Websense
Global Secure Systems are one of the UK's premier IT Security providers. Our mission is to be "the Best IT Security Organisation within the UK and beyond." We achieve this by providing both the best service and support for Websense, alongside our range of 'best in class' security tools.
Global Secure Systems can cater for all of your Websense requirements. For the latest information on Websense click on your choice from the links below
About Websense
Websense Intelligent Content Protection is based on best-in-class products and hosted solutions that provide integrated threat defense and powerful policy-based control over your organisation's sensitive data.
Websense is unique in the industry in letting you control all the critical elements of Web, data, and messaging security, including:
- Who is authorised to access specific Web sites, sensitive content, or applications;
- What data is critically important to your organisation and must be protected from accidental or intentional leaks;
- Where you allow users to go online, and where sensitive data can be sent safely;
- How you allow sensitive data to be communicated, and how online resources can be used safely and productively by your business.
Websense products increase employee internet productivity and secure organisations from emerging internet threats by providing a proactive critical security component that complements traditional security solutions. Only Websense delivers flexible, integrated policy enforcement at the internet gateway, on the network and at the desktop.
The company’s products integrate with a wide range of industry leading security and network products including firewalls, proxy servers, caches, switches, routers, and appliances. Websense products have been thoroughly tested and certified to work seamlessly with all major security and network products.
Websense offers solutions across a wide range of industries including health care, finance/banking/insurance, government/public sector, manufacturing, legal, technology, wholesale/retail, services and education.
Web Security
Web 2.0 has changed how companies use the Internet. Through sites like Facebook and LinkedIn, employers are creating content and, in moments, sharing it with thousands of others. Content on these sites is dynamic so it flies under the radar of legacy security systems. To enjoy Web 2.0 at work, business needs new ways of protecting essential information.
Reactive Internet security measures can't keep up with constantly changing content. Malware can appear on trusted sites with good reputations just as easily as on other sites. And since more Web-based applications are becoming available, the Web is now the primary vector for malware.
A deep understanding of the Web and how people use it makes Websense uniquely qualified to offer Essential Information Protection in the Web 2.0 world. Websense solutions provide complete coverage, visibility, and control over who can send what information, where, and how.
Data Security
CIOs spend millions of dollars each year investing in business systems and processes to make information (often confidential) available to authorised employees and partners. And while these investments enable business to grow, they also pose significant risks to data loss and, by association, regulatory compliance, corporate governance, and brand and reputation.
Consider the impact if your most confidential data was inadvertently leaked over email, erroneously posted to a public Web site, or left unsecured on a laptop or USB drive. If it were customer information, would it violate PCI or HIPAA regulations? If it were intellectual property that was lost, what would be the long-term financial impact to your profit margin? And if it were happening right now, how would you know?
Data loss prevention from Websense can help you discover, monitor, and protect your data. Websense can give you visibility into what data is confidential, where it is stored, who is using it and for what purpose, and can help secure all your essential information.
Messaging Security
Websense is known for safeguarding the Web with best-in-class Web filtering and security solutions. Now, the same research and intelligence that made Websense the recognised leader in Web security can protect and power your email security.
Available as a hosted service or on-premise software, Websense messaging security protects against blended inbound threats-the convergence between Web and email attacks-and outbound threats, including data loss and regulatory violations. Only Websense provides email compliance and security backed by the intelligence of the Websense ThreatSeeker Network.
Websense Products
With granular categorisation of Web sites into 90+ categories, Websense Web Filter (formerly Websense Enterprise) provides the ability to develop and deploy a flexible, comprehensive Internet-use policy for businesses from 250 to over 250,000 users in a wide range of integration points, including Citrix environments. Combine this with its customisable, industry-leading reporting tools and you have complete visibility into your Web usage.
Websense Web Security (formerly Websense Web Security Suite) protects against spyware, malicious mobile code, phishing attacks, bots, and other threats. Unlike many solutions, it also blocks spyware and keylogger backchannel communications from reaching host servers. Websense Web Security includes Websense Web Protection Services, to provide phishing protection to help guard Web sites, brands, and Web servers.
WebBlazer is a critical component of an effective defense-in-depth strategy, the solution combines the industry's most comprehensive security and compliance URL filtering offerings, one of the most trusted, scalable, and high performing web proxy and cache technologies, and robust outbound web traffic security on high performance dedicated network security hardware.
Websense Express provides the industry’s leading content filtering and Internet security capabilities in a simple and affordable solution. It allows organisations under 1000 users to quickly and easily protect their employees from Internet risks by controlling access to inappropriate content and proactively blocking security threats before they have a chance to infect their systems.
Websense Email Security (formerly SurfControl Email Filter) software provides comprehensive content filtering for continuous protection against inbound and outbound email threats including spam, viruses, blended threats, data loss, and regulatory violations. Industry-leading threat detection technology and expertise are complemented by simple-to-use monitoring and reporting to provide a high level of control and visibility. Companies can defend against the full spectrum of email threats to reduce business risk, enable business compliance, and ensure business continuity.
Protecting customer and other confidential data from malicious and accidental leaks is one of the top business and IT security challenges facing organisations today. Compounding this problem, CIOs and CSOs must protect their data amid pressure from regulatory and corporate compliance requirements, customer and competitive pressures, and the rising cost and publicity of data leaks. Websense® Data Security Suite is the leading solution for preventing data loss.
Websense Hosted Email Security (formerly SurfControl MailControl) provides protection at the internet level, eliminating spam and malware before they reach your network. The hosted deployment model provides centralized security with built-in redundancy, failover, and business continuity, while easing administration and optimizing network operating and capacity planning costs. Guaranteed by industry-leading SLAs, Hosted Email Security reduces business costs, eliminates the complexity and uncertainty of managing email threats, and provides the highest possible degree of protection.
Websense Hosted Web Security (formerly SurfControl WebDefense) provides centralised web malware protection and granular web filtering. The hosted deployment model provides centralised policy management for any type of environment, including those with remote locations, home offices, and mobile laptops. Hosted Web Security provides is a complete solution or can be layered with existing on-premise security to provide additional layers of web malware protection. Guaranteed by industry-leading SLAs, Hosted Web Security eliminates the complexity and uncertainty of managing web-based threats, while simplifying policy administration for all users within the organisation.
Websense Web Security Gateway allows organisations to secure Web traffic effectively while still enabling the latest Web-based tools and applications. Through a multi-vector traffic scanning engine, Websense Web Security Gateway analyzes Web traffic in real-time, instantly categorising new sites and dynamic content, proactively discovering security risks, and blocking dangerous malware.
The Websense V10000 Web security gateway appliance platform is the industry's most accurate and effective solution for Web 2.0 content control and threat protection, enabling organisations to accelerate business without having to worry about security, productivity and liability threats such as malicious/inappropriate content and data loss.
Protect and secure your Microsoft-based application infrastructure with a MSA Security appliance from Celestix's comprehensive product suite.
Websense Product Families
Websense Intelligent Content Protection is based on best-in-class products and hosted solutions that provide integrated threat defense and powerful policy-based control over your organisation's sensitive data.
Websense Industry News
Websense unveils security suite for Facebook Internet monitoring firm Websense has announced new software designed to counter security threats on Facebook. The Defensio 2.0 code works with the companies existing Web Security Gateway and can be configured to block certain content from appearing on Facebook. Users can block phishing sites, spam and restrict the ability of people to posting on pages with inappropriate content. "Other Web security technologies that try to address uncategorized Web......
[more] Facebook McAfee 'fans' to get free security suite Facebook has inked a deal with McAfee that will see all 350 million members of the social networking platform eligible to receive a free copy the firm's Internet Security suite for six months - if they become a 'fan' of McAfee. After the six month period, users will be offered a 'significant discount' if they want to renew the software. The actual value of the discount has not yet been revealed.
Most consumers are not adequately protected online......
[more] Looking back at malware in 2009 2009 was the year in which nobody that uses the Internet could afford not to educate him/herself about the dangers that lurk in the inbox, in Google's search results, on the social networks they use, and sometimes even on their favorite news site. This year has definitely been marked by the increase of malware being delivered directly to your door (so to speak). So, let's see what were the major threats.
Conficker
Also know as Kido, Downadup or Downup, this worm......
[more] Scareware scammers exploit Brittany Murphy's death Actress Brittany Murphy's sudden death, just like Michael Jackson's untimely demise before her, has quickly been exploited by scareware scammers. A spike in searches on Murphy's death has been taken as a theme for Black Hat SEO attacks, designed to push sites that have been hacked to redirect surfers to scareware portals into prominence in search engine results. Windows users who click on links to poisoned search results get exposed to a fake a......
[more] Websense and Google warn of scam adverts which uses company names in a bid to lure unsuspecting users in A new scam has been detected which uses Google's name in a get rich quick scheme. Websense Security Labs detected the ‘making easy money with Google' as circulating for some time, and in the last few weeks, a new wave of such scams has emerged using Google's reputation to sell 'working from home' kits that claim Google is hiring people. It said that the primary way of propagation and to incr......
[more] New code makes Windows 7 vulnerable to hackers Windows 7 will open up more opportunities for malware authors as they target flaws from the new nature of the operating system. This was one of the predictions of security company Websense, which expected criminals to target new code in Windows 7 that was not present in Vista or XP. In fact, Microsoft released patches for Windows 7 before it was even released.
In an interview with IT PRO, Carl Leonard of Websense said that any new software brought......
[more] Koobface gears up for Christmas The hackers behind the infamous Koobface worm have launched a new campaign that seeks to trick users by employing a Christmas theme. Koobface was first detected around a year ago, spreading primarily through social networking sites such as Facebook and MySpace, and stealing user credentials and other sensitive information such as credit card details. Users are generally more trusting of messages coming from their friends or contacts on these sites, so Koobface's......
[more] Spam email campaign that purports to be from Facebook sees heavy detection A new spam email campaign has been detected that claims to be a password reset confirmation from Facebook. The email features a spam address 'support@facebook.com' in the from section on the message, with a .zip file attachment with an .exe file inside. Websense's threatseeker network claimed that the .exe file currently has a detection rate of about 30 per cent on VirusTotal, and it claimed to have seen up to 90,000 of t......
