Choose from several options for complete web, email and data security.
Learn more
Evaluate Websense products by watching demos and installing evaluation software.
Learn how Websense solutions help keep our customer safe, secure and productive
Get information on product updates, support resources and more.
Get the most out of support in five simple steps.
Find tools and assets to help sell Websense solutions.
Come work for the global leader in unified information security. Go
Contact us>
“Patch Java and you’ll be protected against Java threats”
We seem to hear this constantly, not just in the last few months, but for years. Way back in Nov. 2011, we were told that if we had Java 6 Update 29 or Java 7 update 1, we wouldn’t be vulnerable to the security weaknesses in the headlines. Yet, with each update vulnerabilities continue to be discovered and exploited. We even had two Java 0-day exploits included in kits before Oracle had patches prepared. Yet despite the patches, we continue to hear about new vulnerabilities...
So what to do? Based on my discussions with other pros and my own experience I’ll be presenting a series on how to mitigate Java risks to protect your endpoints. We’ll look at: Proactive; Immediate; and Long-Term prophylactic measures. Here’s what you can start acting on now:
Every day, organizations worldwide are targeted by data-stealing attacks. While these attacks have evolved in frequency and sophistication, many security defenses have failed to adapt. Old techniques don’t address containment against data theft and cybercrime call-home communications. The growing prevalence of cloud apps, along with increases in SSL traffic, mobility and remote users are also adding more blind spots to traditional defenses.
It’s imperative that we continue to stay up-to-date on the latest tactics and tricks. Join me this Wednesday, August 8, 2012 from 10 a.m. - 11 a.m. PT for a webinar on the seven stages of data theft. We’ll be covering each of these steps:
Reconnaissance - Targeted attackers access credentials and research online profiles, email IDs, org. chart information, hobbies and interests from social profiles to gain insight on their victims.
Lures - Designed to prey on human curiosity, web lures often link to videos or breaking news, while email lures are more business-focused on transaction and fake delivery notices.
Redirects - Users are usually directed to a survey, rogue anti virus offer or a fake web page where an exploit kit is waiting. Traditional redirects are injection attacks, while newer ones focus on social networking wall postings, fake plug-ins, fake certificates and heavily obfuscated java script.
Exploit Kits - The exploit kit objective is like that of a sniper: take the shot with a malware dropper file only when an open door for tested vulnerabilities is found.
Dropper Files - This stage is what most people consider the focus of their forward-facing defenses: analyze every file that comes into the network for malware. The problem is dropper files use dynamic packers, so known signatures and patterns are not available.
Call-Home - This stage involves calling home for malware downloads and tools, and for sending back information, standard procedure for any successful online attack. The problem is that most defenses are only forward-facing and do not analyze the outbound traffic from infected systems.
Data Theft - This is what they are after. The ability to contain an attack and stop data theft raises many questions that we will address. Can your defenses detect password files leaving your network or the use of custom encryption on outbound files?
In addition, we’ll be covering: why current defenses are failing; today’s new security requirements; and the newest, bleeding edge advanced threat and data theft defenses to emerge thus far.
We look forward to having you join the webinar. Bring your questions and be ready to talk threats!
We recently released findings on the current state of security in Canada. If you’ve read that piece, you may now be wondering how that compares with the rest of the world. The Websense Security Labs recently released our 2012 Threat Report exploring the biggest threats, trends, and themes collected by the Websense ThreatSeeker Network and investigated by our security lab research teams.
2011 redefined the way many think of and view internet and corporate security. 2012 is continuing this trend. From high profile targeted attacks, hacktivism, data theft and the leverage of exploit kits to selectively deliver malware dropper files when vulnerabilities are detected on user systems, the year forced everyone to think, “Am I next?”
The Websense Security Labs Threat Report provides metrics and practical advice for IT Security professionals. Take a read and let us know if you have any questions about the findings.
With the hectic travel schedule of first quarter wrapping up I had some spare time to think about advocating a fresh approach to security for the spring. I know it’s not the beginning of the year, but if your schedule is anything like mine, this may be the first time you’ve had a minute to spare since the calendar moved to 2012. With everything in the threat landscape changing so frequently, it’s important to reassess your current status and plan for the coming year, whenever we can come up for air. So, I came up with the following nine tips to help you get a fresh start this spring:
<CONTINUE>
Last week, Lady Gaga became the latest celebrity to have her Twitter account hacked. In this instance the hacker used it to attract clicks to a scam offer for a free iPad. While this scam was designed to collect information rather than inject malware or data stealing code, it was incredibly effective. Hundreds of thousands of clicks happened in a very short amount of time before the post was taken down.
As a Security Researcher in the Websense Security Labs I’m often called upon to explain the dangers associated with these types of hacks, and how to avoid falling victim. It's a tough one because once an account is taken over the hacker mimics/impersonates the true owner of the account. In the Lady Gaga example the twitter hack used the nickname "monsters" in a rogue tweet which is a term her fans will be familiar with. Making it all the more believable.
