Websense Security Labs™ ThreatSeeker™ Network has detected that search results on office.microsoft.com can lead users to a Rogue AV page.

Users looking for information related to help with Office products on Microsoft’s own site are being targeted. Users may be unaware that, when they type in search queries on the site, Microsoft scours its own Web site for results, but also pulls in results from the broader Web. Because the URL for the search results begins with http://office.microsoft.com, this is particularly troubling for users who trust sites simply because of their reputation.

To view the details of this alert Click here

Websense Security Labs(TM) ThreatSeeker(TM) Network has detected that the Fox Sports site has been compromised and injected with malicious code. Fox Sports is a division of the Fox Broadcasting Company. It specializes in the latest sports news and world sports updates. Fox Sports has an Alexa ranking of 330.

Our research shows that the site has been injected with two pieces of malicious code. One of them is the latest Gumblar campaign, and the other redirects individuals to a malicious Web site, whose link was unreachable at the time of this alert.

The ThreatSeeker Network has detected that thousands of Web sites have been compromised by the latest Gumblar campaign. The Gumblar page is highly obfuscated. After deobfuscation, the page uses PDF and Flash exploits to run malware in order to control a victim's computer. In addition, a piece of VBScript is executed to download malware.

Websense Messaging and Websense Web Security customers are protected against this attack.

To view the details of this alert Click here

Websense Security Labs(TM) ThreatSeeker(TM) Network has discovered that Google top searches on "Brittany Murphy death" will return rogue AV Web sites. Users will be redirected to malicious domains if they click the matches with a referrer from search engines like Google. The malicious domains try everything to convince people that they are real AV software Web sites, so that users download and execute the fake software offered. To view the details of this alert Click here

Websense Security Labs(TM) ThreatSeeker(TM) Network has discovered that the Koobface malware campaign is now using a Christmas theme. Recent developments by Koobface have included use of Google Reader.

The Koobface Web site offers a video posted by 'SantA'. The usual ruse of requiring a codec to watch the video is used, to encourage the user to install and run a file called setup.exe (SHA1:a2046fc88ab82abec89e150b915ab4b332af924a). This file is currently detected by 16 out of 41 antivirus products according to VirusTotal. To view the details of this alert Click here

Websense® Security Labs(TM) ThreatSeeker(TM) Network has discovered a new wave of malicious email attacks claiming to be a password reset confirmation from Facebook. The From: address on the messages is spoofed using support@facebook.com to make the messages believable to recipients. The messages contain a .zip file attachment with an .exe file inside. The .exe file currently has a detection rate of about 30 percent on VirusTotal. Our ThreatSeeker?Network has seen up to 90,000 of these messages sent out so far today. To view the details of this alert Click here

Websense Security Labs(TM) ThreatSeeker(TM) Network has detected that Google searches on terms related to Google Wave return results that lead to a rogue antivirus. Google Wave is the much talked-about, latest API hitting the collaboration scene today.

There's a lot of hype about the launch of Google Wave, not only because of the 'new' things it offers but also because Google invited only 100,000 lucky users to test the service. With that said, it's no surprise that users are enticed to this new application. Unfortunately, it's also no surprise that the bad guys are using this hype to manipulate search results.

To view the details of this alert Click here