Security Labs

Websense.com / Security Labs / Blogs

Blogs

The Websense Security Labs Blog delivers the most current information about breaking security research topics and today's advanced Internet threats.  Websense Security Labs investigates and publishes information about outbreaks, new threats and other relevant Web security topics to protect organizations from converging risks to their data from Web, email and user based attacks.

SEARCH BLOG

Phishing and Fraud Tricks in China

11.12.08 - 09:00 AM
Recently Websense® Security Labs™ has observed an increase in phishing and fraudulent Web sites in China. These sites have penetrated into many business fields, including some well-known Instant Messenger, online shopping, and game sites.
Read more »

Top To Bottom Breakdown: From Injected Code to Malcode Analysis

11.12.08 - 02:30 AM
In the labs we keep a close eye on malicious injected code to legitimate Web sites, as ThreatSeeker monitors dynamically thousands of those every day. Last week we found a low perimeter attack of such injected code, which, as a whole, looked like a good case study. In this blog, we’re going to take a look at an injected attack from top to bottom.
Read more »

Patch Tuesday - November 2008

11.11.08 - 04:00 PM
Microsoft recently published its monthly security bulletin summary for November 2008. The summary included two bulletins: one rated Critical, and the other rated Important. Here's a quick overview of what this means in terms of threats to the Webscape.
Read more »

Hacker Tool Targeting MS08-067 Vulnerability

11.11.08 - 09:00 AM
Websense® Security Labs™ has noticed a special hacker tool in China. In the past few weeks, Microsoft has announced and released a patch for the MS08-067 vulnerability, and a hacker tool named "wolfteeth bot catcher" has been widely used by hackers to attack machines running Windows operating systems without the KB958644 patch. Our write up of the original vulnerability details can be found here. Below is an analysis of the "wolfteeth bot catcher" tool.


Read more »

This Month in the Threat Webscape

11.07.08 - 05:36 PM
This month, major Web 2.0 properties like Facebook, Bebo, Yahoo, and Google continue to be plagued with problems by malicious 'net scum, and the malicious underground economy continues to boom as stock markets tank. The Matrix's "architect" (or just, "father of the Internet") Vint Cerf explains why, architecturally, the Internet will not be entirely free from the malicious underground. In other much anticipated news, Google's "iPhone-killer" Android makes a splash this month, complete with a drive-by browser vulnerability.
Read more »

Storm Worm and Botnet Analysis

10.31.08 - 01:52 PM
A few months ago, we wrote a paper that dissects the inner workings of a Storm Worm sample.

In the paper, Jun Zhang explains:

  • The custom packer and encryption used in the executable
  • The rootkit techniques
  • The peer-to-peer botnet and spamming component

Read more »

Spammers Abusing Microsoft Services

10.27.08 - 09:00 AM
Spammers' efforts to reach their prospective customers continue today with increased creativity and complexity. From a spammer's perspective, it is a challenge to figure out the ways to defeat security mechanisms that are being used and constantly improved by service providers to combat abuse of their services. This is clearly a long-term battle between service providers and spammers which we have been aware of for quite some time.
Read more »

VB2008 - Ottawa

10.20.08 - 10:25 AM
Virus Bulletin 2008 was held in early October in Ottawa. I am finally done catching up with work after my trip. Both Dan Hubbard and I (Nicolas Brulez) gave a last-minute talk on 2nd October.
Read more »

Malicious Only For Blogspot

10.17.08 - 03:30 PM
Here at Websense Security Labs, we have recently seen a new technique for redirection from Blogspot.com pages. Authors of malicious code use external JavaScript references disguised as Google ad scripts to serve malicious content when the referrer is a specific Blogspot.com page.
Read more »

Patch Tuesday - October 2008

10.16.08 - 06:40 PM
Microsoft recently published its monthly security bulletin for October '08. Here's a quick overview of what this means to the Web's landscape, i.e., the threats posed to the Webscape. Microsoft has patched vulnerabilities all over the place in their product line, ranging from Internet Explorer, MS Office, Active Directory, SMB (the protocol), to the Windows kernel. Let's take a look at the vulnerabilities that can be exploited over the Web.
Read more »

Previous Posts

October 2008

11.12.08Phishing and Fraud Tricks in China »
11.12.08Top To Bottom Breakdown: From Injected Code to Malcode Analysis »
11.11.08Patch Tuesday - November 2008 »
11.11.08Hacker Tool Targeting MS08-067 Vulnerability »
11.07.08This Month in the Threat Webscape »
10.31.08Storm Worm and Botnet Analysis »
10.27.08Spammers Abusing Microsoft Services »
10.20.08VB2008 - Ottawa »
10.17.08Malicious Only For Blogspot »
10.16.08Patch Tuesday - October 2008 »

Archives

+ September 2008
+ August 2008
+ July 2008
+ June 2008
+ May 2008
©2008 Websense, Inc. All Rights Reserved.