Once you see this vulnerability in action, it’s easy to imagine how easily devices can be exploited. Simple vulnerability hacks and tactics such as this can be used in coordination with home routers, smart speakers, video surveillance equipment, and much more to create havoc.
The threat landscape continues to evolve—individual and state-backed hackers and agencies become increasingly emboldened to compromise websites and servers, steal CPU cycles for cryptocurrency mining, embark on social engineering efforts to find backdoors, and sway public opinion through fake news and other measures. zvelo provides the most advanced URL/IP categorization database for web filtering, whitelists and blacklists, and residential and business protections against bad actors and malicious online behavior. Explore zvelo’s Cybersecurity and threat intelligence data feeds for industry leading malicious and phishing exploit detection and the most advanced cyber threat intelligence available to OEMs and device manufacturers.
Like rabbits, ransomware seems to multiply at a prodigious rate. The newest strain causing widespread damage dubbed Bad Rabbit, due to the TOR hidden service it directs victims to visit, appears to be based on the Petya ransomware and its’ variants, according to Cisco Talos. The campaign seems to have largely targeted Russia and Eastern Europe.
What’s Reaper? Reaper (a.k.a IotTroop) is the latest botnet threat which is specifically targeting IoT vulnerabilities. With over 1.2 million devices already impacted, Reaper is the the largest IoT bot attack to date and continuing to grow rapidly. Using multiple C2’s, each with 10s of thousands of unique active IPs daily, Reaper is gaining momentum with each new device it exploits.
zvelo Instant Protection (zIP) is a new feature designed to provide fast, up-to-the-minute updates on important category changes and real-time protection from newly identified blockable (adult, porn, hate, criminal, etc.) and malicious (malware, spyware, phishing, compromised, etc.) URLs.
The introduction of voice-activated smart home solutions – like Amazon Echo and Dot, Google Home, and Apple’s HomePod
It seems very strange that in the year 2017 (approximately 20 years from when the commercial use of the Internet first became possible), we are still dealing with email spam with no end in sight. There are many solutions now available in the industry that can be placed in various locations…
In this week’s Embedded Insiders podcast, Rich Nass and Brandon Lewis welcome Jeff Finn, CEO of data categorization and security firm zvelo.
Two large annual security conferences are taking place in Las Vegas this week and I will be attending the second one. The first one, Black Hat, is primarily targeted at corporate audiences and sponsorships with well-known industry leaders and vendors supporting and attending the conference year after year.
By Eric Watkins, Senior Malicious Detection Researcher at zvelo This week, a new security vulnerability subject to remote attack, known as Devil’s Ivy, is targeting the C++ library used by thousands of different IoT device vendors. The most popular devices being compromised are IoT video cameras; however, the associated risk is not limited to video…
Earlier this week, over 14 million Verizon customers had sensitive user data associated with their Verizon accounts released into the wild. A third-party vendor had stored the database on an improperly secured cloud server. While this unsecured server was located in the Amazon Web Services (AWS) cloud, the data breach was determined to be a result of human error on the contractor’s part, not any inherent security vulnerability in the AWS cloud.