[more] Social networking - deny or allow? The business world is connected. Not because organizations are moving their brands to the social networking scene, which almost ends up looking like Spam anyway, but because the employees are social networking users. One way or another, companies will have to deal with Facebook, Twitter, LinkedIn, and others. So should they fight this trend or allow it? At the Gartner Symposium in Florida this week, Carol Rozwell, a Gartner vice president, gave a talk about the......
[more] Fake Outlook Web Access update sets malware trap Analysts at Websense Security Labs have detected a wave of attacks directed at people who use Microsoft's Outlook Web Access. The web security company said on Wednesday that it has seen upwards of 30,000 emails an hour directing users of the web-based email software to click on a link to update their mailbox settings as part of a 'security upgrade'. In fact, the link takes them to a site that contains malware. According to Websense, the emails ar......
[more] Q&A: Websense threat research manager, Carl Leonard V3.co.uk sat down with Carl Leonard to discuss his role as head of the Websense threat labs in Europe, and the state of the threat landscape. Carl Leonard discusses Web 2.0, user-generated content and the dangers of drive-by malware. V3.co.uk: As head of the Websense European threat research team, what does your role entail?Carl Leonard: The security labs division is made up of a strong team of experts located globally. Our main aim is to deve......
[more] 95% of user-generated comments to blogs and forums are malicious Asking users to report inappropriate content a "largely ineffective" method. A huge majority of user-generated comments to blogs and forums are malicious. Websense's biannual "State of the Internet" report revealed that 95 per cent of user-generated comments to blogs, chat rooms and message boards are spam or malicious. Websense Security Labs also identified a 233 per cent growth in the number of malicious websites in the last six......
[more] Password breaches lead to rise in email spam A huge spike in webmail spam has been detected after passwords were published last week. Following news that thousands of Hotmail, Gmail and Yahoo passwords were stolen and posted online, Websense Security Labs has detected a marked increase in the number of spam emails which have been sent from Yahoo!, Gmail and Hotmail accounts over the last few days. It claimed that the spam emails are being sent from user accounts to contacts in their address boo......
[more] Web mail scam propagates itself The industry-wide phishing scam that has affected popular web mail services such as Hotmail and GMail, is spreading, according to experts. Security firm Websense says it has noticed a sharp rise in spam e-mails from Yahoo, Gmail and Hotmail accounts. This is because infected accounts are sending personalised e-mails to contacts suggesting shopping sites, which are in fact fakes.
Security expert Carl Leonard warned people to be on their guard.
He advised people to......
[more] Social Networks Breed Malware Infestation Web 2.0 has been great for the development of online communities. But its benefits come with a downside: Hackers are using the interactivity of social sites to spread their malware. A recent study by security software supplier Websense finds that 95 percent of the comments posted to blogs, chat rooms, and message boards are spam or malicious software.
OK, the message comes from a vendor with a vested interest, but it rings too true: Websense Inc. says i......
[more] Malicious Monopoly game spreads via social networking A new spam campaign that lures users into a malicious game of Monopoly has been detected. Websense Security Labs claimed that the campaign is targeting players via social networking techniques. The spam uses a social networking technique to ‘invite' you to play the online board game. It then provides a link to the fake Monopoly game download site, which downloads a Trojan. Websense's email honey pot systems detected over 30,000 Monopoly spam......
[more] Facebook and YouTube malware magnets says Websense A staggering 95% of all "user-generated comments" for blogs, chat rooms and message boards online are spam or malicious, according to a new Websense report on security threat trends. "That's the first time we started monitoring that," says Patrick Runald, Websense senior manager for security research, about the level of spam and malware ploys carried out around blogs and chat rooms.
The Websense Security Labs "State of Internet Security Q1 - Q2......
[more] Websense warns of web-based malware epidemic The growing threat to businesses from the web was put into sharper focus today, after security vendor Websense reported a whopping 671 per cent rise in the number of malicious sites during the past year. The firm's biannual State of Internet Security (PDF) report is compiled using email and web site scanning data collected by Websense Security Labs. The report found growth not only in the number of malicious sites but in the continued activity design......
[more] Rogueware traps users with "green" promise A new rogueware menace is playing the environmental card, seeking to trap users into buying and downloading useless security software by claiming that donations to an environmental program will be made with every purchase. “Green-conscious people, beware!” Mary Grace Timcang, security analyst at Websense, said on the company's Security Labs blog. “Just as the scare tactics of rogue AVs have already taken their toll, yet another......
[more] July sees spam continuing to dominate emails as websites are compromised Threat reports for July show that spam continues to be sent at a high level with image spam and phishing still in high figures. Websense's July threat report claimed that there was a series of compromises of high-profile websites in a month it claimed was 'huge for zero-day attacks and critical vulnerabilities'. Websense Security Labs claimed that both the Center for Defense Information and Torrent Reactor websites were co......
[more] Torrentreactor breach serves potent exploit cocktail Torrentreactor has long been regarded as one of the top bit torrent search engines, and with the demise of The Pirate Bay, it's likely bigger than ever. Now, it's been breached and is serving a potent cocktail of exploits to people browsing the site, Websense Security Labs says. Attackers have managed to inject an iframe into the site that scours Torrentreactor visitors' computers from a long list of vulnerable applications, including Adobe's......
[more] Michael Jackson's death exploited by cybercriminals Always quick to capitalize on major headlines, spammers have begun sending out messages related to the deaths of Michael Jackson and Farrah Fawcett, security researchers said. Jackson's death is being exploited by cybercriminals hoping to infect users with a trojan or to trick curious spam recipients into unwittingly revealing their personal information. Shortly after Jackson's death was confirmed, the SANS Internet Storm Center predicted that......
[more] Nine-ball attack splits security researchers Security researchers are split over the seriousness of a web attack dubbed "Nine-ball" which broke onto the internet last week. Websense last week reported a web attack dubbed "Nine-ball", a moniker derived from the name of ninetorag.in, one of the malware hosts associated with the assault, had claimed 40,000 website victims. Web security services firm ScanSafe, by contrast, describes the attack as "almost non-existent". Mary Landesman, s......
[more] Nine Ball attack strikes 40,000 Web sites More than 40,000 Web sites have been hit by a mass-compromise attack dubbed Nine Ball that injects malware into pages and redirects victims to a site that will then try to download Trojans and keylogger code, Websense said today. According to Websense, which has tracked Nine Ball for a week and a half, the compromised Web site, loaded with malware, will first try to identify a Web visitor by IP address to discover if it’s a repeat visitor. To e......
[more] Preventing data loss - what's needed Though there are plenty of tools to help businesses shore up data, the lack of policy standards makes the task more difficult than it should be, says Quocirca's Bob Tarzey. The UK's MPs may rue the day a disk listing details of their expenses was leaked to the Daily Telegraph from the House of Commons Fees Office earlier this year, but they were going to be made public at some point anyway, courtesy of the UK's Freedom of Information Act which the MPs themse......
[more] Beladen infections plummet The number of sites infected with malicious code inserted by the Beladen injection has dropped significantly. Websense Security Labs ThreatSeeker Network has detected a consistent decrease of sites infected with the malicious code over the past five days. It claimed that the decrease in infections is highly suspicious, and it believes that the infected hosts are still under the control of the attackers. Websense said that it suspected that those behind the infections......
[more] Air France crash prompts spam, malware outbreak As expected, spammers and malware writers are trying to cash in on the Air France disaster. Spammers have begun falsely promising news on the Air France crash as a way of tricking recipients into opening messages promoting Canadian pharmacy products. Junk mailers this week began pushing a new campaign that included subject headings such as "Last seconds of plane" or "A-330 blackbox record" as a means of enticing users into open......
[more] Up to 40,000 web sites hit in mass hacking attack Security vendors cooperating to limit the damage threat poses Up to 40,000 Web sites have been hacked to redirect unwitting victims to another Web site that tries to infect PCs with malicious software, according to security vendor Websense. The affected sites have been hacked to host JavaScript code that directs people to a fake Google Analytics Web site, which provides data for Web site owners on a site's usage, then to another bad site, said Ca......
[more] PC-pwning infection hits 30,000 legit websites And counting A nasty infection that attempts to install a potent malware cocktail on the machines of end users has spread to about 30,000 websites run by businesses, government agencies and other organizations, researchers warned Friday.The infection sneaks malicious javascript onto the front page of websites, most likely by exploiting a common application that leads to a SQL injection, said Stephan Chenette, manager for security research at securit......
[more] Scam sites increasingly masquerading as Facebook, MySpace Cybercriminals are tapping into the popularity of social networking to more effectively craft their scams. Increasingly, scam sites have domains that include the names Facebook, MySpace and Twitter, with no connection to the real sites. By using this tactic, called “domain-name cloning,” cybercriminals are making their scam sites appear to be affiliated with these popular social networking sites. Websites with names such as unblock.......
[more] How secure is the cloud? Recent incidents of data leaking from cloud-based applications have given many organisations pause when it comes to launching their own information into the ether. Andrew Collins asks: what are the vendors doing to secure your data? Google recently ran into trouble when a bug in its cloud-based office suite, Google Docs, compromised the privacy of some users’ data. The bug inadvertently exposed some documents hosted on the service to other Docs users, who should n......
[more] Websense names John McCormack as new President Websense has announced that its senior vice president of product development, John McCormack, is to become the new President of the company. CEO Gene Hodges has shared the news with financial analysts at the company's fifth-annual financial analyst day in San Francisco. Since joining the Websense management team in 2006, McCormack has been responsible for the company's product development and technical support services. He served as senior vice pre......
[more] New Waledac spam falsely warns of bomb blasts Normally capitalizing on current events and holidays to spread its seed, the Waledac trojan now has turned to the message of fear. Security companies warned Monday of a new malware campaign in which the Waledac botnet creators are distributing emails that falsely claim the recipient's city has been the site of a bomb blast. The emails contain a link that leads to a malicious -- but real looking -- site, complete with the logo for news agency Reuters......
[more] Websense introduces hosted email and web security services Websense is to launch new email and web security services. Websense Hosted Email Security and Websense Hosted Web Security enable protection from emerging Web 2.0 and converged threats. With recent claims made that the cloud can be a potential host for malware, the email service will clean a message in the cloud before it reaches its destination. Additionally, Websense claimed that if a user attempts to click on a malicious link in an e......
