Advanced threat and exploit detection is critical to cybersecurity and network defense. zvelo’s Malicious Detection capabilities empower MSSPs, ISPs, TELCOs, network security providers, and VARs to provide world-class protection. Gain advanced insight with the most accurate URL database for malicious exploit detection to better understand the cyber threat landscape. Categories include Command and Control, Malware, Spyware, Spam URLs, Cryptocurrency Mining, Phishing and Fraud, and more. Read more about malicious detection.
There have been two notable botnets that have cost online advertisers millions of dollars in advertising click fraud in recent weeks. The first botnet, Bamital, was taken down by Microsoft and Symantec in February. A second botnet was later identified and dubbed Chameleon by Spider.io, a security company that specializes in analyzing web traffic. Since zvelo is also in the business of analyzing and categorizing web content viewed by actual users, this story resonated hard with zveloLABS.
I received an email seemingly from PayPal informing me that access to my account has been limited. It threw me off because I received this at my work email, which is not registered with PayPal. I immediately wondered if my account got hacked.
zveloLABS® has reported statistics and trends about the most visited types of malicious URLs by the international end users of zvelo’s technology partners. These OEM Partners include well over 100 of the world’s leading service providers, UTM and gateway appliance vendors, web filtering and parental controls solutions software makers, online advertising and brand safety technology providers, web analytics firms and many more. The data sample was extracted from actual URLs queried to and contextually categorized by the zveloNET® cloud systems during Q3 of 2012, and numbered in the tens of millions, yet far from the billions of non-malicious queries seen daily. The findings, statistics and trends shed new light on the seriousness, frequency, and negative consequences of compromised (hacked) websites hosted worldwide, and more importantly, accentuates the importance of adequate web filtering and network security.
This is the second and final recap of the ROOTCON 2012 annual hacker conference and information security gathering, which zveloLABS had the opportunity of attending. Following are additional highlights that deserve to be shared instead of being tucked away in my personal notebook.
Malware authors are quickly exploiting the vulnerabilities of IPv6 as more and more websites support the new communications protocol. Nefarious IPv6 tools exist that can be used for malicious online activity, even if the tools are intended to facilitate communication between the IPv6 and IPv4 protocols
zveloLABS detected a suspicious-looking email purporting to come from the Electronic Federal Tax Payment System (EFTPS) of the U.S. Treasury Department. This email is fraudulent and claims that “Your Federal Tax Payment ID has been rejected.” The payment rejection is falsely attributed to the use of an invalid identification number. Here is an example of the actual phishing email (see image 01), followed by some observations that should raise red flags about its validity.
The recent crackdown on well-known Torrent services, aided by Internet Service Providers, has led to the increasing use of anonymizers. As the name implies, anonymizers allow for anonymous web browsing and are used by end users to bypass restrictions or blocks to web content. Anonymizers are proxy services, or “proxies,” that receive and execute web requests on behalf of the user, making online activity untraceable. It is the untraceable aspect of anonymizers that has caught the attention of the underground community.
With the increasing complexity of threats appearing on the Internet, coupled with the rapid development of security products designed to mitigate them, the number of phishing-based attacks have grown. In the first half of 2011 and compared to the second half of 2010, the Anti-Phishing Working Group (APWG) reported a 62% increase in unique phishing attacks worldwide in 200 top-level domains (TLDs).1 This trend warrants swift action to address the growing threat.
The 2011 Anti-Phishing Working Group (APWG) eCrime Researchers Summit, out of San Diego, California, moved fast with a number of interesting presentations and fascinating people. The APWG is a non-profit global pan-industrial and law enforcement association focused on eliminating the fraud, crime and identity theft that results from phishing, pharming, malware and e-mail spoofing of all types. The eCrime Researchers Summit brings together malware researchers, counter-eCrime developers and responders, and includes the 2011 Fall General Meeting. Here are some highlights from the event.
In mid-September of 2011, I had the privilege of attending a SOPHOS seminar titled, “Anatomy of an Attack – How Hackers Threaten your Security,” hosted by Chester Wisniewski, a highly regarded Senior Security Advisor and frequent contributor to the award-winning Naked Security blog.
