“In the cyber era of numerous state-sponsored targeted attacks with the motive of cyber espionage, surveillance, or sabotage, it is not very surprising that Nuclear Regulatory Commission (NRC) has been targeted multiple times,” added Deepen Desai, director of security research for San Jose, Calif.-based Zscaler ThreatLabZ, in an emailed statement.
"It is extremely concerning that these attacks involved a commonly used technique of spear-phishing,” Deepen Desai, director of security research for Zscaler, said in an email to SC. “The sensitive information of prime interest to some foreign states, makes it very important for organisations like NRC to not only continuously train their employees but also update their training content more frequently. It is also imperative for such organisations to adopt a stronger security policy."
16% des von Zscaler geblockten Malware-Traffics verbirgt sich in SSL-verschlüsseltem Datenverkehr. Man könnte jetzt fälschlicherweise davon ausgehen, dass sich hierbei um eher harmlose Varianten von Schadcode handelt. Leider ist genau das Gegenteil der Fall: ZeroAccess-Attacken, Bitcoin-Mining- und Kazy-Trojaner waren ebenso unter den aufgespürten Schädlingen, wie Black Holes, aktuelle Ransomware und Backdoors. Und alle wurden durch SSL-Traffic transportiert.
Sixty-eight percent of Android apps examined by security researchers required that the user grant permission to send SMS messages, according to Zscaler research. Of that 68 percent, 28 percent also were able to access SMS, putting them in a position to spy on mobile authentication methods.
The fact that the Supervalu breach occurred a month ago raises questions about why it took so long to hear about it, said Michael Sutton, vice president of security research at Zscaler Inc.
Michael Sutton, vice president of security research with Zscaler, picked up on Bunker's comments, noting that, whilst the new variants of newGOZ are currently a fraction of the size of their predecessor, the resurgence of the popular malware illustrates the temporary nature of botnet takedown efforts.
PGP encryption is a little tricky to use, but it might be worth it. "The beauty to a solution like this is the email providers themselves won't have access to the email," said Michael Sutton, vice president of security research at Zscaler. "So if the government came to Yahoo or Google with a court order to see someone's email, they would have to say, 'We can't do that.'" - See more at: http://www.ecommercetimes.com/story/80882.html#sthash.rinLXwrC.dpuf
Having a password stolen from a small website that holds little personally identifying information may not sound like a big deal, but the threat is when people use the same password for multiple websites, said Michael Sutton, vice president of security research at Zscaler.
IT-Sicherheitsfachmann Mathias Widler von Zscaler warnt vor den Gefahren unsicherer Internet-Verschlüsselung.Mit SSL* verschlüsselte E-Mails und Internetseiten sind keineswegs sicher, sagt Experte Mathias Widler von Zscaler**.
Cyberattacken: was wir bis jetzt gesehen haben, ist nur die Spitze des Eisbergs. Die des unverschlüsselten, offenen und gut einsehbaren Datenverkehrs. Doch es gibt noch die andere Seite: die verschlüsselte Seite — SSL. Sie wird in der Regel nicht gescannt und birgt jede Menge Risiken. SaaS-Scanner-Anbieters Zscaler plaudert aus dem täglichen Scan-Nähkästchen.
Yes, the ever-expanding attack surface of the Internet of Things is overwhelming. But next-gen security leaders gathered at Black Hat are up to the challenge, according to Zscaler’s Michael Sutton.
With 420,000 sites infected, it will be impossible to work with all of the impacted companies and ensure that the vulnerabilities that led to the breaches are ultimately patched. Many will remain vulnerable for some time, if not indefinitely. The attackers crowd sourced the hacking, leveraging botnet infected computers to do the heavy lifting for them and identify sites vulnerable to SQL injection attacks.
“The attackers crowd sourced the hacking, leveraging botnet infected computers to do the heavy lifting for them and identify sites vulnerable to SQL injection attacks,” said Michael Sutton, vice president of security research at Zscaler.
"We tend to see higher infection rates in countries where pirated software is more common as software vendors often provide patches only to those customers with a valid license. It's often therefore not that users don't want to upgrade but are unable to and feel that's a reasonable trade off to get free software," explained Michael Sutton, the VP of Security Research for Zscaler.
Read-only mode on a USB device implemented via a physical switch would apply to the flash memory where data is stored, not the firmware, so no, such a switch would not prevent the BadUSB threat. While the researchers have yet to reveal the full details of the attack, it presumably requires physical access to the USB device, so any settings on the device could be overridden anyway.
"While a 'backdoor' has no universal definition, it is generally deemed to not only allow remote access to a machine but to also be hidden, bypass traditional security controls and be used for nefarious purposes. Given that Apple has at least at a high level, responded to Zdziarski's findings to detail the purpose of the diagnostic tools and they are accessed via documented processes, which require user consent (device pairing), I would not define the services as a backdoor."
Zscaler VP of security research, Michael Sutton, argued that Google should restrict Android apps from accessing SMS content. “[‘Read SMS’] is a high risk permission to grant as any app with these privileges can read all incoming SMS content as there is no way to restrict a given SMS message to a specific application,” he said.
