Websense discovers Javascript attack.

Websense, Inc. announced that the Websense(R) Security Labs(TM) researchers were the first to discover that hundreds of thousands of legitimate Web sites with "good" reputations, including some United Nations and UK Government Web sites, have been compromised with a massive Javascript injection attack aimed at stealing user information. Websense Web security customers and their essential information were immediately protected.

This attack method highlights a growing number of attacks that take advantage of the flaws in traditional security that relies on signatures and Web reputation to protect customers. By infecting hundreds of thousands of well-trafficked, well known Web sites simultaneously, attackers only need a window of a few hours to get a large number of potential victims. Web users and organizations without real-time protection are vulnerable. Websense, with its global Websense ThreatSeeker(TM) Network, which includes the world's first Internet "HoneyGrid" that discovers and analyzes billions of disparate pieces of Internet content every day, rapidly identifies newly infected sites as they are compromised and often even before they are compromised, protecting customers and their essential information in real-time. This well-orchestrated, widespread attack appears to be from the same group that launched a similar one in March 2008 in which tens of thousands of well known Web sites were infected with malicious links, and due to noted similarities in attack method, the group may be connected to the Dolphin Stadium Super Bowl compromise of 2007. In the current attack, in addition to the thousands of new Web sites that have been targeted, the group is also using previously compromised Web sites from the March attack that have not been cleaned to host the malicious code. "This attack seeks to exploit users who trust that their favorite, legitimate Web sites are safe," said Websense. "Unfortunately, we believe that attacks that target popular Web sites--those with the most unique visitors--will be on the rise. In this rapidly changing threat environment, organizations must have Web security that can adapt to threats in real-time."

The Websense ThreatSeeker Network adaptive security technologies and processes are designed to continuously monitor the Internet for changes and emerging threats. The resulting intelligence is immediately incorporated into the company's Web security, email security and data loss prevention solutions. As a result, Websense is able to adapt to the rapidly changing Internet at speeds not possible by traditional security solutions and basic Web filtering solutions.

Details of the threats Websense recently discovered can be accessed on the Websense Security Labs Web site at www.websensesecuritylabs.com.