The threat landscape continues to evolve—individual and state-backed hackers and agencies become increasingly emboldened to compromise websites and servers, steal CPU cycles for cryptocurrency mining, embark on social engineering efforts to find backdoors, and sway public opinion through fake news and other measures. zvelo provides the most advanced URL/IP categorization database for web filtering, whitelists and blacklists, and residential and business protections against bad actors and malicious online behavior. Explore zvelo’s Cybersecurity and threat intelligence data feeds for industry leading malicious and phishing exploit detection and the most advanced cyber threat intelligence available to OEMs and device manufacturers.
The Department of Justice this week announced and unsealed charges against eight individuals involved in a massive digital advertising fraud network. Led by the FBI with assistance from a number of companies in the cybersecurity and ad tech industries, “Operation Eversion”, as it has been dubbed, followed and seized infrastructure belonging to the “3ve” ad-fraud scam network.
An internationalized domain name (IDN) homograph attack is a method of deceiving computer users about the remote computer they’re communicating with. It exploits the fact that many characters are homographs, meaning they look alike. Homographs allow a malicious party to create an IDN that appears very similar to an established domain, which can then be used to lure users to the new website.
In a previous blog, we explored the important differences between base domains and full path URLs. In this post, we wanted to take a step back and cover the basics—the individual structural elements of a URL (Uniform Resource Locator).
As more and more companies are pursuing “Data as a service” or “DaaS” business models, we wanted to share our experiences on the DaaS business model, with a specific focus on the challenges of Intellectual Property Rights (IPR) protections for DaaS data.
Over the past several years, there’s been a significant increase in mobile phishing attacks—particularly targeting enterprises. In this blog, we cover 9 tips and strategies to improve your security against mobile phishing attacks.
Over the years, cybercriminals have deployed increasingly sophisticated scams to deceive users of payment processing systems—particularly small and medium sized business owners—into compromising their accounts by unknowingly divulging account credentials. Here’s an example of a recent phishing campaign from Fall 2018 targeting Stripe users.
This year for National Cybersecurity Awareness Month, we thought we’d take a look back at the original IPAD. No, not the popular tablet from Apple awaiting a design refresh—and leaving tech enthusiasts crawling through rumor sites. No, we’re referring to the Internet Protocol Adapter (IPAD)—the next-generation all-in-one security and gateway device for accessing Bulletin Board Systems and online services from the 1990’s.
A trend forming among newly identified phishing URLs shows bad actors sending fraudulent emails informing Apple ID users of outdated Apple ID information or problems with billing. The emails and internal links attempt to deceive Apple ID users into “verifying” account information. When the user proceeds to log in, the form handing over access credentials to their accounts.
As discussed in a previous blog, DNS RPZ provides IT teams and network administrators with a “DNS configuration layer”, or rewrite module, to effectively handle DNS responses with the open source domain name system software, BIND.
First off, let’s make it clear that there is nothing inherently malicious about the act of cryptocurrency mining. Rather, over the past couple of years cybercriminals and bad actors have leveraged existing exploits and found unsecured hardware to implant Cryptocurrency Mining code and steal CPU/GPU cycles from computer owners and website visitors without their knowledge. These activities are what we refer to as “Malicious Cryptocurrency Mining”.