English (US) 
Blog
Blogs
The Websense Security Labs Blog delivers the most current information about breaking security research topics and today's advanced Internet threats. Websense Security Labs investigates and publishes information about outbreaks, new threats and other relevant Web security topics to protect organizations from converging risks to their data from Web, email and user based attacks.
Go to the new Security Labs Blog
01.27.2009 - 2:00 PM
Do you own a site that allows user-generated content (UGC)? If so, read on...
I am very happy to let you know that earlier today Websense, Inc., announced the acquisition of a technology and company called Defensio (http://www.websense.com/content/Defensio.aspx). We would like to welcome Carl Mercier, founder and CEO of Defensio, to the Websense R&D team (http://blog.defensio.com/). Defensio has 2+ years of data and intellectual property designed to prevent unwanted content from being posted on blogs, user forums, or any other type of site that allows UGC. This acquisition gives us a critical extra piece of intelligence that feeds into our Threatseeker Network. This data is already plugged into our research, and today's customers are seeing the benefit of the collection and analysis (see: http://securitylabs.websense.com/content/Blogs/3284.aspx). Additionally, this technology gives personal bloggers and corporations the ability to prevent unwanted content from being uploaded to their site. As you can see from the press release, we will continue to deliver the service for free to personal sites, and offer a free six-month trial for commercial sites.
Read more »
Barack Obama's Site Leading to Trojan
01.26.2009 - 9:00 AM
Change has finally arrived in the United States of America, marking the dawn of a new era. The US Presidential campaign has shown the world how governments can leverage Web 2.0 to better understand and garner support from their citizens. However, this historically significant time is yet another opportunity to spread more malicious code, just a typical occasion for the malicious hackers behind the fake video codec social-engineering scams. We are tracking them and have previously alerted on them here, here, and here.
Read more »
This Month in the Threat Webscape
01.14.2009 - 6:00 PM
Month of December 2008
This month we observed the malicious hackers' well-oiled machine at work, capitalizing on the opportunity made possible by a Microsoft Internet Explorer zero-day to claim even more victims by spreading exploits for this vulnerability via a mass SQL injection attack. The Web plays a crucial role in amplifying this attack, which, without the speed at which this malicious code can spread, would be bounded by how fast one can take a diskette from one computer and plug it into another. Aside from just being a vector, the Web also comes with its own set of security challenges: Google Ads that linked to malicious Web sites, XSS vulnerabilities on Facebook and American Express, more major browser holes being plugged, more people not patching their Windows desktops (~98%), and even more spam jam-packed with malicious-(bad)ness. With the proliferation of blogging, malicious comment spam uptick is also to be paid its due-diligence. Read on for a recap of what's hot in the world of Web Security in December of '08.
Read more »
01.14.2009 - 2:00 AM
Websense® Security Labs™ ThreatSeeker™ Network noticed that a campaign against Classmates Online, Inc had broken out. We observed that thousands of URLs were registered in one day to spread the worm. The newly-registered URLs were unusually long, had several subdomains, and always contained some specific words such as process, multipart and so on. This blog will analyse the associated worm.
Read more »
Previous Posts
January 2009
| 01.27.2009 | Websense acquires Defensio! » |
| 01.26.2009 | Barack Obama's Site Leading to Trojan » |
| 01.14.2009 | This Month in the Threat Webscape » |
| 01.14.2009 | Worm With Network Sniffer » |
Archives
+ December 2008+ November 2008
+ October 2008
+ September 2008
+ August 2008