[more] President Obama's website serving malware US President Barack Obama ran a successful Web 2.0 campaign last year. Now, as leader, he's got to deal with a very Web 2.0 problem: hackers abusing the social-networking features of his website. Hackers have registered bogus accounts on Obama's online community, my.barackobama.com, where they are posting images designed to set off a chain of events that lead to malicious Trojan horse programs. These programs are stepping stones used by hackers to downl......
[more] Websense acquires Defensio Websense has acquired Defensio, a technology company which focuses on the problem of spam on the Web. The acquisition enhances the Websense ThreatSeeker Network by highlighting spam posted as comments on social Web sites, including blogs, user forums and social networking sites. The company will also benefit from Defensio Web services so third-party Web 2.0 developers can embed Websense into their applications.“This acquisition puts Websense years ahead of the s......
[more] Most Popular Sites Were Hacked in '08 It's no secret that legitimate sites infected with malware or redirections to malware-laden copycat URLs have become one of the biggest problems in the world of cyber-security - but the sheer ubiquity of the issue has become pretty staggering. In a report published by filtering specialists Websense earlier this week, based on the company's sensor network - which claims to scan over 40 million URLs per hour - a whopping 70 percent of the Web's top 100 most p......
[more] Websense: Number of compromised websites at all-time high Users may think they're safer on the web if they only go to popular, reputable websites, but attackers are targeting those pages too, according to new research from Websense Security Labs. “Most users think the malicious sites are all in China and Russia and they are not the websites they are visiting every single day,” Stephan Chenette, manager of security research at Websense, told SCMagazineUS.com on Wednesday.Websense tod......
[more] UK tax office hit by phishers Internet monitoring firm Websense is warning of a phishing attack against HM Revenue & Customs (HMRC), which runs Britain’s tax system. Emails have been spammed out promising the recipient a tax refund and directing them to the HMRC web site via a link. However, the link leads to a very convincing fake web site hosted in Denmark. “Over the last annual calculations of your fiscal activity we have determined that you are eligible to receive a tax refund of &pou......
[more] Denbighshire secures net traffic with Websense Denbighshire County Council has upgraded to Websense’s Web Security Gateway to provide safe internet access to its 3,500 schools, libraries and corporate users. The primary concern of the council is to protect its network from web-based threats. In addition, the Web Security Gateway is expected to help the council get Government Connect Secure Extranet (GCSx) accreditation. GCSx accreditation is a private WAN which enables secure interactions betwe......
[more] Chinese schools, search sites host malicious code Two universities and two major search portals based in China fell prey to online attackers in the past week, with each site compromised to include malicious code that attempts to gain control of visitors' computers, a security firm said this week. The compromises affected the homepage of download site China.com as well as some Web pages of Chinese search site Sohu.com and HuaZhong Normal University, Web security firm Websense stated in alerts o......
[more] 'Boom year' for hi-tech criminals If 2007 was witness to the rise of the professional hi-tech criminal, then 2008 was the year they got down to work. "The underground economy is flourishing," said Dan Hubbard, chief technology officer at security company Websense. "They are not just more organised," said Mr Hubbard, "they are co-operating more and showing more business savvy in how they monetise what they do." Statistics gathered by firms combating the rising tide of compute......
[more] Websense predicts the future of web security The cloud will become dangerous, good sites will be used to hide bad data, and rich internet applications will turn on their users. These are some of the predictions from Websense Security Labs, which has compiled a security forecast for 2009. First, Websense Country Manager for A/NZ, Phil Vasic, predicts that the cloud will increasingly be used for malicious purposes.“Cloud-based services, such as Amazon Web Services (AWS), Microsoft Azure, an......
[more] Security vendors warn of Christmas e-crime spike The IT security vendor community came out in force today to warn consumers and corporate web surfers that internet criminals are likely to double their efforts over the Christmas season to infect machines and steal sensitive data. Content security firm Websense released a five-point plan to help users avoid scams, which includes taking steps to ensure all systems are protected with the most recent patches available.User should also be wary of e-c......
[more] Christmas malware comes early Desperate high-street shops aren't the only ones cashing in on Christmas before December's even arrived - malware writers are taking full advantage too. Websense Labs claims to have detected the first piece of seasonal malware. The campaign masquerades as an electronic Christmas greetings card from postcards.org. The email shows an animated Christmas scene, but links through to a file called postcard.exe that leads to a Trojan backdoor that's been used in previous......
[more] Microsoft to offer free consumer security suite Microsoft on Tuesday said it is changing its strategy for offering PC antivirus software, with plans to discontinue its subscription-based consumer security suite and instead offer individuals free software to protect their PCs. Code-named Morro, the new offering will be available in the second half of 2009 and will protect against viruses, spyware, rootkits, and Trojans, the company said in a statement. With the arrival of Morro, Microsoft pla......
[more] Hackers leverage Obama win for massive malware campaign Hackers have seized on the results of the U.S. presidential election to launch a major malware campaign that tries to trick users into installing an update to Adobe Systems Inc.'s Flash, but actually plants a Trojan horse on unprotected PCs, security experts warned today. The malware blitz stems from spam messages touting Sen. Barack Obama's victory last night, and offers up a link to what is supposedly a site sporting election results. W......
[more] Websense detects new 'Better Business Bureau' spam campaign Websense has detected a new round of ‘Better Business Bureau' spam emails. The Websense Security Labs ThreatSeeker Network has identified the spam which uses social engineering tactics to entice readers to follow a link in the message in order to ‘register new software and update contact information'. It claimed that tens of thousands of messages had been sent, and from appearance, looks like it has been sent by the same phishers who t......
[more] Facebook Malware Campaign Targets New 'Friends' Security researchers discovered a new malicious social-engineering spam campaign Monday designed to lure victims and distribute malware by impersonating the Web 2.0 social networking site Facebook. Capitalizing on the popular social networking site, attackers spoofed the domain facebookmail.com, the official domain used by Facebook for outbound e-mails when alerting users about an upcoming event. Initially, the attack is implemented as a message t......
[more] Hackers prevent research on malicious code Cybercriminals are randomizing content served from malicious web pages so that they can prevent security researchers from doing proper analysis. According to Websense Security Labs, malware tracking is becoming more difficult because IP addresses and user-agents are being tracked rigorously and often, when pages are served, the content is randomized.Following analysis of malicious Flash files, the company investigated a situation where upon receiving a......
[more] Olympians Connect with Fans through Blogs In a move that advocates say will bring Olympic athletes closer to fans, a Raleigh, North Carolina-based PC company is reporting the rapid spread of on-site blogging by competitors in the Beijing games. Officials at Lenovo reportedly say that more than 100 athletes are participating in their “Voices of the Olympic Games” blogging program, generating 1,374 athlete postings on the forum and reaching more than 8.5 million fans through third-par......
[more] Managing Access to Facebook: A Good Idea? The increased use of social-networking sites by businesses has given IT managers greater cause for concern as a growing number of these sites lure users to share sensitive information. Indeed, many sites like Facebook have warned their users to be on the lookout for spam and other vulnerabilities. Nevertheless, the reality is that these sites are getting more and more users, which increases the likelihood of spam, phishing and other security threats infi......
[more] 8 ways to fight spam filter frustration Spam. It fills our in-boxes, wastes our time and spreads malware -- and it's only getting worse. According to Ferris Research, which studies messaging and content control, 40 trillion spam messages are expected to be sent in 2008, costing businesses more than $140 billion worldwide -- a significant increase from the 18 trillion spam messages sent in 2006 and the 30 trillion in 2007. In theory, e-mail filtering software and appliances allow "good"......
[more] Attackers ramp up zero-day ActiveX exploits Attacks taking advantage of a zero-day vulnerability in a Microsoft Active X control are increasing in prevalence, nearly a month since the flaw and ensuing exploit code first was announced. The bug, which enables an attacker to gain privileges of a logged-on user to launch remote code, affects the ActiveX control for the Snapshot Viewer in Office Access 2000, 2002 and 2003, Microsoft has said. "We've been closely monitoring this exploit sin......
[more] This IT shop isn't worried about bandwidth demands from the Olympics The 2008 Olympic Games in Beijing are just a week away. Is your IT department ready to handle the impact on your business from employees downloading online video of the opening ceremonies or the latest gymnastic feat? Some users are already prepared, such as Brunswick Corp., a maker of boats and marine engines and fitness, bowling and billiards equipment. The company is using a technology that enables its 20,000 employees worl......
[more] Mid-year security report: Web sites, open source, social networking at risk IBM and Websense are separately issuing their semiannual security trend reports this week, and the picture isn't pretty for Web sites, open source software and social networking programs. The IBM Internet Security Systems "Midyear Trend Statistics" report tracked 3,534 disclosed vulnerabilities in software for the first half of the year, a 5% increase from the first half of 2007. When it comes to the ......
[more] Detroit Knocks Out Email Threats and Improves Citywide Communication With Websense Hosted Email Security The "Motor City" of America, known for its legacy of developing fast automobiles, recently saw its city government email system slow to a crawl, plagued with email servers overrun with spam and computers infected with viruses. That's when the City of Detroit Information Technology Services (ITS) decided to replace their server-based anti-spam solution with Websense® Hosted Email Security acro......
[more] Fake Microsoft patch spam A new spam attack falsely alerts users to download a Microsoft patch, but when responded to, the user is directed to a page that installs malware on the user's computer. According to a report from Websense, the message tells users that their Windows version is vulnerable to a critical security issue and directs them to a download page. The link actually uses an open redirect to a legitimate shopping site. From there, the redirect forwards users to a URL with a pop-up b......
[more] 'Security threats have moved to the Web' The world is not new to threats arising out on the Internet but its magnitude has left everyone stumped and this with security architects working round the clock to ensure that you are safe in the virtual world. But each year, newer weapons are being unleashed only to leave you surprised and annoyed. Jim Haskin, CIO, Websense Inc speaks to Prasad Ramasubramanian of CyberMedia News on the latest trends that his company is seeing and how one can be left wel......
[more] New Storm Worm Capitalizes on Earthquake in China, Upcoming Olympics Websense announced that the Websense Security Labs ThreatSeeker technology has discovered a new Storm Worm social-engineering tactic, capitalizing on the recent global attention around the recent natural disaster in China and the upcoming Olympics, also to be held in China. These malicious sites speculate that the upcoming Olympics in Beijing would be "under the threat of failure" because of the recent earthquake in......
