Over the years, cybercriminals have deployed increasingly sophisticated scams to deceive users of payment processing systems—particularly small and medium sized business owners—into compromising their accounts by unknowingly divulging account credentials. Here’s an example of a recent phishing campaign from Fall 2018 targeting Stripe users.
The threat landscape continues to evolve—individual and state-backed hackers and agencies become increasingly emboldened to compromise websites and servers, steal CPU cycles for cryptocurrency mining, embark on social engineering efforts to find backdoors, and sway public opinion through fake news and other measures. zvelo provides the most advanced URL/IP categorization database for web filtering, whitelists and blacklists, and residential and business protections against bad actors and malicious online behavior. Explore zvelo’s Cybersecurity and threat intelligence data feeds for industry leading malicious and phishing exploit detection and the most advanced cyber threat intelligence available to OEMs and device manufacturers.
This year for National Cybersecurity Awareness Month, we thought we’d take a look back at the original IPAD. No, not the popular tablet from Apple awaiting a design refresh—and leaving tech enthusiasts crawling through rumor sites. No, we’re referring to the Internet Protocol Adapter (IPAD)—the next-generation all-in-one security and gateway device for accessing Bulletin Board Systems and online services from the 1990’s.
A trend forming among newly identified phishing URLs shows bad actors sending fraudulent emails informing Apple ID users of outdated Apple ID information or problems with billing. The emails and internal links attempt to deceive Apple ID users into “verifying” account information. When the user proceeds to log in, the form handing over access credentials to their accounts.
As discussed in a previous blog, DNS RPZ provides IT teams and network administrators with a “DNS configuration layer”, or rewrite module, to effectively handle DNS responses with the open source domain name system software, BIND.
First off, let’s make it clear that there is nothing inherently malicious about the act of cryptocurrency mining. Rather, over the past couple of years cybercriminals and bad actors have leveraged existing exploits and found unsecured hardware to implant Cryptocurrency Mining code and steal CPU/GPU cycles from computer owners and website visitors without their knowledge. These activities are what we refer to as “Malicious Cryptocurrency Mining”.
Since the release of BIND 9 in 2010, RPZ has proven a powerful technology for security and network management—allowing organizations to implement an additional DNS configuration layer. In fact, BIND is the most widely used Domain Name System software on the internet—making RPZ configuration options like integrating commercial feeds, blocklists, and URL databases like zveloDB™ all the more attractive. So let’s take a moment to revisit the advantages of RPZ.
Particularly with the proliferation of IoT devices—network security has grown increasingly porous—leaving gaping holes. zvelo is working with router and gateway manufacturers to provide an IoT Security Platform that dynamically and actively profiles and monitors ALL network-connected devices—giving you complete network visibility to improve security for customer networks.
In a recent article published by IT Briefcase—zvelo Security Analyst, Louis Creager, outlined and describes one of the most prominent trends threatening router networks around the world. Ubiquitous as they are in our households, relatively few consumers are conscious of the firmware running on their home router
One of the largest security gaps in 2018—one that leaves devices open to malware, botnets, and use in DDoS attacks—is the lack of commitment from router and gateway manufacturers. But what is the incentive for OEMs to build the infrastructure and systems to maintain and update device firmware even after just a few years?
In an article on ITPro, Jeff Finn writes about how the state of IoT cybersecurity is reaching a tipping point, forcing IoT device manufacturers to work partners that excel at networking. “The writing on the wall for IoT device manufacturers is to get serious about security and develop fruitful channel partnerships with network technology providers.