Choose from several options for complete web, email and data security.
Learn more
Evaluate Websense products by watching demos and installing evaluation software.
Learn how Websense solutions help keep our customer safe, secure and productive
Get information on product updates, support resources and more.
Get the most out of support in five simple steps.
Find tools and assets to help sell Websense solutions.
Come work for the global leader in unified information security. Go
we want to hear from you >
Yesterday we posted about a new strain of highly advanced malware (APT), dubbed Flame. It is potentially the most advanced malware to date, at least in terms of functionality combined with the ability to stay hidden over a long period of time. It’s also unusually large (20 MB), whereas most attacks contain small files (under 1MB). The file is so large because it incorporates a broad set of capabilities including recording audio, taking screenshots, compiling a list of nearby Bluetooth devices, and more. It even includes some rare techniques not commonly found in malware, such as using the LUA scripting language for some of its functions. The primary function of Flame is to...
I’ve been to countless RSA Conferences. Two years ago it was about who survived. Last year was cloud hype. This year: mobile security.
In our booth, I demonstrated our new mobile security solution on an iPad non-stop. To the point of shoulder pain and post-show massage therapy after holding that thing up for hours and hundreds of demos to eager onlookers. The interest in mobile security is very real.
So how big is the problem?
We had the Ponemon Institute survey more than 4,000 IT professionals in 12 countries. It is clear from the answers that corporate mobile devices and the bring-your-own-device (BYOD) phenomenon are absolutely circumventing enterprise security and policies. Fifty-nine percent report that employees circumvent or disengage security features like passwords and key locks. A lost device with no password is an open door to email, calendars, social circles, and apps that access confidential information. And just over half experienced data loss because of unsecured mobile devices, including laptops, smartphones, USB devices, and tablets. The problem is big.
Most IT pros know that by enabling a mobile workforce they are supporting business productivity, but they also recognize the risk. Check out the full results of the survey here.
I can’t say this often enough: standard mobile device management (MDM) isn’t enough. You really need to look at the new Websense TRITON Mobile Security solution that we announced the RSA Conference. It combines four components (web security, data security, mobile malware / app protection, and mobile device management features). As a cloud security service, it prevents confidential data loss on iPads, iPhones, Android, and other mobile devices.
Feel free to comment and let me know what you think.
.XXX was approved as a "top-level domain" address last year by ICANN, and was set up to make it easier to identify adult sites. However, it has also had some unintended consequences.
For example, if you own Acme Explosives and have operated acmeexplosives.com for years, you might want to register acmeexplosives.xxx too (just to make sure no one else registers it for a porn site, possibly besmirching your reputation with the demolition crowd). You could leave it as a null site, or you could redirect your new .XXX site to your standard .com site.
Therein lies the rub: Websense will automatically categorize all .XXX sites as “Sex”. But if you are Acme, you might prefer to have people redirected to your commercial site, rather than having them run into a block page. Have no fear. If you have registered a .XXX page that redirects to a non-adult site and would prefer to have it categorized to something that reflects the true content, just send your request to suggest@websense.com or use the online submission tool.
Websense customers are already protected from inappropriate access. A database download has been pushed out to all Websense customers, timed to take effect before the .XXX top-level domain went live. Any product, from filtering to our TRITON Enterprise, will have this domain categorized in their database as "Sex." We may have some folks out there using old, unsupported versions of Websense that may be in for a surprise, but it shouldn't affect any current customers.
Recently, Blue Coat announced the end of support for Websense in the next version of ProxySG (v6.3) and noted that affected customers using Websense need to migrate to Blue Coat WebFilter. The announcement incorrectly states that Websense was not providing updates and support despite recently working together to solve a customer issue. Websense fully supports its integrated product versions and has an open offer to Blue Coat executives to integrate its real-time defenses to increase the security effectiveness provided to joint customers.
The ‘net-net’ is that Blue Coat, at its sole discretion, decided to end support for Websense, thus removing the option for customers to protect their networks with market-leading Websense® web filtering. The Websense solution is backed by the Websense ThreatSeeker® Network, which is now linked into Facebook and its more than 800 million users, plus the Advanced Classification Engine (ACE) with its multiple defenses and real-time composite scoring to detect advanced threats and stop data-stealing attacks.
Over the years, Blue Coat has been challenged to develop product solutions on two fronts, one being web security and the other WAN optimization. Resources at Blue Coat are limited, and trade-offs have to be considered: Blue Coat had seven product releases over the past five years, and they were focused on WAN optimization, not security.
Security advancements in ProxySG and the underlying operating system SGOS have been few, if any, per-product release cycles during these years, including the most recent release v6.2. An example of trade- offs includes changing SGOS v5.x to allow non-compliant protocol traffic by default to make WAN optimization deployments easier at the expense of security. The other side of release cycles is software testing, and that can be a major bottleneck and delay in time to market (even more so when building WAN optimization into a web proxy). In order for Blue Coat to sustain advancements in ProxySG for web security, they have to try to do more with less.
