Websense Security Labs Blog

Websense Security Labs discovers, investigates and reports on advanced Internet threats that traditional security
research methods miss.

Latest Blog Posts

View all posts > 

Typo-squatting: Fast Turnaround for Fast Money

Posted: 11 Sep 2015 02:00 PM | Jose Barajas | no comments

In the spring, Websense® Security Labs identified a rising trend in bold, well-researched, targeted fraud attacks using typosquatting and false headers as their primary gambit. Since then, these fraudulent attacks have continued, logging immense gains in both volume and success: the FBI’s Internet...


Accounts Payable in the Czech Republic Targeted by Dridex

Posted: 05 Aug 2015 06:00 PM | Jose Barajas | no comments

Websense® Security Labs™ has observed an increase in Dridex being used to target individuals in the Czech Republic. Using malicious email lure themes related to invoicing, the campaign follows a typical pattern of targeting recipients using keywords like "accounts payable" to make...


Raytheon|Websense Security Labs Will Be At Black Hat USA 2015 and Def Con 23

Posted: 30 Jul 2015 06:00 AM | Carl Leonard | no comments

Black Hat USA 2015 starts in the next few days and our security researchers will be in attendance and participating. We are also attending Def Con 23 on 6-9 August 2015. Black Hat and Def Con are seen as the pinnacle of security conferences as security vendors, independent researchers, IT managers, and...


Filed under: , ,

Four Adobe Flash 0-days In Three Weeks - Patches Now Available

Posted: 14 Jul 2015 07:45 AM | Carl Leonard | no comments

Following on from the revelation of a 0-day in Adobe Flash in June 2015 ( CVE-2015-3113 , since patched) 3 further 0-days have been discovered in the last 3 weeks. The 3 have references CVE-2015-5119, CVE-2015-5122, and CVE-2015-5123. The knowledge of the 0-day Proof of Concept code arose from analysis...


Filed under: , , , , ,

Today’s Lesson: End Users in the Education Sector Are Twice as Likely to Visit Malicious Sites

Posted: 07 Jul 2015 10:45 AM | Sindyan Bakkal | no comments

The threat landscape today is both dynamic and diverse. On one end of the spectrum are mass infections and threats that, while not very sophisticated, cast a wide net. On the other hand, we have very advanced targeted threats that are crafted painstakingly with a single target in mind, and executed over...


Filed under: , , , , ,

Adobe Flash Player 0-day Abused In The Wild (CVE-2015-3113), Our Customers Protected

Posted: 24 Jun 2015 08:20 AM | Carl Leonard | no comments

Websense® Security Labs™ researchers are aware of a vulnerability within Adobe Flash Player, CVE-2015-3113. Exploitation of the vulnerability leads to a buffer overflow which can be abused by a malware author to execute arbitrary code on the compromised machine. Adobe have deemed this vulnerability...


Filed under: , , , ,