[more] Six burning questions about network security Security issues often seem to smolder more than burn, but these six are certainly capable of lighting a fire under IT professionals at a moment's notice. Handle with care. Is server virtualization worth the risk? The benefits of moving away from traditional servers to virtual-machine (VM) arrangements are the cost savings in hardware consolidation and remarkable flexibility. But less-welcome consequences can be security gaps and virtual-server spraw......
[more] Voltage Security and Websense Join Forces to Help Secure Organizations' Essential Information Voltage Security, a global leader in information encryption, and Websense, Inc. (NASDAQ: WBSN), a global provider of Web, email and data protection technologies, today introduced an integrated security solution that will provide customers with comprehensive protection for their essential information across Web, email and data security systems. By enabling customers to apply data-centric protection, busi......
[more] Websense Named One of Most Influential Technology Vendors in 2008 Websense, the technology leader in integrated Web, e-mail and data security solutions, today announced that industry analyst firm Aberdeen, a Harte-Hanks Company recognized Websense as one of the 100 most influential technology vendors in its 2008 State of the Market Report. Websense is one of only three security software vendors included in the list, which is based on "open-text" responses of a recent survey of nearly......
[more] Javascript injection claims UN and UK government sites Comparisons between two mass Javascript injection attacks suggest they may be related, according to a security company. The latest attack has compromised various sites including one United Nations and several UK government sites with links to malicious servers. On Tuesday Websense reported seeing distinct similarities between attacks staged earlier this month and over the weekend. Specifically, they cite the use of the same tool to execute......
[more] Advice for securing your site and your reputation Is your company's Web site hacked? Today, it can be hard to tell. Online crooks who successfully break into a site often sneak in small bits of code that leave no visible trace but can attack visitors who simply view the page. In fact, according to a Websense Security Labs report, online thugs who want to spread their viruses, Trojans and other malware are more likely to hack an existing site than to put up their own poisoned page......
[more] Bot breaks Hotmail's CAPTCHA in 6 seconds A new bot can crack defenses erected by Microsoft Corp. to keep spammers from creating large numbers of accounts on its Live Hotmail service within seconds, a security researcher said today. Dan Hubbard, vice president of security research at Websense Inc., said the bot broke Live Hotmail's CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart) within six seconds, on average. CAPTCHA is the name given to the distorted, scra......
[more] Adobe fixes seven flaws in Flash Player Adobe has upgraded its Flash Player to fix seven vulnerabilities in the graphics and video software widely used for interactive Web pages and banner advertisements. Adobe classifies the patches as "critical" and advises people upgrade to the latest version, 9.0.124.0. All of the vulnerabilities could allow a hacker to execute code on a machine. One of the vulnerabilities allowed Shane Macaulay to win a laptop in the PWN 2 OWN hacking contest at last month......
[more] Do CEOs deserve jail for data breaches? A growing number of security pros believe that the way to stop data breaches from happening is simple as it is stark -- send the CEOs or board members deemed responsible to jail. The opinion emerged from a survey by security mainstay Websense at the recent UK e-Crime Congress. The survey polled 107 security professionals on their opinions. Seventy-nine percent believed that companies should be fined for data breaches -- something that already happens in s......
[more] Spammers still defeating CAPTCHAS Spam originating from Google Inc.'s Gmail domain doubled last month, indicating that spammers are still defeating the CAPTCHA, the distorted text used as a security test to thwart mass registration of e-mail accounts and other Web site abuse. Gmail spam went from 1.3% of all spam e-mail to 2.6% in February, according to data released today by e-mail security vendor MessageLabs Ltd.The new statistics are another nail in the coffin for CAPTCHA, which stands for C......
[more] Chelmsford council deploys hosted e-mail security platform to cut costs Chelmsford Borough Council has selected the hosted Websense E-mail Security system to protect its network and reduce costs. The three-year contract covers about 1,000 users and will help the council prevent spam and e-mail-borne threats. Websense Hosted Email Security is now fully deployed following a brief evaluation for testing. The service identifies and stops spam and e-mail-borne viruses, phishing attacks and other mal......
[more] Link hack redirects MySpace visitors to phishing site Security researchers at Websense have uncovered what they called a "link hack" that bypasses the attempts of social networking website MySpace.com to control and filter the links on its pages. The perpetrator of the link hack has found a way to avoid MySpace.com's "parsing" of all links on its pages, Stephan Chenette, manager of Websense's security labs, told SCMagazineUS.com. This parsing normally redirects all links on a MySpace.c......
[more] Spammers crack Gmail Captcha Spammers, fresh from the success of cracking the Windows Live captcha used by Hotmail, have broken the equivalent system at Gmail. Internet security firm Websense reports that miscreants have created bots which are capable of signing up and creating random Gmail accounts for spamming purposes, defeating Captcha-based defences in the process. It reckons the same group of spammers are behind both attacks. Captcha (Completely Automated Public Turing test to tell Comput......
[more] Getting a grip on security - Indian style A survey of security in Indian organisations presents a fascinating insight into the risks perceived by IT professionals there. The Websense SOS “State of Security” survey questioned IT managers in 450 organisations in Delhi, Bangalore, Chennai, Mumbai and Hyderabad, included both large businesses and small and medium enterprises. Key findings include: Time spent on non work-related Web sites IT managers estimate that employees spend 5 hours per week on......
[more] Automated crack for Windows Live captcha goes wild Spammers are using a sophisticated piece of software that can create thousands of Windows Live email addresses by cracking the protections designed to prevent the large-scale creation of fraudulent accounts. According to security firm Websense, the bot is surreptitiously installed on the PCs of end users. It then establishes a connection to the registration page of the Microsoft-owned mail service. About a third of the time, the software is abl......
[more] Spammers cloak scams by redirecting through Google services Spammers are using thousands of Google accounts to camouflage their scams from anti-spam filters, a security researcher said Friday. He dubbed the practice "Spam 2.0." Rather than inserting links to the actual pages touting their products, some junk mailers are sticking in links from domains registered with Google Page Creator - the search engine's free web page maker - or accounts with Google's Blogger.com service, said Dan Hubbard, v......
[more] Most malware comes from legit sites, says researcher The majority of Web sites serving up attack code are legitimate domains that have been hacked by criminals, a security researcher said in a report released today. It\'s the first time that legitimate sites outnumber the malicious ones hackers purposefully set up to spread malware. According to data compiled by Websense Inc., 51% of the sites it classified as malicious in the second half of 2007 had been compromised and then seeded with attack......
[more] New phishing wave claims payroll fraud to dupe victims A Romanian-based criminal group is behind a new trojan-laced, socially engineered email run that tries to trick recipients into believing their employer committed payroll reporting fraud, security researchers said today. The phishing messages pretend to originate from the National Payroll Reporting Consortium (NPRG), a nonprofit that provides payroll processing services to employers. Recipients are told that their employer has tried to cut......
[more] Hackers quickly move to exploit Bhutto assassination Within hours of yesterday's assassination of former Pakistani Prime Minister Benazir Bhutto, malware makers exploited the breaking news to dupe users into downloading attack code, security researchers said Friday. Searches for news about Bhutto's killing and the ensuing chaos in Pakistan listed sites pimping a bogus video coder/decoder (codec), said analysts at McAfee Inc., Symantec Corp. and WebSense Inc. For instance, WebSense found such a......
[more] Websense offers data leak protection beta Websense is to release an endpoint security product for content protection next year, along with an accompanying set of open APIs for third-party vendors to work with. Devin Redmond, director of security products at Websense, said the product, tentatively called Content Protection Suite Endpoint, was available in beta for desktops based on Windows 2000 or XP and up. The endpoint security software, which works to ensure sensitive content isn't copied int......
[more] Websense Warns Consumers of Online California Fire Scams Websense, Inc. today announced that its security research team has discovered suspicious online scams designed by criminals to steal money from those donating to the California fire effort. Websense also urged consumers to take steps to ensure that donations are reaching the intended recipients, and to notify officials of suspicious Web sites. "Unfortunately, as we saw with Katrina and several other recent emergencies, there are crim......
[more] Trojan horse dupes Skype users, steals usernames and passwords Skype Ltd. again warned users of its software that malicious code targeting the voice-over-IP (VoIP) and instant messaging service was on the prowl, the second such alert in the past five weeks. A Trojan horse posing as a Skype add-on is stealing log-on credentials, the company\'s online spokesman, Villu Arak, said yesterday in a blog posting. Calling itself Skype Defender, the malware installs if users download and run the executab......
[more] Websense makes swingeing cuts at SurfControl Security vendor Websense has been quick to swing the axe following the completion of its $400m (£197m) merger with rival SurfControl yesterday.CRN understands that up to 15 top-level SurfControl executives and more than 300 SurfControl staff in total have or will be made redundant as Websense attempts to squeeze out duplicate costs.Sources close to events claim that 65 people in one of SurfControl's UK locations have already been let go.Althoug......
[more] Bigger Websense Vows Complete Protection Tech security providers have recently sought more safety in numbers, gobbling up other firms for hundreds of millions of dollars.Employee Internet use monitor Websense WBSN is the latest to try it, on the heels of Cisco Systems $830 million pick-up of IronPort Systems in June and Symantec's April buy of Altiris for $815 million.Websense's more than $400 million deal for its main rival, U.K.-based SurfControl, closed on Wednesday.With a market cap of......
[more] Websense Completes Acquisition of SurfControl Websense, Inc. today closed its acquisition of SurfControl plc, as the scheme of arrangement relating to the recommended offer for SurfControl plc, at a price of 700 pence per share, has now become effective. The final purchase price is approximately pounds Sterling 204 million, including deferred compensation and stock option expense. The acquisition represents a major milestone in the execution of Websense's growth strategy to expand its security......
[more] 'Merger of equals' for rival VARs Security VARs Global Secure Systems (GSS) and Peapod have mirrored the impending union of their respective vendor allies Websense and SurfControl by completing their own merger.Peapod's owner, private equity firm CTIL, has taken a stake in the new entity formed to co-ordinate the merger, GSS Holding, although exact terms of the deal have not yet been disclosed.David Hobson, managing director of Worthing-based GSS, insisted it was a ‘merger of equals', des......