Here are some tips for staying safe while following celebrities on Twitter...
With all of the crazy 2011 security breaches, exploits and notorious hacks, what can we expect for 2012? Last year’s Websense Security Labs predictions were very accurate, so these predictions should provide very useful guidance for security professionals. Here are the highlights; the full report can be downloaded here.
Read more commentary and watch the video here.
Your worst nightmare has come true: your business has been hacked! What do you do? Today, the Wall Street Journal published an article addressing this worst-case scenario with an insightful to-do list for companies facing a data breach.
While a breach will likely set a company back financially, there are steps a business can take to take to reduce the damage and prevent the event from having a long-lasting impact. The article calls for multiple steps. One in particular is to determine if the breach is still open – companies are warned not to assume that just because one infected computer has been cleaned up or removed the attack is over. The intruder could have taken control of multiple machines. Patrik Runald, Senior Security Research Manager at Websense is quoted in the article on this subject:
“Hackers often send data to so-called dynamic hosts that constantly change their Internet addresses. Most legitimate websites don't use this kind of addressing. If data are still being sent to these types of addresses, it's a possible sign that a breach is still happening.” – Patrik Runald, Websense
The Wall Street Journal cites the Identity Theft Resource Center, which reports that last year, 662 organizations publicly disclosed data breaches. However, the actual number is likely much higher than that, since not all hacking incidents are disclosed. With all of the major security breaches we’ve seen in the last year, it is impossible to ignore the need for organizations to tighten up their security strategy. Cybercrooks are using every possible vector to penetrate your networks and traditional security solutions just don’t cut it. Find out how to protect your organization from the latest targeted attacks here.
The media is buzzing with stories of state-sponsored hacking and so-called advanced persistent threats, as well as high-profile data-theft attacks by cybercriminals. So what does this mean to everyday businesses owners and managers, companies that aren’t defense contractors or giant corporations?
It means watch out. The wildly successful techniques used in state-sponsored attacks are moving down a malware adoption lifecycle. Yesterday’s million-dollar, well-planned, high-profile attack quickly becomes a $25 exploit kit available online to armies of low-level hackers.
This is phase two of advanced threats. This army of profit-driven hackers is using the same advanced techniques to steal any data that they can get their hands on to sell, fence or ransom. No one is safe, because traditional defenses don’t work against advanced malware. And the cybercriminals are targeting every kind and size of business.
This is the part of the story that people need to hear: While the big-name breaches get the headlines, too many companies get lulled into a false sense of security thinking that they are safe because they don’t have state secrets. Our research shows how the advanced techniques used in APT attacks move downstream. From state-sponsored groups, to criminal gangs, and ultimately to individual hackers—they are hitting any business with anything of value. Because that’s where the money is. And it’s easy pickings because their antivirus software is defenseless against these advanced methods. Here’s how we see the malware adoption lifecycle playing out in the wild:
In the first two installments in this series, I talked about getting rid of the FUD around APTs and why they should matter to you, even if you aren’t a government agency, or one of the biggest companies on earth. Now let’s get down to the controversy that is consuming a lot of bandwidth in security circles: What is an APT and how is it any different from older malware attacks out there like botnets, blended attacks, and standard binary-based viruses? So much is written about the topic, yet many people don’t really understand it and are just rehashing an old topic under a new name.
The jaded folks in the security community say that all of the talk about APTs is FUD because true APTs are very few and far between. I beg to differ. I’d say that the APT buzz is not Fear, Uncertainty, and Doubt but rather Fear, Certainty, and Damage.
Let’s start with what makes a “true” APT (all examples are real)...
Early last week I was a guest of the OWASP San Diego Chapter who invited me to give a presentation on the Top Ten Web Hacking Techniques of 2010. An audience of nearly 50 filled the room, graciously hosted by Websense, and was treated to a sushi and sake dinner while I described and demoed the last year's latest research.
For those unfamiliar with this top ten, every year the Web security community produces a stunning amount of new hacking techniques published in various white papers, blog posts, magazine articles, mailing list emails, etc. Within the thousands of pages are the latest ways to attack websites, Web browsers, Web proxies, and so on. The Top Web Hacking Techniques acts as a centralized knowledge base, a way to recognize researchers who contribute excellent work, and digestible way for the community keep up with the latest trends -- a look forward. After the presentation I got the opportunity to meet many new people and learn more about the things in Web security that most interest them. Lots of chatter about where OWASP as an organization should be heading, conversations about the latest hacks in the news, what various Web security vendors are up to, and of course, several personal appsec projects. If you are in the San Diego area and interested in the subject matter, you should really consider attending.
Jeremiah Grossman
Follow us on SpiceWorks
BlogRoll
We want to hear from you!
