zvelo is the provider of the most advanced URL Database for Web Categorization and Malicious Detection—designed for OEMs, device manufacturer’s, and Network Security vendors. zvelo’s content categorization engines power web filtering and parental controls, whitelists and blacklists for anti-virus companies, home network protection devices, and much more. By categorizing content into topic-based, objectionable, and malicious category groupings—zveloDB provides the most advanced malicious detection for advanced threat intelligence and cybersecurity.

9 Tips to Improve Security Against Mobile Phishing

9 Tips to Improve Your Organization’s Security Against Mobile Phishing Attacks

Estimated Reading Time: 11 minutes Over the past several years, there’s been a significant increase in mobile phishing attacks—particularly targeting enterprises. In this blog, we cover 9 tips and strategies to improve your security against mobile phishing attacks.

Secret To the Market's Most Accurate and Comprehensive Web Categorization Service

Secret to the Market’s Most Accurate and Comprehensive Web Categorization Service

Estimated Reading Time: 3 minutes Over many years or testing, trial and error, zvelo ultimately determined that a human-machine “hybrid” approach to classification produced the best outcomes. The Human element provided the verifications necessary for the highest levels of accuracy, while machines (ie. AI/ML models and calculations) provided the scaling necessary to deal with the incredible volumes of new URLs and content being published at an increasing rate.

Using DNS RPZ to Protect Against Malicious Threats

Using DNS RPZ to Protect Against Malicious Threats

Estimated Reading Time: 7 minutes As discussed in a previous blog, DNS RPZ provides IT teams and network administrators with a “DNS configuration layer”, or rewrite module, to effectively handle DNS responses with the open source domain name system software, BIND.

Malicious Cryptocurrency Mining, Cryptomining, Cryptojacking, Malmining

What is Malicious Cryptocurrency Mining?

Estimated Reading Time: 8 minutes First off, let’s make it clear that there is nothing inherently malicious about the act of cryptocurrency mining. Rather, over the past couple of years cybercriminals and bad actors have leveraged existing exploits and found unsecured hardware to implant Cryptocurrency Mining code and steal CPU/GPU cycles from computer owners and website visitors without their knowledge. These activities are what we refer to as “Malicious Cryptocurrency Mining”.

Advantages of DNS RPZ | How It Works

Advantages of RPZ: Basics & Common Configurations

Estimated Reading Time: 5 minutes Since the release of BIND 9 in 2010, RPZ has proven a powerful technology for security and network management—allowing organizations to implement an additional DNS configuration layer. In fact, BIND is the most widely used Domain Name System software on the internet—making RPZ configuration options like integrating commercial feeds, blocklists, and URL databases like zveloDB™ all the more attractive. So let’s take a moment to revisit the advantages of RPZ.

Content as the New Clickbait: The Battle against News & Politics

Politics and News: The Growing Trend of Content as the New Clickbait

Estimated Reading Time: 3 minutes Over the past decade, the use of “clickbait” ads has become the norm in order to entice viewers to click on the ad and drive traffic to a publisher. Web surfers have grown accustomed to seeing the same types of clickbait ads and sponsored stories like the ones shown below with sensational headlines about curing cancer, stopping aging, improving your sex life and more.

Base Domain vs. Full Path URL. What's the Difference?

Base Domain URL vs. Full Path URL. What’s the Difference?

Estimated Reading Time: 5 minutes For the average web surfer, the URL bar provides a magical portal to the interwebz where anything that can be thought of can be entered—revealing the treasures of the internet at the stroke of ‘enter’. For the rest of us, we know it gets much more complicated than that as we slip down the rabbit hole and into OSI, DNS, TLS, HTTPS, subdomains…

Securely Logging & Tracing HTTP Requests in Go | zvelo

Securely Logging & Tracing HTTP Requests in Go

Estimated Reading Time: 3 minutes I was recently debugging a nasty issue in one of our backend services and needed to view the exact HTTP request & response being sent to an authentication server. Fortunately, Go’s standard library provides http.RoundTripper, httputil.DumpRequestOut & httputil.DumpResponse, which are great for dumping the exact out-bound request & the response. But since an authentication request contains credentials and a response contains a security token, it would have been insecure to record credentials & tokens in our logging systems. How could I securely exfiltrate the information I needed, while maintaining security and not requiring a whole lot of changes to my codebase or deployment environment?