[more] Ethical hacking courses for sale on eBay Ethical hacking kits, which provide a variety of tools for penetration testing, password theft and guides to virus development, are being sold on eBay. Three hacking courses were being auctioned on Thursday, according to Tier-3, a UK-based behavioral analysis vendor.Calling this "a serious development," Geoff Sweeney, Tier-3's CTO, noted, "It basically puts high-level hacking tools, including surreptitious trojan loaders and website-hacking......
[more] GSS and Peapod merge to create leading UK Information Security Partner and Trusted Advisor Having both been leading Security Integrators for over 10 years, GSS and Peapod announce today that they have merged their associated businesses. The new company which will continue under the GSS brand will be one of the largest security integrators and consultancy firms in the UK with over 2,500 combined clients.GSS will to be run from Worthing, West Sussex and Peapod's new offices in Bracknell (with add......
[more] Crunch time for GSS over Peapod merger Industry experts predict combined company will encroach on larger players’ territory GSS has headed off months of channel speculation by confirming that it is on the verge of merging with rival security VAR Peapod.Rumours first surfaced that Peapod, which was plucked from administration by private equity firm Global Emerging Markets in 2002, was up for sale in May, with Websense partner GSS among the fancied suitors. David Hobson, managing director of Worth......
[more] SurfControl adds reputation to email filter SurfControl has upgraded to its email security software with reputation services and regulatory compliance features. SurfControl E-mail Filter 6.0, available now, includes the company's own reputation service - previously only available as part of its hosted email security service - that automatically drops connection requests from IP addresses with a history of sending spam, according to Dave Tripier, senior vice president of product management for S......
[more] SurfControl shareholders give Websense the green light Acquisition proposal given almost unanimous approval by shareholders SurfControl shareholders have given an almost unanimous thumbs-up to the proposed acquisition of the company by web security vendor Websense.At a shareholders' meeting yesterday, holders of more than 99 per cent of the ordinary shares voted in favour of the transaction.It is anticipated that a court hearing to sanction the acquisition will be held on or around 2 October, an......
[more] SurfControl dips into the red ahead of WebSense takeover SurfControl announced improved sales but a dip into the red on Wednesday, in what's expected to be the censorware firm's last quarterly earnings report before the completion of its acquisition by Websense.For its fourth quarter, which ended 30 June, SurfControl brought in revenues of $33.9m, up 23 per cent on sales of $27.6m for the same quarter last year. Pre-tax loss for Q4 2007 came in at $6.2m, compared to profits of $0.5m for Q4 2006......
[more] Meet Web 2.0's evil twin Web 2.0-enabled social networking sites present another attack vector for the bad guys, as well The move towards Web 2.0 technologies may well be another race between functionality and security, and for now at least, security seems to be at the tail end.Security professionals are raising the red flag on the increasing pervasiveness of Web 2.0 technologies in the enterprise, saying that while it offers the benefit of rich applications, the risks associated with Web 2.0 ca......
[more] War on phishing to last 20 years Cybercrime experts believe we are in for the long haul fighting phishing attacks as criminals change tack. The fight against phishing gangs could last 20 years, according to an expert.Speaking at a MarkMonitor roundtable event in London, Tony Neate, managing director of internet safety campaign Get Safe Online said that online crimes and the gangs who commit them will still be around for the foreseeable future."We will still have people falling for phishing......
[more] Websense Acquisition of SurfControl Receives Clearance from U.K. Office of Fair Trading Websense, Inc. today announced that the U.K. Office of Fair Trading (OFT) has decided not to refer the proposed acquisition of SurfControl PLC to the Competition Commission, thereby granting merger control clearance. The pre-conditions to the acquisition now have been met, and the companies expect to make the Scheme Document available to SurfControl shareholders shortly. "The satisfaction of the pre-con......
[more] Websense moves into mid-market Content security and data leak prevention specialist Websense has made a push into the mid-market with the launch of new web security software, and an improved self-service customer support portal.Websense Express provides protection from web-based threats, using the firm's ThreatSeeker technology to manage corporate internet use; preventing access to sites which present security risks or that will cost the enterprise in bandwidth and productivity, according to th......
[more] Websense: Google Pages hosting phishing attacks Researchers are warning internet users to be on the lookout for website scams appearing on Google Pages. This month, experts at Websense reported a spike in the user-created sites hosting phishing schemes, such as one for eBay, Dan Hubbard, vice president of security research at San Diego-based Websense, told SCMagazine.com today.Attackers are drawn to the Google Pages, which are hosted on Google servers, because they may evade web filters. The sit......
[more] Hackers Launching Attacks Against Yahoo Messenger Bugs Websense researchers report 40 to 50 malicious sites are taking advantage of critical vulnerabilities in the instant messenger. Malware writers have latched on to the exploit code for the critical bugs in Yahoo Messenger, setting up 40 to 50 malicious Web sites to attack unsuspecting, and unpatched, users. "This threat is critical," said Stephan Chenette, manager of Websense Security Labs, in an interview. "The use of [the ex......
[more] Making sense of Websense's SurfControl buyout The move makes the combined companies more attractive as a potential acquisition by one of the big three IT security firms Websense's $400 million buyout offer for rival network filtering specialist SurfControl should help position the two companies for short-term growth and possible acquisition in the future, according to market watchers.Company officials and industry analysts agree that the marriage of the two network security filtering specialists......
[more] Surfcontrol soars on £201m takeover Shares in internet security expert SurfControl shot up on a recommended cash offer of 700p from its main US rival, Websense. The offer values Surfcontrol at £201m. The pre-conditional offer from California's Websense represents a premium of 63% to Surf's closing price of 428.75p on December 6, the last day before the company revealed it had received an approach. It also represents a premium of 40% to Surfcontrol's closing price of 500p yesterday.......
[more] Websense to Acquire Surfcontrol Websense today announced that its subsidiary, Websense SC Operations Limited, has made a pre-conditional cash offer to acquire all of the issued and to-be-issued ordinary shares, excluding treasury shares, of SurfControl PLC, a provider of on-demand and software-based Web and email security solutions. Under the terms of the proposal, SurfControl shareholders will receive 700 pence in cash for each SurfControl share. The proposal values SurfControl's existing issu......
[more] Attackers improve on JavaScript trickery As JavaScript becomes an increasingly key component of online attacks, attackers are investing more energy in obfuscation and other techniques to make defenders' attempts at reverse engineering more difficult, a security researcher told attendees at the annual CanSecWest conference on Wednesday. Attackers have adopted the same techniques used to hide the purpose of other types of malicious code, such as splitting up the code into many components a......
[more] Workers exchange passwords for chocolate More than two-thirds of British employees would hand over their passwords in exchange for chocolate and a flirty conversation, according to new research.A study conducted by the organisers of Infosecurity Europe 2007 has revealed that 64 per cent of employees can be tricked into giving up their passwords in this way.About 40 per cent fell by the wayside even before this point after being asked what the most common password is, followed by a request for t......
[more] Two Days Per Month Wasted on Aimless Web Surfing Now what was I looking for? Once merely the wistful question of the gray-haired set, the phrase has -- in classic Internet fashion -- been reduced to an acronym, turned into a verb, and given a new definition. In the United Kingdom, the act of wandering aimlessly through the Web's endless hyperlinks is now known as "wilfing" (What Was I Looking For). And, according to a British market research firm, wilfing is becoming a national epidem......
[more] Racy Britney Spears photos used as ANI exploit lure Count a website touting racy photos of former pop diva Britney Spears as one of about 450 that are hosting the dangerous ANI exploit, patched on Tuesday by Microsoft in an emergency release. Spam, written in HTML to evade filters, arrives with the subject "Hot Pictures of Britiney Speers" and contains links leading to the malicious sites, according to a security alert from Websense. Obfuscated JavaScript on these sites actually b......
[more] Websense Wireless software protects minors from inappropriate Internet content Websense Wireless has unveiled new software that allows wireless operators and service providers to provide advanced security features to protect both end-users and the network from malicious Web content and to adhere to regulatory, industry and government regulations designed to protect minors from inappropriate Internet content.The new software - the Websense Wireless URL Categorization Engine - allows operato......
[more] Instant messaging attacks up 200 percent in a year The growing adoption of instant messaging (IM) platforms in corporate environments has made the technology more attractive to hackers, who have, in turn, attacked IM 200 percent more often than this time last year. Researchers at Akonix's IM Security Center reported today that they've seen 31 new malicious code attacks on messaging platforms this month, including worms such as IMspam, QQpass and TrigXF. Of all IM-based malware, Maniccum and Hotm......
[more] UK firms failing to protect sensitive data Businesses 'not in control' of their information, says Websense UK office workers believe that their employers would not know if they transported sensitive information out of the workplace, new research has claimed.The annual Websense opinion poll on attitudes about handling company information revealed that over half of the survey's 100 respondents believed their company would have no way of knowing whether they took or accidentally sent information.Of......
[more] Trojan horse targets Skype users Miscreants have again adapted the Warezov Trojan horse to target Skype users, Websense Security Labs warned last week. The attack is similar to threats that target instant-messaging applications. A targeted Skype user will receive a chat message with the text "Check up this" and a link to a malicious executable called "file_01.exe" on a Web site, Websense said in an alert. If the user runs the file, several other files are downloaded and run,......
[more] Google Maps used to locate phishing victims Account holders with at least two Australian banks have become victims of a phishing scam in which malicious code reveals the physical location of affected IP addresses using Google Maps. Bank account holders in Germany and the U.S. have also been targeted. The software installs a Trojan capable of key-logging user activity, hijacking infected computers. The scam was circulated as a false news report claiming the Australian prime minister had suffered......
[more] McAfee to tackle data loss McAfee is to enter the data loss protection market with software designed to guard sensitive information from unauthorised access and transfer at the network, desktop and notebook levels. The McAfee Data Loss Prevention Host will monitor data leaving the network via e-mail, IM, printed documents, USB drives, CD-ROMs and other methods, says Vimal Solank, senior director of product marketing with McAfee. The software sends up alerts when data deemed sensitive - such as......
[more] Just two days before Super Bowl XLI, hackers use Dolphin Stadium website to exploit PCs Hackers today embedded a JavaScript-enabled trojan in the website of Dolphin Stadium, home to Sunday's Super Bowl XLI, stadium officials confirmed to SCMagazine.com "A link to a malicious JavaScript file has been inserted into the header of the front page of the site," Websense Security Labs said in an alert. The script attempts to exploit two previously-fixed vulnerabilities, one of which is a......
