Choose from several options for complete web, email and data security.
Learn more
Evaluate Websense products by watching demos and installing evaluation software.
Learn how Websense solutions help keep our customer safe, secure and productive
Get information on product updates, support resources and more.
Get the most out of support in five simple steps.
Find tools and assets to help sell Websense solutions.
Come work for the global leader in unified information security. Go
Contact us>
“Patch Java and you’ll be protected against Java threats”
We seem to hear this constantly, not just in the last few months, but for years. Way back in Nov. 2011, we were told that if we had Java 6 Update 29 or Java 7 update 1, we wouldn’t be vulnerable to the security weaknesses in the headlines. Yet, with each update vulnerabilities continue to be discovered and exploited. We even had two Java 0-day exploits included in kits before Oracle had patches prepared. Yet despite the patches, we continue to hear about new vulnerabilities...
So what to do? Based on my discussions with other pros and my own experience I’ll be presenting a series on how to mitigate Java risks to protect your endpoints. We’ll look at: Proactive; Immediate; and Long-Term prophylactic measures. Here’s what you can start acting on now:
Every day, organizations worldwide are targeted by data-stealing attacks. While these attacks have evolved in frequency and sophistication, many security defenses have failed to adapt. Old techniques don’t address containment against data theft and cybercrime call-home communications. The growing prevalence of cloud apps, along with increases in SSL traffic, mobility and remote users are also adding more blind spots to traditional defenses.
It’s imperative that we continue to stay up-to-date on the latest tactics and tricks. Join me this Wednesday, August 8, 2012 from 10 a.m. - 11 a.m. PT for a webinar on the seven stages of data theft. We’ll be covering each of these steps:
Reconnaissance - Targeted attackers access credentials and research online profiles, email IDs, org. chart information, hobbies and interests from social profiles to gain insight on their victims.
Lures - Designed to prey on human curiosity, web lures often link to videos or breaking news, while email lures are more business-focused on transaction and fake delivery notices.
Redirects - Users are usually directed to a survey, rogue anti virus offer or a fake web page where an exploit kit is waiting. Traditional redirects are injection attacks, while newer ones focus on social networking wall postings, fake plug-ins, fake certificates and heavily obfuscated java script.
Exploit Kits - The exploit kit objective is like that of a sniper: take the shot with a malware dropper file only when an open door for tested vulnerabilities is found.
Dropper Files - This stage is what most people consider the focus of their forward-facing defenses: analyze every file that comes into the network for malware. The problem is dropper files use dynamic packers, so known signatures and patterns are not available.
Call-Home - This stage involves calling home for malware downloads and tools, and for sending back information, standard procedure for any successful online attack. The problem is that most defenses are only forward-facing and do not analyze the outbound traffic from infected systems.
Data Theft - This is what they are after. The ability to contain an attack and stop data theft raises many questions that we will address. Can your defenses detect password files leaving your network or the use of custom encryption on outbound files?
In addition, we’ll be covering: why current defenses are failing; today’s new security requirements; and the newest, bleeding edge advanced threat and data theft defenses to emerge thus far.
We look forward to having you join the webinar. Bring your questions and be ready to talk threats!
Do you think data breaches are up or down in 2011 compared to 2007 or 2008? The official answer may surprise you. According to DatalossDB and the 2011 Data Breach Investigations Report by Verizon, the number of records compromised per year has been decreasing since its 2008 peak. But these reports are missing something very important. It all comes down to what is reported. Last year I met with more than 450 CIOs and CSOs, and almost all of them said that incidents are way up. New breaches are constantly making headlines, so why is there a discrepancy between our perception and what these reports are finding?
Many industry reports focus on the never-ending stream of leaked or stolen personally identifiable information (PII). Most laws and industry standards, such as PCI DSS, also concentrate on PII. But there is something that could be more dangerous to lose than PII and that isn't getting enough attention in data breach reports—intellectual property (IP).
(More)
As soon as I heard about today’s Pew Internet Trust and American Life Project survey that says most people surf the Internet for no particular reason—I immediately thought of our recent research showing that the leisure, or fun side of the web can often be tainted. Searching for breaking trends and current news represented a higher risk (22.4 percent) than searching for objectionable content (21.8 percent). For example, while doing research for our threat report we found that searching for breaking trends and current news represented a higher risk (22.4 percent) than searching for objectionable content (21.8 percent).
Most people get into trouble when they are busy doing something that isn’t useful—internet use included. OK, so what does this mean for you at work? Well, if you didn’t know it already, your new workforce is on the internet A LOT, and they expect to have internet access.
So, you’ve got workers wandering the net and at every moment they are just two clicks away from malware. Makes you stop and think a bit about the security defenses you have in place within your organization, doesn’t it?
