The threat landscape continues to evolve—individual and state-backed hackers and agencies become increasingly emboldened to compromise websites and servers, steal CPU cycles for cryptocurrency mining, embark on social engineering efforts to find backdoors, and sway public opinion through fake news and other measures. zvelo provides the most advanced URL/IP categorization database for web filtering, whitelists and blacklists, and residential and business protections against bad actors and malicious online behavior. Explore our network security solutions, cyber threat map, and malicious exploit detection offerings for the most advanced threat intelligence available to OEMs and device manufacturers.

The Magnitude of the Breach

The Magnitude of the Breach On Thursday, June 4, it was announced that there was a large breach of the Office of Personnel Management (OPM) of the federal government. The Chinese are fingered in the breach, in which about 4 million people’s records were lost in the attack, and the Chinese government denied being responsible,…

Crowdsourced Security for Web Threat Intelligence

If we have a thousand monkeys typing away on a thousand typewriters, surely they can produce great works of literature – or so goes the popular adaptation of the Infinite Monkey Theorem. But in the context of information security, a similar idea has been taking shape in past few years. Crowdsourced security, leveraging on input from a host of geographically dispersed systems, is slowly gaining ground as a means to provide actionable threat intelligence for both the public and private sectors.

To WWW or Not to WWW? – zvelo categorization

If one performs the search “use www or not,” well over a billion results in many of the most popular search engines are returned. The focus of each result may differ. For zvelo, the usage is irrelevant because its contextual categorization processes are designed to identify and handle each component of a URL. At a simplistic view, the basic components of a URL are the following:

Thoughts on Secure Programming, Education and BYOD

Recent events serve as the best example of how the context of security has shifted from the once server-centric model to that of a decentralized threat landscape. From the Heartbleed attacks to the widespread Internet Explorer vulnerabilities and finally the sensationalized OAuth issues, it appears that even organizations with a hardened perimeter infrastructure are just as vulnerable as an end-user at home.

Full Path URL Content Classification

Given the dynamic nature of the majority of today’s websites, categorization at the full path URL versus the base domain is superior and now required. Parts of a website include the top-level domain (.com, .org, etc.), the base domain (example.com), sub-domain (subdomain.example.com) or sub-path (example.com/page). When categorizing content, it is highly important to recognize exactly what is being classified within a website because content can differ dramatically across full path URLs.