Making the Internet Safer and More Secure. zvelo provides industry-leading cyber threat intelligence and URL classification data services. zvelo’s proprietary AI-based threat detection and categorization technologies, combines curated domains, threat and other data feeds, with the clickstream traffic from its global partner network of 600+ million users and endpoints to provide unmatched visibility, coverage, reach and accuracy. zvelo powers applications and solutions for the world's leading providers of web filtering, endpoint detection and response (EDR), managed detection and response (MDR), Secure Access Service Edge (SASE), brand safety and contextual targeting, cyber threat intelligence platforms, threat analysis, and more.

How Excessive Admin Features Can Lead to Security Headaches

At DEF CON 2012 in Las Vegas I sat through a presentation titled “Owning One to Rule them All,” hosted by penetration testers Dave Kennedy and Dave DeSimone. They discussed a recent penetration test that utilized Microsoft Systems Center Configuration Manager (MSCCM) to gain access to essentially an entire network of computers. MSCCM is intended to streamline the management of multiple devices – desktops, laptops, smartphones and tablets – within IT infrastructures. While a tool like MSCCM may seem convenient, granting too many administrative features can lead to more serious network security headaches, including breaches.

Raising AutoCat: Web Analysts Role in zvelo Categorization Accuracy

Imagine for a second you were presented with a superhuman baby having the ability to learn and retain vast amounts of information. We’ll make it a girl super baby as a tribute to fem-heroes of comic book past. Now, what if on your shoulders lays the opportunity to raise her up and teach her the sum of all human knowledge that ever existed? Like every good mentor, you watch her closely making sure her misunderstandings and confusions are always kept checked, corrected, and resolved. You take pride in how accurate she becomes and are quick to reply “Bring it!” to anyone who wants to test her knowledge. Here at zvelo this what-if situation is a reality and I’d like to share with you the experience of training and working with an intelligent being day after day.

Use of Web Anonymizers to Hide Illegal Online Activity on the Rise

The recent crackdown on well-known Torrent services, aided by Internet Service Providers, has led to the increasing use of anonymizers. As the name implies, anonymizers allow for anonymous web browsing and are used by end users to bypass restrictions or blocks to web content. Anonymizers are proxy services, or “proxies,” that receive and execute web requests on behalf of the user, making online activity untraceable. It is the untraceable aspect of anonymizers that has caught the attention of the underground community.

IWF Releases 2011 Annual Report – Shocking Statistics

The Internet Watch Foundation (IWF), now in its 16th year of combatting some of the worst online criminal content, has released its 2011 Annual and Charity Report. In it, the IWF disclosed some alarming trends and statistics about the proliferation of child sexual abuse images online. The IWF also noted significant successes in combatting this inappropriate type of web content, as detailed in the following excerpts.

Brand Safety a Top Priority for Online Advertisers

Brand safety is one of the most important metrics of success for online advertisers. Ad placements on inappropriate web pages can negatively impact brand appeal, leading to lost revenue. PR nightmares will also erupt if ads are delivered onto malicious or compromised websites, which tend to frequently go online and offline. Publishers and online advertising delivery vendors are challenged with addressing the brand safety demand head on, and while some entities have stepped up through noted technological innovation, others still lag in winning over advertiser sentiment.

Protecting Business Networks From Drive By Spam Attacks

”Drive by” spam attacks are a growing business network security risk, affecting those who open emails containing a malicious script that downloads malware to the user’s PC that ultimately infects the company’s network. These emails don’t always include an attachment. Some HTML-based varieties are reported to be activated with the mere opening of an email and nothing more.

Google Wallet Security: Rooted Device Vulnerabilities…

Much has been said in the last few days about the security of the Android platform in general and Google Wallet specifically. One frequent question that has been asked of the Google Wallet PIN vulnerability we found is “should the average consumer be concerned about mobile device exploits that require root privileges?” The unfortunate answer is “yes.” The reason is that while it is true that this PIN vulnerability requires root privileges to succeed, it does not require that the device be rooted previously.