Active Phishing Campaign Alert
Active Threat Alert: Protect against active phishing campaigns serving up personalized and uniquely randomized URL paths or subdomains.
Indicators of compromise (IOCs) are the pieces of evidence collected from a host system (e.g. laptops, servers, mobile phones), applications (e.g. databases), cloud-based capabilities or network when suspicious or malicious activities have been identified.
zvelo’s curated cyber threat intelligence data delivers rich metadata for highly contextualized malicious and phishing Indicators of Compromise and threat signals which can be easily integrated into existing security tools and platforms (including SIEM, SOAR, EDR, MDR, XDR, etc.), for deeper analysis and enrichment by cyber defenders and threat analysts.
Common Indicators of Compromise (listed in order from the easiest to assess to the most difficult) include file hashes, IP addresses, domain names, network/host artifacts, tools, and tactics, techniques, and procedures (TTPs). zvelo details how its threat detection feeds map to each of these IOCs within the Pyramid of Pain — a model cyber defenders use for Incident Response (IR) and threat hunting.
Threat Alert: Active USPS Phishing Attack
Threat Alert: zvelo’s PhishBlocklist identifies a very active USPS phishing attack using personalized URLs that target USPS customers.
zvelo Releases Predictive Phishing Detection
zvelo announced predictive phishing detection enhancements that will help cyber defenders to predict and block phishing campaigns.
Attacking IP Detection Enhances zvelo’s Threat Intelligence Solutions
zvelo’s attacking IP detections can be used to fend off Brute Force attacks launched against commonly attacked ports like SSH and FTP.
Honeypots: Baiting Attackers to Understand Your Adversary
Understand the danger of misconfigured and publicly exposed assets by using honeypots to bait adversaries and expose your attack surface.
Cobalt Strike Threat Trend Analysis
A Global Cobalt Strike activity trend analysis over Q1 of 2022 offers situational awareness into one of the most prevalent attack frameworks.
New Features Enhance zvelo’s Malicious Threat Detection
Zvelo Unveils New Features and Capabilities in its Malicious Threat Detection and Global Cyber Threat Intelligence
SysJoker Malware Threat Alert
SysJoker Threat Alert: zvelo protects clients against SysJoker, a cross-platform backdoor malware attack targeting Linux, Mac, and Windows.
Emotet’s Return Foreshadows Surge in Ransomware
Commonly used by eCrime groups like Wizard Spider, the return of Emotet foreshadows a potential surge in ransomware attacks.
Threat Alert: Log4j Vulnerability Update
Threat Update: The Log4j vulnerability continues to be actively exploited. Immediate action to update and monitor potentially impacted systems is advised.