The study says, “internet users of all ages are much more likely now than in the past to say they go online for no particular reason other than to pass the time or have fun. Some 58 percent of all adults (or 74 percent of all online adults) say they use the internet this way.”
“Young adults’ use of the internet can at times be simply for the diversion it presents. Indeed, 81 percent of all young adults in this age cohort report they have used the internet for this reason at least occasionally.”
And it’s not just the youngest that are wandering the internet in their spare time (at their lunch, or on a slow Friday, or Monday). More than 65 percent of those 30-49 exhibit the same behavior.
You can’t stop internet access and keep happy employees, but you can keep your organization safe.
Keep up with the latest in threats and threat research at the Websense Security Labs blog.
With all of the crazy 2011 security breaches, exploits and notorious hacks, what can we expect for 2012? Last year’s Websense Security Labs predictions were very accurate, so these predictions should provide very useful guidance for security professionals. Here are the highlights; the full report can be downloaded here.
Read more commentary and watch the video here.
Websense Security Labs has found an alarming number of Facebook scams taking advantage of today’s tragedy in Oslo, Norway. Right now it seems to be infecting one user every second. The scam is a form of ‘clickjacking’ that replicates itself on users’ walls after they click on fake posts within their news feed.
This Facebook scam is unfortunate, but a very real threat. Criminals know how to take advantage of disasters and the hottest news items to get people to click on infected links. Tragedy is just one type of news that the bad guys use to exploit, compromise and infect your computer. Videos are an especially popular lure, we saw the same thing when Osama bin Laden died and during the Casey Anthony was acquitted. During times of crisis or breaking news, your best bet is to stick with the largest news organizations you trust. Avoid the potentially dangerous halls of search engines and social media sites, which are more susceptible to compromise and manipulation.
Users should also be cautious when clicking on breaking news trends and stories within search results related to the Oslo tragedy. Websense Security Labs have found that searching for breaking trends and current news represented a higher risk (22.4%) than searching for objectionable content (21.8%), including pornography.
In the first two installments in this series, I talked about getting rid of the FUD around APTs and why they should matter to you, even if you aren’t a government agency, or one of the biggest companies on earth. Now let’s get down to the controversy that is consuming a lot of bandwidth in security circles: What is an APT and how is it any different from older malware attacks out there like botnets, blended attacks, and standard binary-based viruses? So much is written about the topic, yet many people don’t really understand it and are just rehashing an old topic under a new name.
The jaded folks in the security community say that all of the talk about APTs is FUD because true APTs are very few and far between. I beg to differ. I’d say that the APT buzz is not Fear, Uncertainty, and Doubt but rather Fear, Certainty, and Damage.
Let’s start with what makes a “true” APT (all examples are real)...
Recently more than 150 IT security professionals joined a panel of experts for our first-ever live interactive SpeakUp debate in London. The debate focused on social media, covering the legal and security issues as well as the psychology of falling for Internet scams. What struck me the most was the final audience poll: “From what you’ve heard today, would you do something differently?” More than half the audience replied yes.
Interestingly, 21% of the audience allow company-wide access to social media and don’t monitor employee content. Seemingly, around the same number (19%), have suffered a social media related security incident. Just over half (54%) have not had an incident and over a quarter (27%) answered ‘don’t know’.
It’s still a subject that confuses and divides security professionals, so we used Facebook to demonstrate just how prolific malicious applications are. Without the right protection in place, users could happily click on a link exposing your organization to malware. (read more)
Early last week I was a guest of the OWASP San Diego Chapter who invited me to give a presentation on the Top Ten Web Hacking Techniques of 2010. An audience of nearly 50 filled the room, graciously hosted by Websense, and was treated to a sushi and sake dinner while I described and demoed the last year's latest research.
For those unfamiliar with this top ten, every year the Web security community produces a stunning amount of new hacking techniques published in various white papers, blog posts, magazine articles, mailing list emails, etc. Within the thousands of pages are the latest ways to attack websites, Web browsers, Web proxies, and so on. The Top Web Hacking Techniques acts as a centralized knowledge base, a way to recognize researchers who contribute excellent work, and digestible way for the community keep up with the latest trends -- a look forward. After the presentation I got the opportunity to meet many new people and learn more about the things in Web security that most interest them. Lots of chatter about where OWASP as an organization should be heading, conversations about the latest hacks in the news, what various Web security vendors are up to, and of course, several personal appsec projects. If you are in the San Diego area and interested in the subject matter, you should really consider attending.
Jeremiah Grossman
Follow us on SpiceWorks
BlogRoll
We want to hear from you!
