Network Security, Malicious Threats, and Common Computer Definitions
We’ve put together this glossary of cyber threat definitions as a resource for you in your quest to help make the internet a safer place for all!
Malicious websites host viruses, exploits and other malware, or are used to phish for sensitive information.
Custom Categories for Web Filtering, Parental Controls, Digital Advertising, & More…
Category mappings provide flexibility and customization of URL categorization data—delivering advanced control for web filtering, parental controls, brand safety, ad fraud prevention, as well as other applications digital advertising, and more…
Advantages of RPZ: Basics & Common Configurations
Since the release of BIND 9 in 2010, RPZ has proven a powerful technology for security and network management—allowing organizations to implement an additional DNS configuration layer. In fact, BIND is the most widely used Domain Name System software on the internet—making RPZ configuration options like integrating commercial feeds, blocklists, and URL databases like zveloDB™ all the more attractive. So let’s take a moment to revisit the advantages of RPZ.
Phishing Websites Detected by zvelo
Prior to this blog post, zveloLABS published a phishing URL alert about fake Apple account verification websites. Now, zvelo’s team of engineers and researchers has unearthed a new phishing attack campaign using fraudulent Facebook log-in sites.
WaterHole Attacks – Compromised Websites
Instances of large-scale compromises of both private industry and public institutions in 2013 prompted a flurry of activity among security researchers to identify emerging and established threats. Commonly identified as Advance Persistent Threats (APTs), this phenomenon is expected to continue well into the foreseeable future. Fundamental to the spread of these threats is one of their foremost methods of propagation – a water hole attack.
Phishing Website Alert: Fake My Apple ID Account Verification URL
zveloLABS discovered a phishing website masquerading as an account verification page for Apple IDs, as depicted in the following screenshot and explained in this blog post.
Anatomy of a Modern Compromised Website
In the security community, little attention is paid to compromised websites that don’t serve up malware. The malicious URL lists maintained by the anti-virus companies, by Google, and by nearly every other source of malicious URLs rely on anti-virus to trigger on exploits and malware to determine if a site is malicious. In a few select cases, behavioral analysis may be used to determine if a visit to a website will lead to an infected computer.
Google Users Targeted By New Malicious Websites
zveloLABS™ has been tracking compromised sites that host PageRank Bombs since 2008. The attacker hacks a site, but instead of putting exploits on the hacked site, they put links to other websites in order to boost the search result ranking on various search engines. Initially this was being used for ad sites, porn sites, and pharma fraud sites. Now, however, it is being used to boost the results of malicious sites, but with a new twist that targets Google users.