Blue Coat – Blue Coat Security Lab

Blue Coat Security Lab

Blue Coat Web Security solutions deliver complete threat protection, granular control and actionable intelligence without compromising network performance.

Today, organizations are facing new infrastructure and communications models, the proliferation of mobile devices and a rapidly evolving threat landscape. With on-premise appliances, an Internet-delivered service and a hybrid offering that combines the best of both, Blue Coat gives businesses the flexibility to deploy the solution that best meets their location and user-specific requirements and budget needs. Across its Web Security solutions, Blue Coat delivers consistent policy, proactive threat protection and unified reporting for all users regardless of location.

The Latest from Our Security Blog

Big Fake-AV Attack Still Going Strong

May 18, 2012 - By Chris Larsen

I took another quick look yesterday to monitor how we're doing in identifying new sites and servers in the big Fake-AV attack that we blogged about twice in April. The analysts have been keeping an eye out for them, and Maria sent me some this week. Here is a closer look at two of them:

Lazy Bad Guys

May 15, 2012 - By Chris Larsen

Near the end of April, shortly before taking off on a couple weeks of heavy travel, I was poking around in some of the sites involved in the big Fake-AV attack we blogged about a couple of times last month. One domain caught my eye because it showed up as a relay site (in this case, a hacked site being used as a relay to an attack site). When the attack site came up, I knew I had to grab a screenshot to share:

The Bad Guys Can't Shake WebPulse

May 1, 2012 - By Chris Larsen | Co-Authored By Jon Dinerstein

[A nice post from Dr. Jon in our internal blog a week ago, that deserves a larger audience. -- C.L.] The Bad Guys are well-known for rapidly changing domain names in an effort to avoid being blocked. They're like bank robbers fleeing the scene of a crime before the police can arrive -- they're betting that speed and recklessness will allow them to get away with the crime. Typically, the Bad Guys change domain names once every few hours to once every few days. However, there are some occassional examples that take me by surprise.

Security Blog Archive

Top 5 Points for Business

The Most Dangerous Activity

Searches put users at greatest risk.
Keep the Riffraff Out

Pornography, Placeholders, Phishing, Hacking, Online Games, and Illegal/Questionable categories should always be blocked.
Close the Doors

Malware hosting is often found within categories that are typically not blocked, such as Online Storage and Software Downloads.
Layer Up

A single layer of security will leave users vulnerable to malware.
Real Defense is Real Time

Dynamic malware requires a real-time defense for ultimate protection.

Bluecoat Security on Twitter

just finished reading Sophos whitepaper on Fake-AV evolution: http://t.co/lhjLvkBF -- good stuff!

18 May
mod up: great post from SecurityWeek looking at the black hat ecosystem behind Black Hole: http://t.co/bpVSJPKp

18 May
...and a complementary post from us, looking at the Fake-AV attack from a different angle: http://t.co/vPR4XzqW

18 May
mod up: nice blog post from sucuri on the big Fake-AV attack: http://t.co/jZ39HVJI

18 May
nice screenshot of a lazy-but-polite Bad Guy: http://t.co/4ZLxlr40

15 May

Security Lab

Blue Coat Security Lab

The Latest from Our Security Blog

Big Fake-AV Attack Still Going Strong

Lazy Bad Guys

The Bad Guys Can't Shake WebPulse

Top 5 Points for Business

The Most Dangerous Activity

Keep the Riffraff Out

Close the Doors

Layer Up

Real Defense is Real Time

Bluecoat Security on Twitter