We Categorize the Web! zvelo is the industry-leading provider of web content categorization, malicious detection, and the zveloDB URL Database—helping antivirus vendors, web filtering providers, MSPs, CASBs, ISPs, Telcos, device manufacturers, ad tech companies, and others make the internet a safer place for all!

Malicious Cryptocurrency Mining, Cryptomining, Cryptojacking, Malmining

What is Malicious Cryptocurrency Mining?

First off, let’s make it clear that there is nothing inherently malicious about the act of cryptocurrency mining. Rather, over the past couple of years cybercriminals and bad actors have leveraged existing exploits and found unsecured hardware to implant Cryptocurrency Mining code and steal CPU/GPU cycles from computer owners and website visitors without their knowledge. These activities are what we refer to as “Malicious Cryptocurrency Mining”.

Advantages of DNS RPZ | How It Works

Advantages of RPZ: Basics & Common Configurations

Since the release of BIND 9 in 2010, RPZ has proven a powerful technology for security and network management—allowing organizations to implement an additional DNS configuration layer. In fact, BIND is the most widely used Domain Name System software on the internet—making RPZ configuration options like integrating commercial feeds, blocklists, and URL databases like zveloDB™ all the more attractive. So let’s take a moment to revisit the advantages of RPZ.

Content as the New Clickbait: The Battle against News & Politics

Politics and News: The Growing Trend of Content as the New Clickbait

Over the past decade, the use of “clickbait” ads has become the norm in order to entice viewers to click on the ad and drive traffic to a publisher. Web surfers have grown accustomed to seeing the same types of clickbait ads and sponsored stories like the ones shown below with sensational headlines about curing cancer, stopping aging, improving your sex life and more.

Base Domain vs. Full Path URL. What's the Difference?

Base Domain URL vs. Full Path URL. What’s the Difference?

For the average web surfer, the URL bar provides a magical portal to the interwebz where anything that can be thought of can be entered—revealing the treasures of the internet at the stroke of ‘enter’. For the rest of us, we know it gets much more complicated than that as we slip down the rabbit hole and into OSI, DNS, TLS, HTTPS, subdomains…

Securely Logging & Tracing HTTP Requests in Go | zvelo

Securely Logging & Tracing HTTP Requests in Go

I was recently debugging a nasty issue in one of our backend services and needed to view the exact HTTP request & response being sent to an authentication server. Fortunately, Go’s standard library provides http.RoundTripper, httputil.DumpRequestOut & httputil.DumpResponse, which are great for dumping the exact out-bound request & the response. But since an authentication request contains credentials and a response contains a security token, it would have been insecure to record credentials & tokens in our logging systems. How could I securely exfiltrate the information I needed, while maintaining security and not requiring a whole lot of changes to my codebase or deployment environment?

IoT Cybersecurity Reaches Tipping Point

IoT Cybersecurity Reaching Tipping Point

In an article on ITPro, Jeff Finn writes about how the state of IoT cybersecurity is reaching a tipping point, forcing IoT device manufacturers to work partners that excel at networking. “The writing on the wall for IoT device manufacturers is to get serious about security and develop fruitful channel partnerships with network technology providers.