traditional URL and AV defences are no longer effective in blocking targeted attacks. Cloud apps, mobility and remote users have all contributed to a growth in SSL traffic, which is a major...   Read more >
10 New Defenses That Help Prevent Data Loss and Theft
Posted: Wednesday, August 8, 2012 4:11 PM by Tom Clare
Last week we announced several new, important core security technologies that we added to our TRITON architecture . Websense ACE now includes 10 new defense innovations; seven are focused on outbound traffic to keep data theft and call-home communications...   Read more >
Webinar Wednesday: 7 Stages of Advanced Threats & Data Theft
Posted: Monday, August 6, 2012 2:18 PM by Tom Clare
Every day, organizations worldwide are targeted by data-stealing attacks. While these attacks have evolved in frequency and sophistication, many security defenses have failed to adapt. Old techniques don’t address containment against data theft...   Read more >
More Posts Next page »
More News & Views...