Concerned about VPN vulnerabilities? Learn how you can benefit from our VPN migration offer including 60 days free service.

Zscaler Blog

Get the latest Zscaler blog updates in your inbox

News & Announcements

Would you like a breach with that shake? - This week in cybersecurity

September 28, 2017 - 2 min read

Retefe Trojan just Got More Powerful by Adding the WannaCry Trick to its Arsenal

The Retefe trojan banking malware campaign has returned and is now leveraging EternalBlue -- the leaked NSA surveillance exploit -- to target Swiss financial institutions. Read more. 

Apple OS High Sierra Reportedly Has a Password Problem

There's a vulnerability in High Sierra and earlier versions of macOS that allows rogue applications to steal plaintext passwords stored in the Mac keychain, a security researcher said Monday, the same day the widely anticipated update was released. Read more.

SEC hackers accessed authentic data used by companies in tests

Hackers breached the U.S. Securities and Exchange Commission’s computer system last year by taking advantage of companies that used authentic financial data when they were testing the agency’s corporate filing system, according to sources familiar with the matter. The sources spoke anonymously because it is not a public investigation. Read more.

Breach at Sonic Drive-In May Have Impacted Millions of Credit, Debit Cards

In a story broken by KrebsOnSecurity, Sonic Drive-In, a fast-food chain with nearly 3,600 locations across 45 U.S. states, has acknowledged a breach affecting an unknown number of store payment systems. The ongoing breach may have led to a fire sale of millions of stolen credit and debit card accounts that are now being peddled in shadowy underground cybercrime stores. Read more.

Signal Update Keeps Users’ Address Book Secret

Open Whisper Systems, the non-profit behind Signal, is launching an experimental new method that will prevent users from needing to share their contact lists with Signal while still letting them use their existing address books to make encrypted calls and send encrypted texts. Signal's creators, like the developers of so many other social apps, have long considered that contact-sharing request a necessary evil, designed to make the app as easy to use as your normal calling and texting features. Read more. 

Internet Explorer bug leaks whatever you type in the address bar

Security researcher Manuel Caballero disclosed a bug in Internet Explorer that leaks any text typed into the search bar to the current website in the user’s browser. The technique can expose sensitive information a user didn't intend to be viewed by remote websites, including the Web address the user is about to visit. Read more.

form submtited
Thank you for reading

Was this post useful?

dots pattern

Get the latest Zscaler blog updates in your inbox

By submitting the form, you are agreeing to our privacy policy.