[more] Weston College tightens security IT security threats including spyware, instant messaging attachments and removable media were becoming a concern Weston College has implemented new security systems to improve protection of over 800 users and control application use.The Web Security Suite from Websense offered the college flexibility and control over how the students and staff use the computing facilities without locking down everything and impeding the web as a learning resource.Mark Hill, head......
[more] Websense snags leak prevention provider PortAuthority for $90 mil Internet filtering vendor Websense today joined the hot information leakage prevention market by acquiring PortAuthority Technologies for $90 million. By joining forces, solutions from both companies will "help organizations prevent the unauthorized use or disclosure of confidential data while simultaneously protecting users from external malicious threats," according to a joint statement issued today by San Diego-based......
[more] Skype worm spotted Internet security firm Websense has discovered a worm that uses Skype to propagate. Skype is best known for allowing its subscribers to make free telephone calls over the Internet. The company has over seven million subscribers and was acquired just over a year ago by online auction firm eBay for US$2.6 billion (£1.32 billion)Early reports indicate the worm sends messages via Skype Chat, which is an instant messenger tool, asking recipients to download and run a file cal......
[more] Websense to get into threat analysis and IP leakage Websense Inc's chief executive Gene Hodges has said the company is set to diversify next year with a new product for web threat analysis and another that will take it into the nascent segment for information leakage detection and prevention systems. The web filtering software vendor is best known for its content filtering software that blocks employees from accessing websites by category or keyword, or restricts surfing to particular parts of t......
[more] MySpace worm goes phishing A malicious video on MySpace.com pages changes people's profiles when played, embedding itself and adding links to fraudulent websites, experts have warned.The video is a rigged QuickTime file that exploits a MySpace vulnerability and support for JavaScript in Apple's embedded media player, web security company Websense said in an alert posted last week.When played by a MySpace user, the video adds itself to the user's MySpace page and replaces the links on the user's......
[more] WebSense brands new ThreatSeeker technology WebSense releases a collection of tools to help firms shore up security Web security specialist WebSense has announced a new collection of technologies designed to identify web-based threats before attacks are launched, and new versions of its Web Security Suite.WebSense ThreatSeeker is a combination of over 100 processes and systems developed by the firm's Security Labs over the past five years and built into its products to provide proactive threat p......
[more] Security firm warns of Halloween malware Cyber-tricksters using 'typo-attack' to spread malicious software Web filtering and security firm Websense has warned internet users to be aware of online tricksters seeking to exploit this year's Halloween celebrations.Websense claims to have identified some scary websites set up to dampen the Halloween cheer.Users may encounter one of these malicious sites when searching Google for Halloween items.Websense has described one instance of these s......
[more] Malicious Code is More Covert, Websense Report The Websense® Security LabsTM 2006 Semi-Annual Web Security Trends Report, which summarizes findings for the first half of 2006 and presents projections for the remainder of 2006. The report shows that the volume of attacks increased and malicious code became more covert, less recognizable and more targeted toward financial gain. Not only has malicious code become more sophisticated, but the infrastructure supporting its creation and spread has......
[more] Toolkits Help Increase Number of Malicious Web Sites The number of malicious Web sites is on the rise, and with toolkits available to create them it's really no wonder. According to Websense the number of malicious site increased by 100% during the first half of 2006. Of the malicious sites detected by Websense 15% were created using ready-made toolkits, which can be had for anywhere from $30 to $3000. That cost is a drop in the bucket compared to the money raked in by the ilk who establish suc......
[more] Samsung removes Trojan from US Web site Samsung Telecom has removed a Trojan horse that was being hosted on its Web site but the site's main page has been inexplicably unavailable all weekend. On Monday, a spokesperson for Samsung told ZDNet Australia that the offending file has been removed but could not explain why the site seems to be experiencing difficulties."The malicious code has been taken down and it is being investigated -- [the malware] has been identified and it has been pulled......
[more] Samsung Web site hosts password stealing trojan Samsung's US Web site is hosting a Trojan horse that logs keystrokes, disables antivirus applications and steals online banking access codes, according to Internet security firm Websense. Visitors to the Web site are not affected by the malware and Websense believes Samsung's Web server has most likely been compromised in order to serve malware to users that receive spam messages or malicious IM messages.Joel Camissar, Australian country manag......
[more] Windows patch and iPod exploited in e-mail scams Fake Windows security patches and rogue iPod invoices have been making the rounds this week as spammers continue trying to fool people into installing Trojans on their PC. Internet threat monitoring firm Websense issued an advisory on Wednesday about a fake e-mail that encourages recipients to install a patch to fix a Windows vulnerability described in Microsoft security bulletin MS05-039.According to Websense country manager Joel Camissar the e-m......
[more] Trojan data-stealer hijacks ICMP traffic A Trojan has been discovered that attempts to evade detection by sending stolen data back to its criminal creators using the ICMP (Internet Control Message Protocol) back channel. Detected by security company Websense, the unnamed Trojan is a relatively conventional data-stealer up to the point it communicates back to its host. Once a PC has become infected, the Trojan installs itself as an Internet Explorer browser helper object (BHO), and then waits qu......
[more] NASA hacker debate rages on Security experts are split over Gary McKinnon's extradition for allegedly hacking US Government computer systems, while the majority of ZDNet UK readers polled do not think he should be tried in America Security experts are divided over whether Gary McKinnon, the alleged NASA hacker, should stand trial in the US. McKinnon was told last week he would be sent to the US after Home Secretary John Reid signed his extradition papers, but he has vowed to appeal the decision......
[more] Websense finds malware with Google Research from Websense Security Labs has found that thousands of pieces of malicious binaries are available on the web.Websense searched Google with Google's own application programming interface to find malicious executables indexed by the search engine.A Google query for 'Signature: 00004550' results in numerous links to executable files. The reason this search works is because when Google indexes the executable file, it passes the PE file format of the......
[more] Football union scores staff mobility goals The Professional Footballers' Association (PFA) plans to upgrade computer systems to enable staff to access email and other applications remotely.The trade union - which advises footballers in England and Wales - expects to replace Windows NT4 and Microsoft Exchange 5.5 servers with systems providing greater functionality to staff based in Manchester, London and Birmingham.By updating IT systems the PFA hopes to introduce remote working applications th......
[more] Ulster Bank targeted in new phishing email scam A new phishing attack targeting customers of Ulster Bank has been discovered, weeks after a similar fraud was attempted on AIB. Websense Security Labs revealed today that it has received reports of the fraud, whereby users receive a spoofed email message claiming that their account details must be verified due to software maintenance and system upgrades. The message links to a phishing website that requests users to log on and provide account deta......
[more] Phone phishing attack hits US Criminals are trying a new approach to try to dupe people into downloading a Trojan horse program Criminals have launched a blended attack which attempts to lure users to a malicious Web site via text message. IT managers have been warned to alert their staff to the attack, which uses social engineering techniques to try to trick users to the phishing site, according to security vendor Websense.Users are sent an SMS text message to their mobile phone, thanking them......
[more] Zombie builders send out phone texts Hackers are trying to lure people to a malicious Web site using cell phone text messages, a security company has warned. The blended attack uses social engineering techniques in its attempt to trick people to the site, security vendor Websense said in an advisory. An SMS text message is sent to the targets' cell phones, thanking them for subscribing to a fictitious dating service. The message states that they will be automatically charged a fee of $2.00 per......
[more] 1,000 Aussies caught in NAB phishing attack A phishing email claiming that The National Australia Bank (NAB) is bankrupt has caught more than 1,000 of the bank's customers in its net.The email warns the bank's customers that NAB might be bankrupt. It claims the bank's ATMs are not working and that people are starting panic withdrawals. It invites them to click on a link that will provide them with more information.You won't be surprised to learn that this link in fact downloads a Trojan onto th......
[more] Trojan targets Google hosting service A Trojan horse has been discovered in Google Pages, a Web site hosting service offered by the search giant. An attacker apparently uploaded a malicious file to a Googlepages.com server, part of a service that allows people to create their own Web pages, said Dan Hubbard, the senior director of security research at Websense Security Labs. The Trojan could lie dormant on a user's system until the individual logs on to a banking Web site and then attempt to st......
[more] Men a bigger insider threat to U.K. businesses than women Businesses in the U.K. face a serious security threat from their own employees, according to new research. Nearly a quarter (22 percent) of U.K. employees admitted to having illegally accessed sensitive internal information, such as salary details on their employer's IT systems, and over half (54 percent) would do so, given the opportunity, according to the study.The research by online polling firm YouGov, commissioned by Microsoft, found......
[more] World Cup 'a drain on bandwidth,' study says Organizations face a potential drain on bandwidth and employee productivity when streaming online coverage of the FIFA World Cup becomes available in two week's time, according to a recent poll. According to 266 IT managers who participated in the May survey, commissioned by St. Bernard Software, 85 percent of organizations do not plan to block workers' internet access to sites running World Cup footage, news and discussions.The most popular sporting......
[more] Websense: Keylogger attacks double in a year Almost one in five organizations have been the victim of a keylogger attack this year, a new Websense survey reveals. Over the same time period in 2005, 12 percent of companies suffered a keylogging event, according to the firm's Web(at)Work Survey, which polled 351 of the nation's IT decision-makers and 500 U.S. employees ages 18 and up who have internet access at work.The survey, conducted earlier this year, also revealed bots, software silently ins......
[more] Spyware thrives in the corporate space The number of companies reporting spyware infestation has increased by just under 50 per cent over the past 12 months, according to a survey released by internet security specialists Websense.According to the annual Websense Web@Work survey, published on Tuesday, 17 per cent of companies with more than 100 employees have spyware - such as a keylogger - on their network.Joel Camissar, country manager for Websense, said: "This is almost 50 per cent grow......
[more] New IM, email bot creates own p2p network Email and instant messenger users are being warned about a new bot in the wild that creates a peer-to-peer (p2p) network of infected host PCs. The "Nugache" worm is spreading as both an email attachment and on AOL an MSN instant messenger (IM) networks, according to a warning from Websense Security Labs. "The command and control channel that is used is unique, as the bot appears to connect to infected peers instead of a static list,"......
