September 21, 2010 - As of this morning we have been monitoring a flaw on twitter.com that delivers pop-ups to Twitter users when they move their mouse cursor over a specially crafted tweet. There is also the potential to deliver status updates when mousing (continue reading...) Read more
September 17, 2010 - Websense Security Labs™ ThreatSeeker™ Network has detected a new virus spam outbreak after Daniel Covington's death. Websense customers were proactively protected against the malicious code by our Advanced Classification Engine (ACE). Most popular sport Web sites have reported this (continue reading...) Read more
September 14, 2010 - Websense Security Labs are currently investigating reports of another in the wild 0-day vulnerability affecting Adobe products. Our customers are protected from this latest vulnerability by ACE, our Advanced Classification Engine. Adobe announced in their Security Advisory APSA10-03 (continue reading...) Read more
September 9, 2010 - A new critical vulnerability has been discovered in Adobe Reader that can be exploited by malicious content. The vulnerability could crash the reader due to a stack buffer overflow bug, which then potentially allows an attacker to run malicious code (continue reading...) Read more
September 9, 2010 - Just a quick update on the latest Adobe zero-day vulnerability (APSA10-02) that has come to light this week. You may well have already watched the video Chet posted yesterday. (continue reading...) Read more
September 8, 2010 - The last two days have been pretty busy. I have been analyzing the latest Adobe vulnerability. It all began when HD alerted me to a post on Mila Parkour's "contagio malware dump" blog. After giving the blog post (continue reading...) Read more
September 6, 2010 - Following our recent posting of an Apple Quicktime 0-day vulnerability, Websense Security Labs™ ThreatSeeker™ Network has discovered exploitation of this vulerability in the wild. We have protected customers from this vulnerability for at least a month now, and also provide real-time protection for customers using (continue reading...) Read more
August 31, 2010 - In this post I'll cover an interesting piece of obfuscation that we recently came across while handling a blended threat. This threat began as several malicious emails containing a link that redirected to the site below. The obfuscation was found (continue reading...) Read more
August 26, 2010 - We have been discussing the issue of unsafe DLL loading in the lab since the release of the Microsoft advisory about a potential attack vector that uses the default Windows (continue reading...) Read more
August 23, 2010 - Every once in a while, I get the odd spam message that really makes me want to laugh. Take this one for instance. The spam message says that if I ever want to get a home loan, just feel free to (continue reading...) Read more
August 10, 2010 - There are 14 new releases in this month’s Microsoft patch release. Many of these are remote code execution bugs. Although we haven’t seen malware spreading via these bugs, it’s certainly a good idea to patch proactively. For the full details of this (continue reading...) Read more
August 5, 2010 - Websense® Security Labs™ ThreatSeeker™ Network has discovered that over 100 Web sites on the Media Temple Web host servers have been compromised, and will lead visitors to the Phoenix Exploit Kit. It's not the first time they have had a (continue reading...) Read more