Blog
Blogs
The Websense Security Labs Blog delivers the most current information about breaking security research topics and today's advanced Internet threats. Websense Security Labs investigates and publishes information about outbreaks, new threats and other relevant Web security topics to protect organizations from converging risks to their data from Web, email and user based attacks.
Go to the new Security Labs Blog
This Month in the Threat Webscape
03.11.2009 - 6:30 PM
Malcrafted SWF Threat in the Wild
03.10.2009 - 4:40 PM
Websense Security Labs has seen a new SWF threat thriving in the wild recently. SWF files have become increasingly popular in the 'net world. A great many Web sites use SWF files to show wonderful content to customers. Because SWF files can do a lot, they leave openings for the bad guys. Recently, we have noticed a trend showing the bad guys using SWF files to redirect users. What's amazing to us is that traditional antivirus software is showing zero detection of this problem.
Read more »
Who redirected us to the shellcode?
03.10.2009 - 11:25 AM
Whenever we find Web sites, pdfs, Microsoft Office files, or Flash files that host exploits based on a heap spray, we get the question: How can I determine which module and which assembly command redirected the execution to the shellcode? The answer can often be found in a fairly simple way: Do a call stack review! Let's walk through an example showing this type of investigation with my favorite 32-bit user-mode debugger: OllyDbg
Read more »
Three Major Attack Papers of 2008
03.02.2009 - 8:00 AM
My name is Erik Buchanan, and I recently joined the Websense® Security Labs™. For the last two years I've been a masters student at UC San Diego, focusing on computer security in systems and networks in the Systems and Networking Group. Because there is often a gap between academic research and industry, I'm going to be issuing a few blogs highlighting academic security papers I found to be interesting, and from which I think members of the security community would benefit.
Here I will focus on some of the major attack papers of 2008. The first is one of the biggest ancient vulnerabilities announced in 2008 - the design flaw in the mechanism in DNS that keeps malicious hosts from associating their IP address with a target domain name. The second paper is from Princeton, and the compressed air and liquid nitrogen are what make it cool. Finally, a paper from my alma matter shows creativity in interdisciplinary security research.
Read more »
Previous Posts
March 2009
03.11.2009 | This Month in the Threat Webscape » |
03.10.2009 | Malcrafted SWF Threat in the Wild » |
03.10.2009 | Who redirected us to the shellcode? » |
03.02.2009 | Three Major Attack Papers of 2008 » |
Archives
+ February 2009+ January 2009
+ December 2008
+ November 2008
+ October 2008