zvelo is the provider of the most advanced URL Database for Web Categorization and Malicious Detection—designed for OEMs, device manufacturer’s, and Network Security vendors. zvelo’s content categorization engines power web filtering and parental controls, whitelists and blacklists for anti-virus companies, home network protection devices, and much more. By categorizing content into topic-based, objectionable, and malicious category groupings—zveloDB provides the most advanced malicious detection for advanced threat intelligence and cybersecurity.
Over many years or testing, trial and error, zvelo ultimately determined that a human-machine “hybrid” approach to classification produced the best outcomes. The Human element provided the verifications necessary for the highest levels of accuracy, while machines (ie. AI/ML models and calculations) provided the scaling necessary to deal with the incredible volumes of new URLs and content being published at an increasing rate.
As discussed in a previous blog, DNS RPZ provides IT teams and network administrators with a “DNS configuration layer”, or rewrite module, to effectively handle DNS responses with the open source domain name system software, BIND.
First off, let’s make it clear that there is nothing inherently malicious about the act of cryptocurrency mining. Rather, over the past couple of years cybercriminals and bad actors have leveraged existing exploits and found unsecured hardware to implant Cryptocurrency Mining code and steal CPU/GPU cycles from computer owners and website visitors without their knowledge. These activities are what we refer to as “Malicious Cryptocurrency Mining”.
Since the release of BIND 9 in 2010, RPZ has proven a powerful technology for security and network management—allowing organizations to implement an additional DNS configuration layer. In fact, BIND is the most widely used Domain Name System software on the internet—making RPZ configuration options like integrating commercial feeds, blocklists, and URL databases like zveloDB™ all the more attractive. So let’s take a moment to revisit the advantages of RPZ.
Over the past decade, the use of “clickbait” ads has become the norm in order to entice viewers to click on the ad and drive traffic to a publisher. Web surfers have grown accustomed to seeing the same types of clickbait ads and sponsored stories like the ones shown below with sensational headlines about curing cancer, stopping aging, improving your sex life and more.
For the average web surfer, the URL bar provides a magical portal to the interwebz where anything that can be thought of can be entered—revealing the treasures of the internet at the stroke of ‘enter’. For the rest of us, we know it gets much more complicated than that as we slip down the rabbit hole and into OSI, DNS, TLS, HTTPS, subdomains…
I was recently debugging a nasty issue in one of our backend services and needed to view the exact HTTP request & response being sent to an authentication server. Fortunately, Go’s standard library provides http.RoundTripper, httputil.DumpRequestOut & httputil.DumpResponse, which are great for dumping the exact out-bound request & the response. But since an authentication request contains credentials and a response contains a security token, it would have been insecure to record credentials & tokens in our logging systems. How could I securely exfiltrate the information I needed, while maintaining security and not requiring a whole lot of changes to my codebase or deployment environment?
Last week, we announced that we will be extending zveloDB™ URL categorization support to include eight (8) new categories. The new categories represent a number of emergent topics and threats including Cryptocurrency, Cryptocurrency Mining, Fake News, Terrorism, and more.
A growing social networking company required a highly granular and accurate website categorization feed to track, analyze, group user interests and behavior at scale in order to provide anonymous user-specific curated feed results and connections.
Recently, Digiday published an article about the “winners and losers” of the new EU ePrivacy law. As suspected, behavioral targeting is a clear loser due to its reliance on cookie-based targeting. The only winners mentioned seemed to be those outside of the realm of digital advertising.