[more] Hacker 'Smartbomb' Toolkit Attacks Unpatched Computers A dirt-cheap, do-it-yourself hacking kit sold by a Russian Web site is being used by more than 1,000 malicious Web sites, a security company said Monday.Those sites have confiscated hundreds of thousands of computers using the "smartbomb" kit, which sniffs for seven unpatched vulnerabilities in Internet Explorer and Firefox, then attacks the easiest-to-exploit weakness.For $15 to $20, hackers can buy the "Web Attacker Toolkit......
[more] BBC Being Used to Exploit IE flaw The modus operandi is that computer users receive spam e-mails from hackers containing the abstract of a BBC news story. When they click on the link, "Read More," they are directed to a forged copy of BBC's Web site wherein keylogging software designed to capture financial information then attempts to exploit the Microsoft IE vulnerability. This software is designed such that it monitors activity on various financial Web sites, and transmits the data......
[more] Online addicts make offices a surfer's paradise The stress levels of the overworked UK workforce just go on rising. The constantly growing pressure to meet all those demanding deadlines and budget targets is generating a whole swathe of psychological and physical problems. Yawn, yawn. Switch off the light; I feel my eyes gently closing.Now for more of the truth, unpalatable as it may be to all those who have a vested interest in preserving the myth: the senior managers who don't have a clue wha......
[more] Trojan Redirector Ups the Ante in Online Banking Attacks Researchers at Websense Security Labs have stumbled upon a password-stealing Trojan that uses sophisticated DNS redirection techniques to dodge server shutdowns and hijack online banking data.The new phishing attack targets users of more than 100 financial institutions in the United States and Europe, including Bank of America, HSBC, Barclays Bank, Lloyds TSB.According to an alert from Websense, the Trojan silently modifies the contents o......
[more] Websense and Crossbeam Systems Combine Web Security and Unified Threat Management Websense, Inc., a global leader in web security and web filtering productivity software, today announced that they have teamed up with Crossbeam Systems®, Inc., a leader in unified threat management (UTM), to offer customers powerful web security capabilities to mitigate today's web-based threats. Websense® Web Security SuiteTM integrated with Crossbeam appliances offer organisations a comprehensive securi......
[more] Websense Honored by SC Magazine The Websense Web Security Suite is named the winner of the 2006 SC Magazine Reader Trust Awards for 'Best Web Filtering' product. Websense, a provider of web security and web filtering productivity software, recently announced that their Websense Web Security Suite has been named the winner of the 2006 SC Magazine Reader Trust Awards for 'Best Web Filtering' product.The SC Awards, an award program for the information security industry, took place in San Jose, Cali......
[more] Drag-and-drop flaw in Explorer reported Browser vulnerability could allow hacker to take over control of a computer Security analysts and vendors are reporting a flaw in Microsoft's (Profile, Products, Articles) Internet Explorer browser that could allow malicious code to run and result in a hacker taking over complete control of a computer.
Microsoft was informed of a vulnerability with Explorer's drag-and-drop function in August 2005 after it was first found by Matthew Murphy, Noam Rathaus,......
[more] Bird flu spam spreads WMF trojan downloader Security experts have warned of a new malicious email that uses social engineering playing on the growing fear of an avian flu epidemic to trick users into visiting a malicious website. Users receive an email with the subject "Attention Bird Flu in England." The body requests users to click on a link to go either of two websites to get more information. The email also claims the government is trying to hide the facts on the flu.
Upon clicking on a lin......
[more] Phishers sneak into Yahoo accounts Bogus web pages seek to elicit user names and passwords Phishers are trying to get hold of Yahoo account details by targeting seemingly valueless sections of the site.
Instant messages started to appear this week asking unwitting recipients to check out pictures at an enclosed link. This led to a bogus Yahoo Photos website where users were encouraged to input their account information.
"Yahoo runs a syndicated username and password set-up across its entire on......
[more] McAfee president jumps to Websense McAfee President Gene Hodges has resigned to take the chief executive post at rival security company Websense, the companies announced separately Tuesday. Hodges, whose resignation is effective immediately, marks the latest case of a high-level executive jumping to a competitor. Websense provides Web-filtering security software, while McAfee, predominately known as an antivirus company, has been rapidly expanding its footprint into new areas of the security ma......
[more] Trojans attack unpatched Microsoft vulnerability Exploit code is appearing for an unpatched vulnerability in Microsoft's Windows operating system, but users will have to wait another eight days before their computers will be safe.
The problem lies in the system for handling Windows Meta Files (WMF) and was discovered on 27 December. Exploit code started to appear shortly afterwards and administrators are now being urged to block all WMF files for the time being.
"Microsoft is aware of the pub......
[more] Sites Installing Spyware Via Zero-Day IE Bug A security vendor says in an alert about the Internet Explorer vulnerability that it's detected thousands of sites connecting to a malicious URL that's "actively exploiting this vulnerability to execute malicious code." A still-unpatched Internet Explorer vulnerability that's been used by attackers since late November to compromise Windows PCs is now being used by large numbers of malicious Web sites to plant spyware and adware, a security company cl......
[more] U.K. servers caught hosting new generation phising scam Security experts warned of a new phishing attack that does not target any particular financial or ecommerce brand. The scam works by sending email users a message purporting to be from a bank welcoming them as a customer and claiming that they are the beneficiary to funds from the Alliance Security and Finance Company in Amsterdam.
Security firm Websense warned: "The email includes a URL to the bank and a username and password to log into......
[more] Websense opens So Paulo office US web filtering and desktop security software manufacturer Websense has opened an office in So Paulo, IT Web reported.
"We have the structure to attend to the demand here with the material, solutions and website in Portuguese," Websense's channel manager for Brazil Marcos Prado said.
According to Prado, Latin America is Websense's fastest growing region in terms of sales. For the first nine months of the year Websense posted revenues of US$109mn and net income......
[more] Windows Update Trojan causes havoc Spoofed Microsoft patch catches unwary users Two newly discovered virus threats are circulating on the web, one attacking client machines and the other targeting web servers, web monitoring firm Websense warned today.
The first threat is a basic Trojan which masquerades as a Microsoft security patch. Recipients are urged to visit a spoofed URL based in Canada which uses a very similar design to Microsoft's own Update Centre and downloads a file named 'plugand......
[more] Websense Awarded Second Patent for Flexible Web Filtering Technology Websense, the world's leading provider of employee internet management solutions, today announced that the United States Patent and Trademark Office has granted the company U.S. patent 6,947,985, entitled "Filtering Techniques for Managing Access to Internet Sites or Other Software Applications." Awarded on September 20, 2005, the company's second patent for its flexible filtering technology covers several key areas of competi......
[more] More pain for Sony over CD code Hackers are exploiting flaws in the software Sony is using to remove its controversial copy protection system. These are just proof of concept hacks, although security firms fear that users ridding themselves of Sony's CD software could soon face other dangers. Other security researchers have released tools that close the loophole opened by Sony's uninstaller.
Sony's music arm has now published a list of all the CDs that use its much criticised anti-piracy syste......
[more] Hackers, Scammers Hide Malicious JavaScript On Web Sites Crooks are using a new technique, called "JS/Wonka," to obfuscate their code, and it's spreading fast. Hackers and scammers have suddenly turned to a new technique to hide malicious JavaScript on compromised or criminal sites, a security researcher said Thursday.
According to Dan Hubbard, the senior director of security and research at Websense, a family of obfuscation routines with the umbrella name of "JS/Wonka" has spread wildly in the......
[more] Websense Issues New Security Trends Report Websense, Inc., a leading provider of employee internet management solutions, today announced the release of the 2005 semi-annual web security trends report issued by Websense Security Labs.
The report summarizes findings for the first half of 2005 and presents projections for the upcoming year.
According to the report, the web continued to evolve and grow as an attack vector in the first half of 2005. The report found a marked increase in the numb......
[more] Fraudsters get ready for Hurricane Rita Fears are growing that fraudsters are planning to exploit the after-effects of Hurricane Rita after a number of website registrations using the name.
Web monitoring firm Websense is warning that, even before the hurricane has hit the American mainland, fraudsters may be gearing up to exploit any charitable effort that follows.
In the wake of the Hurricane Katrina disaster fraudsters proved more than willing to try and scam the charitable out of their do......
[more] Phishers pluck Virgin customers A rash of phishing emails has been sent out targeting Virgin Money credit card customers.
Web monitoring firm Websense has warned of the attack, which Virgin Money confirmed had already caught two customers. The attack was detected early this morning.
"We are currently looking into this," said John Franklin, PR manager at Virgin Money. "We are getting information from our security team who are looking into it at the moment. So far only two people have been hit......
[more] SurfControl Web Filter Receives Coveted 'Best Buy' Ranking From SC Magazine SurfControl Web Filter Is the Only Solution Awarded 5 Stars in Group Product Test; Underscores Ease, Strength and Maturity of SurfControl's Web Filtering Solutions SurfControl, a world leader in enterprise threat protection, today announced SurfControl Web Filter received SC Magazine's "Best Buy" ranking in the September 2005 group test of Web filtering solutions. Commenting on SurfControl's Web Filter product, SC Magazi......
[more] Websense Unveils Ecosystem Websense, Inc. (Nasdaq: WBSN - News), the world's leading provider of employee internet management solutions, today announced the launch of a new technology alliance partner framework, the Websense® Web Security Ecosystem(TM) extending Websense Enterprise® and Websense Web Security Suite(TM) technology to critical enterprise security initiatives including network access control, security event management and identity management. Websense's expanded network of alliance......
[more] Phishers cast net for CompuServe users CompuServe subscribers are being targeted in a phishing scam based on a spoofed email message claiming that their CompuServe account has expired and will be frozen if their account information is not updated.
The scam was reported in an alert from Websense Security Labs.
The spoofed email includes a link to a US-based phishing site that attempts to collect the user's screen name, password, billing address and credit card information.
Websense has also r......
[more] Online scams emerge in Katrina's wake Hurricane Katrina has spawned more than misery and destruction--a new wave of scam e-mails and Web sites are exploiting the tragedy. Phony Web sites and e-mails, purporting to offer help to hurricane victims or provide more news on the destruction, are making their rounds on the Internet, security experts said Thursday.
