The threat landscape continues to evolve—individual and state-backed hackers and agencies become increasingly emboldened to compromise websites and servers, steal CPU cycles for cryptocurrency mining, embark on social engineering efforts to find backdoors, and sway public opinion through fake news and other measures. zvelo provides the most advanced URL/IP categorization database for web filtering, whitelists and blacklists, and residential and business protections against bad actors and malicious online behavior. Explore zvelo’s Cybersecurity and threat intelligence data feeds for industry leading malicious and phishing exploit detection and the most advanced cyber threat intelligence available to OEMs and device manufacturers.
I got my hands on a copy of a Northwestern University research paper titled “Evaluating Android Anti-malware against Transformation Attacks.” After digging into it, my zveloLABS colleagues and I decided to conduct an experiment of our own based on the information provided in the research paper.
A renewed sense of urgency to secure information, networks and electronic devices in order to thwart advanced hacking techniques loomed over the 2013 RSA conference floor in San Francisco. The harsh realization that traditional security measures simply don’t cut it anymore was confirmed by various keynotes and casual hallway conversations between peers.
Following reports of cyber-attacks targeting the New York Times in January of 2013, a secretive legal review of the powers available to the president of the United States has brought to light the option of launching preventive cyber-attacks should credible evidence indicating an impending threat against the United States surface. In this context the United States reserves the right to use cyber weaponry with or without an existing state of war. While rhetoric concerning the growth of cyber threats has grown more prominent in the last three years, this is the first instance that a state has been reported to view cyber-instruments as a “preventive” or “deterrent” option. Though heavy investments have been made in the past years, there is no empirical evidence that demonstrates that the United States intends to utilize its cyber-capabilities as announced.
News that the European Internet authority RIPE is down to its last block of IPv4 addresses escalates the importance of supporting IPv6. Within a few years, IPv4 addresses will become expensive or impossible to acquire for new businesses or for expanding service providers.
This is the second and final recap of the ROOTCON 2012 annual hacker conference and information security gathering, which zveloLABS had the opportunity of attending. Following are additional highlights that deserve to be shared instead of being tucked away in my personal notebook.
zveloLABS® recently had the opportunity to attend ROOTCON 2012, an annual hacker conference and information security gathering, that was held in Cebu City, Philippines. The organizer line-up was interesting and quite varied. Attendees came from government, private and academic sectors. Following is part one of two recaps about this insightful event.
Malware authors are quickly exploiting the vulnerabilities of IPv6 as more and more websites support the new communications protocol. Nefarious IPv6 tools exist that can be used for malicious online activity, even if the tools are intended to facilitate communication between the IPv6 and IPv4 protocols
zveloLABS detected a suspicious-looking email purporting to come from the Electronic Federal Tax Payment System (EFTPS) of the U.S. Treasury Department. This email is fraudulent and claims that “Your Federal Tax Payment ID has been rejected.” The payment rejection is falsely attributed to the use of an invalid identification number. Here is an example of the actual phishing email (see image 01), followed by some observations that should raise red flags about its validity.
At DEF CON 2012 in Las Vegas I sat through a presentation titled “Owning One to Rule them All,” hosted by penetration testers Dave Kennedy and Dave DeSimone. They discussed a recent penetration test that utilized Microsoft Systems Center Configuration Manager (MSCCM) to gain access to essentially an entire network of computers. MSCCM is intended to streamline the management of multiple devices – desktops, laptops, smartphones and tablets – within IT infrastructures. While a tool like MSCCM may seem convenient, granting too many administrative features can lead to more serious network security headaches, including breaches.
Imagine for a second you were presented with a superhuman baby having the ability to learn and retain vast amounts of information. We’ll make it a girl super baby as a tribute to fem-heroes of comic book past. Now, what if on your shoulders lays the opportunity to raise her up and teach her the sum of all human knowledge that ever existed? Like every good mentor, you watch her closely making sure her misunderstandings and confusions are always kept checked, corrected, and resolved. You take pride in how accurate she becomes and are quick to reply “Bring it!” to anyone who wants to test her knowledge. Here at zvelo this what-if situation is a reality and I’d like to share with you the experience of training and working with an intelligent being day after day.