Blog
Blogs
The Websense Security Labs Blog delivers the most current information about breaking security research topics and today's advanced Internet threats. Websense Security Labs investigates and publishes information about outbreaks, new threats and other relevant Web security topics to protect organizations from converging risks to their data from Web, email and user based attacks.
Go to the new Security Labs Blog
Malicious Code Evolution from IE Zero-Day Exploit Code
03.19.2010 - 6:00 AM
Internet Explorer zero-day exploits are not new to the world: we have been suffering from them since the beginning of IE. This latest IE zero-day exploit, known as CVE-2010-0806, as usual is no surprise, but we can't help noticing that something behind it has changed. Just a week after the exploit code was exposed to the world we have seen many variants come out. Based on the records from the Websense® Security Labs™ ThreatSeeker™ Network, we are setting out the evolution history of the exploit code.
Read more »
03.16.2010 - 2:45 PM
In this blog post, I want to cover a specific type of code obfuscation and then demonstrate how to manually, step-by-step deobfuscate the code. There are many automated tools and methods for performing deobfuscation, but I feel it's important to get down to the attacker's level to gain a more intimate understanding of attackers and obfuscation algorithms.
Read more »
This Month in the Threat Webscape
03.12.2010 - 4:14 PM
Month of February 2010
Microsoft's Ninemsn, one of the most visited portals in Australia (Alexa rank 573), was compromised and injected with malicious code. The malicious code was identified to be part of the Gumblar mass injections.
Read more »
Quarter Million Malicious Facebook Posts
03.11.2010 - 12:00 PM
A word of caution to Facebook users: be careful when clicking links on Facebook, even if they're on your friend's page or your favorite superstar's page. We have detected a malicious campaign that is quickly spreading on Facebook. The malware has very low anti-virus coverage and can be found on prominent Facebook pages such as ones belonging Justin Timberlake (2.1 million fans) and a few others. If you use Facebook and are worried about this, we have a Facebook app that solves this problem (read on)
Read more »
03.09.2010 - 5:30 PM
Dan Hubbard, myself, our awesome event managers, and the rest of the Websense crew have arrived home after attending and presenting at RSA 2010 in San Francisco. It was another successful year as the conference was very well attended and the presentations were quite informative.
Read more »
03.09.2010 - 4:43 PM
Nowadays it is not surprising when people's blogs are attacked, especially when the blog owner is a well-known person. No matter how frustrated or disappointed the bloggers are, attacks still continue. If you search "my blog was hacked" on Google, you get 4,230,000 results; searching "my blog was hacked again" returns 2,380,000 matches, and the number keeps increasing daily. What we can see from the these rough stats? Apparently nearly 44% of attacked blogs are lucky and aren't attacked again, but over 56% of attacked blogs repeat the previous nightmare.
Read more »
An Evolution of Profit Driven Malware
03.09.2010 - 7:24 AM
Malware is a gremlin of cyberspace. Digitally disguised and undeterred by borders or passports, it can be found anywhere in the world and China is no exception. China has now formed a malware industry chain from malware programming to malware spreading. Usually, after malware writers write malware, commercial agents on the Internet will sell access to it, sharing incredible profits with these malware writers.
Read more »
Websense Security Labs presents today at RSA 2010
03.01.2010 - 4:00 PM
Dan Hubbard, CTO, is speaking this morning at the Cloud Security Alliance Summit at RSA (http://www.cloudsecurityalliance.org/rsa2010.html). His presentation reviews the top threats in the cloud, impacts, and mitigation and defense strategies.
On Wednesday Stephan Chenette, Principal Security Researcher, will present a session titled "Down the Rabbit Hole: Linking the Malicious Web through statistical modeling". In the session, Stephan will review past and present mass compromise attacks and identify the malicious ecosystem that makes each attack unique.
Read more »
Previous Posts
March 2010
| 03.19.2010 | Malicious Code Evolution from IE Zero-Day Exploit Code » |
| 03.16.2010 | How To Speak Malicious » |
| 03.12.2010 | This Month in the Threat Webscape » |
| 03.11.2010 | Quarter Million Malicious Facebook Posts » |
| 03.09.2010 | RSA 2010 Recap » |
| 03.09.2010 | WordPress Injection Attack » |
| 03.09.2010 | An Evolution of Profit Driven Malware » |
| 03.01.2010 | Websense Security Labs presents today at RSA 2010 » |
Archives
+ February 2010+ January 2010
+ December 2009
+ November 2009
+ October 2009