Contact Us

1 (800) 723-1166 |



Carbanak Group uses Google for Malware Command-and-Control

Forcepoint Security Labs™ recently investigated a trojanized RTF document which we tied to the Carbank criminal gang. The document contains an encoded Visual Basic Script (VBScript) typical of previous Carbanak malware. Recent samples of the malware have now included the ability to use Google services for command-and-control (C&C) communication. We have notified Google of the abuse and are working with them to share additional information.

Vulnerability In Google Chrome's Default PDF Reader - CVE-2016-1681

Details of a new vulnerability affecting Google Chrome's default PDF reader "PDFium" have been disclosed. The vulnerability affects Google Chrome versions below 51.0.2704.63 and could allow for arbitrary code execution. Aleksandar Nikolic of Cisco Talos discovered the vulnerability which was reported to Google on May 19, 2016 and fixed just one day later. The CVE number CVE-2016-1681 has been assigned for this vulnerability. A patched version of Chrome (51.0.2704.63) became available in a stable version on May 25, 2016.

London Olympics Search Results Lead to Objectionable Sites

We’ve previously blogged about Olympic ticket scamsphishingmalware designed to propagate through social networking, and other 

Buyers beware—of Olympic scams

Shady ticket deals for the 2012 London Olympics? Hardly surprising. But when the source is Google's famous AdWords advertising service—one of the internet giant's main sources of income—then a double take might be in order.

Online shops and robots.txt help to leak personal data

Two major data leaks occurred in Russia over the past several days.  Short Message Service (SMS) text messages and personal Information about people who ordered goods from Russian and Ukranian online shops (including sex shops) have been available for public viewing.  Last week approximately 8000 private SMS messages sent from the Russian mobile network online service MegaFon were indexed by search engines.  

Instant Exploits?

Google announced a number of new technologies as part of their Google Inside Search Launch (

Instant Exploits?

Earlier today, Google announced a number of new technologies as part of their Google Inside Search Launch ( One of the more interesting is their idea to speed up the Web with something called "Instant Pages." The basic idea is that they are taking their ability to correctly guess what a user is going to search on, and pre-loading the content from the origin server onto your local machine. Apparently, this only works with the Chrome browser.

Instant Previews: A Pawn for Malicious Intent

Ever noticed a magnifying glass next to your Google search results lately?  It is actually a new service that Google launched last week called Instant Previews.  This service allows users to see what a page looks like before going to it by hovering or clicking the magnifying glass next to the Google search results.  

Keep Social Networking a Boon Not a Bust

One could argue that the impact of social networking sites on the business world today rivals significant technological changes that occurred in the industrial revolution.

Websense Insight: The Route to Malware

How many clicks does it take to get to the malicious code of an infected website? Surprisingly, the answer is usually, just two.