One spam campaign that's circulating offers breaking news reports but tricks people into clicking a link that takes them to a bogus Web s......
[more] MSN blogs 'launch' spam, virus attacks Spammers have started using Microsoft's MSN blogging service to host malicious content used during spam and virus onslaughts, Internet security firm SurfControl said. MSN Spaces, which was launched at the end of last year, is a free content sharing and hosting service. Users are required to register for a Hotmail account, after which they can publish a blog and share files.
However, a relatively simple registration system means that spammers are exploiti......
[more] New IE flaw rated as "critical" Microsoft is investigating a report of a new, unpatched flaw in Internet Explorer that could expose users of the ubiquitous web browser to attacks.
An attacker could craft a malicious website that takes advantage of the flaw and gain control over the PCs that visit the website, or install malicious software on those systems, a representative of the French Security Incident Response Team (FrSIRT) said on Wednesday. FrSIRT rates the issue "critical", its most seri......
[more] Filter database ups web security Internet security specialist Websense has announced that its Master Database now holds details of one million executables to help firms protect desktops against web-based threats.
The database supports Websense's two desktop security systems - Client Policy Manager (CPM) and Security Suite-Lockdown Edition - to provide advanced filtering options to help firms secure desktops. It covers more than 50 categories of applications and executables, including malicious......
[more] Free Personal Web Hosting Sites Provide a Safe Haven for Hackers Websense finds thousands of cases of hackers creating web hosting accounts to spread malicious code, spyware and steal private data Websense, the world’s leading provider of employee internet management solutions, today announced that free personal web hosting sites are increasingly being exploited by hackers seeking affordable and anonymous ways to store and disseminate mobile malicious code (MMC) and dangerous types of spyware, s......
[more] Internet misuse costs businesses $178 billion annually Employees are using the Web more and more for personal reasons and that is setting U.S. companies back US$178 billion annually, a cost of $5,000 per employee, said a study released Tuesday by Websense, Inc.
The San Diego-based Internet management company reported that 50 percent of the surveyed workers admitted to using the Internet for personal purposes at work. Therefore, about 34 million of the 68 million total U.S. employees who use t......
[more] Websense on list of 100 Fastest Growing Small Companies in America for Second Consecutive Year Websense, Inc., the world’s leading provider of employee internet management solutions, today announced it has been named to FORTUNE Small Business Magazine’s fifth annual FSB 100 list of America’s fastest growing small companies for the second consecutive year, ranking number 31 out of the 100 companies listed. In addition to being number 31 overall, Websense was ranked number 21 by earnings-per-shar......
[more] MSN Site Hacking Went Undetected for Days Password-stealing software planted by hackers was active on Microsoft's popular MSN Web site in South Korea for days before the world's largest software company learned about the break-in and removed the computer code.
Police investigators and Microsoft specialists are continuing to search for clues to the culprits behind this week's high-profile computer break-in. More details emerged Friday about the hacking, which targeted subscribers of an online......
[more] Websense No. 23 on BusinessWeek's 100 Best Small Companies Strong Sales Growth, Earnings Growth, and Return on Invested Capital Earn Company a Place in Top Quarter of List Websense, the world's leading provider of employee internet management solutions, today announced it has been named to BusinessWeek's list of the "100 Best Small Companies - Hot Growth," ranking number 23 out of the 100 companies listed. According to the June 6th issue of BusinessWeek, "most of this year's top performers have......
[more] Miscreants encrypt files, hold them for ransom In a new type of online attack, extortionists remotely encrypt user files and then demand money for the key to decode the information. In a case documented by San Diego-based Web security company Websense, the attack occurs after a user visits a Web site containing code that exploits a known flaw in Microsoft's Internet Explorer Web browser. The flaw is used to download and run a malicious program that in turn downloads an application that encrypts......
[more] Nearly half of IT decision makers say employees have 'fallen for the phish' Websense maker of employee Internet management solutions, has announced the results of its Phishing Trends study, which is part of the company's annual Web@Work survey conducted by Harris Interactive. And the survey suggests phishing Web sites remain difficult to identify and many companies are not well protected against phishing attacks.
According to Websense's 2005 Phishing Trends Survey, only one-third (33 per cent)......
[more] Websense: Surfing the Web at Work May Be as Addictive as Cup of Coffee Websense, the world’s leading provider of employee internet management solutions, today announced the results of its sixth annual Web@Work study, the company’s annual survey conducted by Harris Interactive. From February 21 to February 28, 2005, 354 U.S. IT decision-makers who work for organizations with at least 100 employees were interviewed online, and from February 28 to March 21, 2005, 500 U.S. employees who have intern......
[more] Phishers spawn more keylogger attacks Surge in variants and sham sites... Phishers are increasingly using new methods to nab sensitive information from internet users, according to data from Websense Security Labs.
In recent months, the researchers at security software company Websense have detected a rise in schemes involving malicious programs known as keyloggers, according to the Anti-Phishing Working Group's March phishing trends report.
The technology, which records the keystrokes of pe......
[more] Websense Master Database Grows to 10 Million Active Websites Websense, Inc. , the world’s leading provider of employee internet management solutions, today announced that the best-of-breed Websense(R) Master Database now contains more than 10 million active websites, including sites with malicious code such as viruses and keyloggers. Working in conjunction with the company’s award-winning Websense web filtering and web security software, the Master Database enables sophisticated filtering optio......
[more] 'The end is nigh'... for email viruses But don't for a minute think there aren't more nasties on the horizon... Attendees at the InfoSec conference in London have predicted the end of email-borne viruses, suggesting the problem has simply had its day.
However, the most severe issue users now face is the growing problem of spyware, according to some, which is more than ready, willing and able to fill the void.
Dan Hubbard, senior director of Websense Security Labs, told silicon.com the number o......
[more] Blog at your own risk Blogs are getting popular with hackers too, so be careful whose blog you wander into Blog authors open up their lives to you on their web logs. But surf to the wrong blog, and you could be opening up your computer to a hacker.
A recent report by web security firm Websense warned that hackers are now using blog sites as gateways into computers of surfers who are tricked into clicking on a link to them.
These hacker-maintained websites contain malicious codes, such as Troja......
[more] Something Smells Phishy Here Chances are you've been phished already. You get an e-mail from Citibank or eBay (EBAY) telling you that your account has been compromised but that you can fix everything by going to the company website via the link provided. Clicking on it takes you to a website that looks authentic and urges you to enter your user name and password to protect your account. Doing so, however, delivers your login information to a hacker instead.
Companies like Citibank and eBay ha......
[more] Email worm graduates to IM The Chod.B worm is now spreading over Microsoft's instant-messaging service, after first being observed spreading over email systems last week A worm that first disguised itself as an email from computer vendors now attempts to trick MSN Messenger users into executing malicious files.The Chod.B worm, which was first discovered on April Fool's day, spreads via email purportedly from Microsoft, or security vendors Symantec and Trend Micro.When using MSN Messenger as its......
[more] Spyware: Is it clogging up your network? The cause of intermittent network connectivity problems can be hard to pin down in complex modern systems, but checking for spyware is a good place to start Organisations frequently ask me for assistance in diagnosing and resolving Internet problems. After a bit of detective work, I usually find that the problems are not really an Internet security issue. There's so much complexity in the corporate network these days, and so many places where a problem ca......
[more] Websense Announces Support for Microsoft Network Access Protection Technology Websense, the world’s leading provider of employee internet management solutions, today announced support for Microsoft’s new Network Access Protection (NAP) technology, a comprehensive architecture that provides IT administrators with secure management of client access to the network. Network Access Protection’s open architecture enables security technology vendors to deliver simple, comprehensive and secure manageme......
[more] Websense Enterprise Version 5.5 gains key safeguards In Websense Inc.'s Websense Enterprise Version 5.5, the Internet access control vendor has effectively added real-time Internet attack protection to its list of dos and don'ts.
Websense Enterprise 5.5 was released last month. Although the real-time database updates, along with a mobile client for laptops, are new, the foundation of Websense Enterprise 5.5 has been around for some time.
Websense Enterprise 5.5 is priced starting at $15 per y......
[more] Lax laptop policies create security concerns Company laptops are routinely used to download music and video, access porn, and do online shopping, a new Europe-wide survey has revealed.
So big has the problem become that laptops returning to company networks after their travels are now one of the biggest security hazards faced by many companies. Despite this, 70% of companies questioned offered no written guidance to employees on the use of their machines, and only a quarter imposed technologic......
[more] Web servers still doling out Scob code No high-profile sites are affected More than 100 Web servers are still distributing the "Scob" malicious code, first identified two weeks ago as code used in a widespread attack to plant Trojan horse programs on vulnerable computers, according to one computer security company. That attack used compromised Microsoft Corp. Internet Information Services (IIS) Web servers to distribute the Trojan horse programs.
Enterprise security software maker Websense In......
[more] Striking Back at Spyware Here's good news for surfers stressing over spyware that surreptitiously slips onto their PCs to track their whereabouts and serve up advertising: A legal noose is starting to tighten around its purveyors. Utah has made installing programs on a PC without the user's approval a $10,000 offense. California, Iowa, and New York are considering similar laws, and Congress is weighing federal legislation.
"Using underhanded tactics, these companies are not only invading you......
[more] News beats porn online A quarter of employees admit to surfing obsession Employees are far more likely to be addicted to news than to pornography, a survey has found.
Websense, a San Diego-based firm which provides software to monitor web habits at work, has found that news sites are proving the real internet addiction for employees.
It has to be said, of course, that most companies block access to porn sites.
Just over 20% of those surveyed said that they thought news was the most ad......
[more] Workers sacked for surfing porn The majority of sackings for internet misuse are due to workers downloading porn, says a new survey.
A quarter of UK companies have dismissed employees for internet misconduct.
And 40% of all complaints came from co-workers, a survey of more than 500 personnel managers found.
A total of 69% of dismissals were for workers surfing pornographic websites, according to the research published on Tuesday.
Nearly three quarters of firms questioned had deal......
[more] Global Secure Systems supplies security tools (including Websense) to protect both the corporate gateway (particularly the Internet, or other external network connections), and the individual PC (including the roaming laptop user and the desktop attached to the corporate network).
© Global Secure Systems, All rights reserved.
Search results for Websense from the main GSS Website
