Advanced threat and exploit detection is critical to cybersecurity and network defense. zvelo’s Malicious Detection capabilities empower MSSPs, ISPs, TELCOs, network security providers, and VARs to provide world-class protection. Gain advanced insight with the most accurate URL database for malicious exploit detection to better understand the cyber threat landscape. Categories include Command and Control, Malware, Spyware, Spam URLs, Cryptocurrency Mining, Phishing and Fraud, and more. Read more about malicious detection.
Static HTML websites are becoming increasingly rare, and nowadays sites pack quite the punch. We’ve grown accustomed to photo and video slideshows, widgets, feeds, social network integrations, and other dynamic elements. Websites come overloaded with media, are more interactive, and the content can vary dramatically from page-to-page and can differ even more between end-users or browsing sessions. Much of the content is pulled in dynamically from external sources and most of us fuel the Internet’s growth by creating and uploading content of our own daily and at extremely high upload rates. Making sense of it all can be quite the challenge for technology vendors “needing to know” and following are insights into zvelo’s content categorization approach.
Once again, zveloLABS participated in the 2013 ROOTCON annual hacker conference and security gathering in Cebu City, Philippines. It aims to share best practices and technologies through talks by qualified speakers and demos of exciting hacks, tools, tips, and more.
The Anti-Phishing Working Group (APWG) released their quarterly Phishing Attack Trends Report for the first quarter of 2013. Payment Services were reported as the most phished industry sector, followed by Financial Services.
I got my hands on a copy of a Northwestern University research paper titled “Evaluating Android Anti-malware against Transformation Attacks.” After digging into it, my zveloLABS colleagues and I decided to conduct an experiment of our own based on the information provided in the research paper.
The Dow Jones Industrial Average recently dropped by about 145 points and the S&P 500 index lost $136.5 billion dollars in value after a tweet from the Associated Press claimed that an explosion had taken place in the White House and that President Obama was injured. The tweet turned out to be false and stemmed from a hacked Associated Press Twitter account. The precedent has been set for us to take a long, hard and uncomfortable look at the challenges we face when relying on automated trading systems that gauge and react to public sentiment and that end with drastic results.
There have been two notable botnets that have cost online advertisers millions of dollars in advertising click fraud in recent weeks. The first botnet, Bamital, was taken down by Microsoft and Symantec in February. A second botnet was later identified and dubbed Chameleon by Spider.io, a security company that specializes in analyzing web traffic. Since zvelo is also in the business of analyzing and categorizing web content viewed by actual users, this story resonated hard with zveloLABS.
This is the second and final recap of the ROOTCON 2012 annual hacker conference and information security gathering, which zveloLABS had the opportunity of attending. Following are additional highlights that deserve to be shared instead of being tucked away in my personal notebook.
Malware authors are quickly exploiting the vulnerabilities of IPv6 as more and more websites support the new communications protocol. Nefarious IPv6 tools exist that can be used for malicious online activity, even if the tools are intended to facilitate communication between the IPv6 and IPv4 protocols
zveloLABS detected a suspicious-looking email purporting to come from the Electronic Federal Tax Payment System (EFTPS) of the U.S. Treasury Department. This email is fraudulent and claims that “Your Federal Tax Payment ID has been rejected.” The payment rejection is falsely attributed to the use of an invalid identification number. Here is an example of the actual phishing email (see image 01), followed by some observations that should raise red flags about its validity.
The recent crackdown on well-known Torrent services, aided by Internet Service Providers, has led to the increasing use of anonymizers. As the name implies, anonymizers allow for anonymous web browsing and are used by end users to bypass restrictions or blocks to web content. Anonymizers are proxy services, or “proxies,” that receive and execute web requests on behalf of the user, making online activity untraceable. It is the untraceable aspect of anonymizers that has caught the attention of the underground community.