Zscaler was recognized as one of CRN’s Emerging Vendors in security for 2014. The list identifies rising technology vendors introducing new, innovative products that are changing the technology landscape and creating numerous opportunities for channel partners in North America. —By Rick
According to a zScaler blog post, the current CNN for iPhone App, Version 2.30 (Build 4948), sends passwords in clear text. According to zScaler, which observed the behavior using its ZAP tool, a network traffic sniffer, the password is exposed when a user first creates their iReport account and during any subsequent logins to the application.
Het gaat dan om foto's, video's en tekst die aan een CNN-artikel worden toegevoegd. Om een iReport-account aan te maken moeten gebruikers een e-mailadres, gebruikersnaam en wachtwoord opgeven. Ook kunnen gebruikers hun echte naam en telefoonnummer invullen. Tijdens het inloggen op iReport worden de inloggegevens onversleuteld verstuurd, aldus onderzoekers van Zscaler. Volgens de onderzoekers is dit met name een probleem omdat er via de iReport-functie ook anoniem nieuwsberichten kunnen worden ingestuurd.
Zscaler weist ausdrücklich darauf hin, dass man sich im Gegensatz zu anderen, vergleichbaren Untersuchungen nicht darauf beschränkt habe, zu prüfen, ob eine App grundsätzlich bestimmte Funktionen ausführen könnte, sondern ob sie das auch tatsächlich tut. Dazu war allerdings ein Jailbreak der zu dem Test herangezogenen iPhones erforderlich – sonst hätten die Experten nicht den erforderlichen Einblick bekommen.
Zscaler comments on “kill switches” for Android and Windows phones, noting that “Kill switches are not a foolproof plan as thieves could still sell stolen devices for parts, but it does reduce the overall value of the device for the criminal.
Zscaler’s Michael Sutton comments on the DARPA contest designed to create self-defending networks, and notes that “While companies and academic researchers have created components of self-healing networks and biologically inspired digital immune systems, no one has succeeded in creating a fully automated system.”
SC Magazine reviews the Zscaler Internet security platform, noting “Zscaler is, in my view, a secure data center in the cloud. That is saying a lot, but Zscaler delivers and has been since 2008.”
Zscaler’s CEO discusses alternatives to MPLS. “Is MPLS really dead? It’s not, but its peak is over," said Jay Chaudhry, founder and CEO of Zscaler, who estimated half of MPLS traffic will move to alternatives within five years.
Commenting on cyber espionage among nation-states, Sutton says the best thing organizations can do to protect themselves against foreign predators is to share information, despite the natural competitive instinct to keep things quiet.
Why it's a favorite: “As BAT operates in 186 countries, BAT’s gateways had evolved over time to consist of 40 different Internet gateways with products from various vendors. In response to the non-standard environment, BAT had a locked-down approach to Internet browsing. This created user dissatisfaction, which was aggravated by the high latency resulting from the need to VPN into the BAT infrastructure and the associated back-hauling of Internet traffic. With Zscaler, users can go direct to the internet without VPN-ing into the office infrastructure with user traffic being routed to the closest node in the Zscaler’s network. This provides a fast user experience with near zero traffic latency and has enabled BAT to provide methods to ‘protect’ BYOD.”
“We’ve never seen any quite like this,” said Michael Sutton, vice president of security research at Zscaler, a San Jose, California-based security firm. “Not only is a huge portion of the Internet impacted, but the damage that can be done, and with relative ease, is immense.”
Shift is the latest innovation from Jay and the folks at Zscaler. Patrick Foxhoven, VP and CTO of Emerging Technology at the company, said Shift represents a move to intelligent routing. While it offers many advantages, the real benefit of Shift for Foxhoven is that it allows Zscaler to offer its world-class security offering to a whole new class of organizations that perhaps couldn't have afforded it before. Shift is targeted and priced for midmarket and SMBs.
Michael Sutton, from security research firm Zscaler, said that hackers using legitimate websites to host malicious content was now the norm. "Social engineering attacks always involve an element of communication - the victim must be tricked into performing an action such as providing data, clicking on a link, downloading a file, et cetera. Attackers have learned that it's far easier to simply infect an already popular web property than to attempt communication with victims directly," he said.
The shift to cloud-centric deliver models is also driving the rapid emergence and the massively disruptive transition to Network as a Service (NaaS) platforms. Perhaps the best example of this is Zscaler, but there are numerous companies such as Cloudflare, Aryaka and Pertino positioning into the NaaS market. We recently caught up with Zscaler at the RSA security trade show.
The attack, which was active during late February according to researchers at Zscaler, follows a familiar pattern seen in many other such attacks. It began with the compromise of a law firm’s site at 39essex[.]com and when users hit the site, they were redirected to a third-party site, which hosted the exploit kit. When victims visited the second compromised site hosting the kit, it performed a number of diagnostic tests on the user’s browser to see what sort of exploits should be delivered.