Removing custom SDKs that support market-leading web filtering is one way to accomplish this objective at an expense to customers. The result for Blue Coat appears to be less code, less testing, less functionality, fewer support issues, and faster time to market for a release cycle. For an organization facing escalating feature requests from customers and declining rankings in analyst quadrants, they are faced with cutting back to the basics and trying to move forward. The big question is if there is enough runway to lift off and change the downward slide in web security at Blue Coat.
Pease read the following document here to read why you should consider Blue Coat as a tactical solution and Websense as a longer-term strategic web defense.
Today, we have some exciting news. Some of you may have already heard about it, because it is big!
Starting today, we have implemented a partnership with Facebook, arguably the largest, most important platform on the globe, to better protect users against malicious links leading to malware-embedded websites and fraud.
A platform as popular as Facebook is naturally a target for attackers. We have been working with Facebook and their security teams for a number of years in order to keep their users safe, but now we have integrated directly into the platform for an unprecedented security combination.
Soon, when a user clicks on a URL that has been posted within Facebook, that link will be sent to Websense for security classification. The Websense® ThreatSeeker® Cloud, an advanced classification and malware identification platform, will then analyze the link in real time. If the destination site is considered unsafe, the user is presented with a warning page that offers the choice to continue at their own risk, return to the previous screen, or get more information on why it was flagged as suspicious.
In this way, we are helping Facebook continue their proactive fight to keep malicious links off of their platform and allow safe use for all of its members.
Read more
Recently, the American Civil Liberties Union created a campaign called “Don’t Filter Me.” They believe that U.S. public school students have a constitutional right to access “Gay, Lesbian or Bisexual Interest” sites and are asking U.S. public school students to check their school’s internet filtering policies by attempting to access certain Gay and Lesbian and Transgendered (LGBT) sites.
When we first heard about the “Don’t Filter Me” campaign, we reached out to the ACLU to make sure that they understand how Websense classifies web sites and implements web filtering.
Alan commented on the initial APT post: I hope you don't spew marketing hyperbole else this will turn dull rapidly. Don’t worry. We are going to stick to the facts. In this piece, I want to separate from the buzz around these attacks and talk about why you should care.
We’ve heard from a lot of executives, “What should we do about APTs?” There is a high level of concern from large organizations with serious IP (like source code) that they know others will try to get. But there’s also a large group that thinks, “I’m a $10M manufacturing company, in Ohio. I don’t think Chinese or North Korean hackers are going to be knocking on my door anytime soon.”
And, they are right. (read more)
Cybercriminals are on the move again. And, this time, Canada is the prime target. IP addresses in China and Eastern Europe are highly scrutinized and undergoing intense evaluation. So hackers are on a quest to move their networks to countries, like Canada, that have better cyber reputations.
It's a little surprising to me as well. Previously, Canada was a place of great beer and hockey (next year, Habs!). But Websense recently conducted an analysis of Canada’s cyber security risk profile, and all trends pointed to Canada as the new launchpad for cybercriminals. For example:
Jump in Hosted Phishing Sites - Canada saw a huge increase in the number of servers hosting phishing sites, jumping 319 percent in the last year. This tremendous increase over the last 12 months is second only to Egypt in terms of the growth of sites hosting crime ware.
Increase in Bot Networks – Cyber criminals are moving their command and control centers to safer grounds. In the past eight months, Canada saw a53 percent increase in bot networks. In fact, Canada scored the second highest for hosting bot networks, when compared to the U.S., France, Germany and China.
Malicious Websites – We’re seeing a trend of malicious websites decline across the board. However, Canada’s decline is tremendously slower, when compared to the countries listed above.
Overall Increase in Cyber Crime – In Websense’s most recent Threat Report, Canada is #6 in the world for hosting cyber crime . And, this number continues to rise.
A key media source on bin Laden’s death, Sohaib Athar (@ReallyVirtual), live-tweeted about hearing helicopters and explosions in Abbottabad six hours before bin Laden's death was announced. Athar links to his website from his Twitter account and has become a major source of media and public interest seeking more information. Websense Security Labs has discovered that the website belonging to Athar has been compromised by hackers and leads to the Blackhole exploit kit. Hackers are infamous for immediately taking advantage of notoriety and related searches in an attempt to infect massive numbers of computer users.
Cybercriminals are constantly exploiting where the masses go, and news on Osama bin Laden’s death is no exception. We want to warn everyone looking for news on bin Laden’s death to be cautious when clicking new links. Make no mistake—hackers are going after websites, like @ReallyVirtual’s, along with search engine results to prey on visitors looking for more information. Compromises on breaking news items are also very dangerous to organizations because employees who are searching online can potentially put an organization at risk for exploit and data loss.
