February 6, 2012 - The Websense® ThreatSeeker® Network has discovered a new wave of injection of malicious code disguising itself as Google Analytics, by adopting similar code snippets and malicious domains. It is quite convincing at first glance, but remember, (continue reading...) Read more
February 1, 2012 - Shady ticket deals for the 2012 London Olympics? Hardly surprising. But when the source is Google's famous AdWords advertising service—one of the internet giant's main sources of income—then a double take might be in order. A (continue reading...) Read more
January 30, 2012 - This past weekend one compromised Web site in particular caught my attention. Based on my analysis, the site was compromised because it was running an old version of Wordpress (3.2.1) that is vulnerable to publicly available exploits . The Web site (continue reading...) Read more
January 29, 2012 - In a series of blogs a few years back, we covered how malware could abuse and circumvent online services that use CAPTCHA tests as part of their security (1 2). In this blog, we take (continue reading...) Read more
January 25, 2012 - The Websense® ThreatSeeker® Network has been tracking an ongoing malicious email campaign in which a recipient is asked to click a link to check a bill mistakenly received by another user. We have been monitoring campaigns of thousands of emails similar to this (continue reading...) Read more
January 25, 2012 - Today, Websense® ThreatSeeker® Network alerted us that entrepreneur.com has been compromised by cyber criminals, resulting in potentially malicious content being downloaded to a user's machine. Entrepreneur.com is a very popular information and community resource for small businesses on the web ( (continue reading...) Read more
January 23, 2012 - This morning Websense® ThreatSeeker® Network alerted us that if a user enters the term "Download Chrome" in Google Search, the 36th result would result in potentially malicious content being downloaded to the user's machine. I'll briefly describe the attack vector in which the (continue reading...) Read more
January 21, 2012 - The week before we published a blog that discussed typosquatting of social web sites that lead visitors to spam survey sites with a high Alexa ranking. With our on-going research, we discovered that cyber-criminals are carrying out even more work, (continue reading...) Read more
January 19, 2012 - The Websense® ThreatSeeker® Network routinely monitors search results from Google trending topics. For example, if you were to search for the term "QuickTime" today, the 31st resulting entry would lead to a typosquatted URL, which pulls content from a phishing URL. (continue reading...) Read more
January 18, 2012 - Websense Security Labs™ has found that thousands of businesses and consumers are putting themselves at risk each day by publicly revealing their email addresses on Twitter. We conducted research on how data that might be considered private is exposed via (continue reading...) Read more
January 17, 2012 - About 6 months ago, a malicious email scam with the subject "Re: Scan from a Xerox W. Pro #XXXXXXX" went wild. This scam has returned – this time, with a new face! Instead of making you attach a .zip (continue reading...) Read more
January 12, 2012 - The start of the Olympic year of 2012 sees a quick release of 7 patches from Microsoft, including 1 that addresses a critical vulnerability that allows remote code execution when exploited. Websense® Security Labs strongly recommends that you update to the latest patches to (continue reading...) Read more
January 10, 2012 - Websense® ThreatSeeker® Network has detected fraudulent Web sites that have made it to the global top 250 high Alexa ranking list. These are amazing results for fraudulent Web sites, as some of them rank even better than genuine (continue reading...) Read more
January 9, 2012 - It was just a matter of time, and now it's happening. The Websense® ThreatSeeker® Network has started spotting spam messages that lead to URLs that use embedded QR codes. This is a clear movement and evolution (continue reading...) Read more
January 5, 2012 - First it was the Cheesecake Factory; now, it’s Timeline. Facebook, like many other social networking companies, is experiencing some user dissatisfaction, and scammers are taking advantage of anti-Timeline sentiment. According to Insidefacebook, scammers are creating pages (continue reading...) Read more
December 29, 2011 - Timeline A while back, we blogged about some upcoming changes on Facebook. The new Timeline layout is now ready for release. All Facebook accounts will be updated to the new Timeline layout on December 29, 2011. You may (continue reading...) Read more
December 26, 2011 - Last week, China's largest software programmers' Web site CSDN (China Software Developer Network) was hacked, and account information for more than 6 million users was leaked and quickly spread via the Internet. One day later, Tianya, the biggest (continue reading...) Read more
December 19, 2011 - Scams on Facebook are a daily thing. Websense® Threatseeker® Network recently detected some Facebook scams that now utilize the power of browser extensions to spread to other users' profiles. Scam pages typically utilize social engineering tricks - like enticing users with videos (continue reading...) Read more
December 19, 2011 - Bitcoin is a peer-to-peer currency exchange system that features a predictable currency rate. The generation of Bitcoin currency is controlled by an algorithm created by Japanese researcher Satoshi Nakamoto in 2008. Bitcoin system users are essentially "mining" for Bitcoins using (continue reading...) Read more
December 19, 2011 - The Twitter account of famous singer Lady Gaga has apparently been hacked. It's being used by attackers to lure her more than 17 million followers to click on a link: After a number of redirects, the link ultimately leads (continue reading...) Read more