Cloud security firm Zscaler, for example, is beta-testing a slimmed-down version, dubbed SHIFT, of its enterprise security offering, limiting the dashboard to a single page and aiming to get companies "up and running in 5 minutes or less."
Michael Sutton, vice president of security research for Zscaler, says the landscape for zero-day vulnerabilities has evolved significantly in recent years as software makers, Microsoft in particular, have gotten increasingly better about putting out patches, and organizations have become more adept at shortening the patch cycle. Instead, it's no longer the “low-hanging fruit” of simple vulnerabilities, Sutton says. “It's not getting worse so much in terms of sheer volume, it's the severity of the threats and the length of time they are taking to come to the surface to get to where a vendor can address them,” Sutton says.
A comprehensive approach to IT security includes prevention, detection and remediation. Most companies spend 90% of their security budget on prevention in the belief that they should focus on stopping or preventing attacks in the first place. From his position with the Zscaler ThreatLabz, Sutton can see that most companies are already infected to some degree. “Of course we want to protect and defend against attacks before they affect us if at all possible, but we absolutely can’t ignore the detection side or the remediation side,” says Sutton. “We know we’re going to get some infections and we need to limit that damage as quickly as possible and isolate the problem and do the appropriate remediation steps. Enterprises need to adopt that focus.”
Cloud security vendor Zscaler said it has created a joint product with communications services provider BT aimed at addressing mobile security risks. The BT Assure Threat Monitoring service will support real-time threat monitoring from the Zscaler Global Security Cloud. The joint products integrate Zscaler Web logs with BT’s service to provide monitoring, data analysis and regulatory compliance.
Well, the first day of RSA week is in the books and things are off to a rousing start. My day started early today as I was the moderator of a great panel at the Americas Growth Capital Conference. My panel was on Security Automation. Panel members were Jay Chaudry of Zscaler, Marty Roesch of Cisco/Sourcefire, John Summers of Akami, Marc Willebeek-LeMair of Click Security and Rajat Bhargava of JumpCloud.
Moderator Jay Chaudhry, CEO of vendor Zscaler, said that tactic needs to be modified to account for the distributed access demands of an organization that broadly uses cloud applications. He mentioned that one Zscaler customer with 150,000 employees in more than 100 countries suddenly realized its gateway strategy wasn't working when it implemented SaaS applications and backhauled its traffic to just four gateways, grinding activity to a halt.
While the Target theft and others like it may be the work of organized crime, Sutton explains, it's not necessarily the same group: “I think that we're seeing the tip of the iceberg here. Because yes, Target was the first and now we're starting to see other retailers, Neiman Marcus, Michael's have also stepped forward.
Advances Internet security with intelligent routing that automatically applies adaptive security and policy to dynamic Internet threats, enabling global protection and visibility in minutes through a cloud based service
Samsung’s Knox mobile security platform has bolstered its status as the emerging standard in mobile enterprise device security by inking a deal with Zscaler to integrate its technology with the software.
While larger companies have the ability to deploy DNS servers in their internal networks, cloud services have quickly begun offering much of the flexibility of internal configurations while delivering on a passel of security features as well, says Patrick Foxhoven, chief technology officer for cloud security firm Zscaler.
These security services aren’t the same as an on-premise firewall that watches the network from a physical appliance attached in your data center. But these products promise to protect you from malware, help you keep track of who signs into your network, monitor all your other cloud applications such as Salesforce and Google Docs, and more.
Zscaler specializes in providing a fully SaaS-based antivirus, vulnerability management and user activity control for Web, email and mobile devices. The company recently added suspicious file analysis capabilities to its cloud-based security platform to detect advanced threats. It also rolled out Zscaler for Office 365 deployments that it says will provide protection without impacting performance.
“Privacy is dead in the digital world that we live in,” said Michael Sutton, vice president of security research at San Jose, California-based Zscaler. “I tell people, unless you are comfortable putting that statement on a billboard in Times Square and having everyone see it, I would not share that information digitally.”
In a nutshell, Zscaler sees these two major trends – the evolution of advanced threats and the complexity of cloud and mobile environments – increasingly intersect. In particular, there are five areas (below) that information security practitioners should be considering as they take on challenges in the new year.
Michael Sutton, a cybersecurity analyst from Zscaler, noted that few of the other recommendations from the presidential advisory panel were adopted. "Those that were, ended up being watered down," Sutton says. "For example, rather than adding a permanent public advocate to the FISA court, he instead noted that 'significant cases' before the FISA court would also go to an independent panel for review."
I recently had a conversation with Michael Sutton, vice president of security research for Zscaler and head of Zscaler ThreatLabZ. We talked about where many organizations are falling short today in defending against current threats and especially the more dangerous advanced persistent threats. I’ve singled out six common shortcomings that Sutton sees among most companies today.
Zscaler senior researcher Michael Sutton says SMS Tracker, in essence, functions as spyware. While the vendor is promoting the apps usefulness to parents who want to monitor their kids' online activities, it could also be surreptitiously download to someone's device and used as a " very effective tool for spying."