Security Research Blog

News and views from the leading voice in cloud security.

By: Whitney Black

Amazon’s Prime Day Won Shopping on Tuesday

I like to complain about Amazon s shopping algorithm and how it tries to sell me sunscreen, granola bars, and diapers, as if that s all I ever buy (more true than I like to admit). But like so many…
By: Deepen Desai

UPDATE: Petya Ransomware Outbreak

Updated June 30, 2017


One month after the WannaCry outbreak, we have seen another widespread ransomware outbreak, possibly involving the Petya ransomware family variant. The initial vector has been confirmed to be a compromised software update package from MeDoc.  As we learn more, we will…
By: Rohit Hegde

Wonder Woman, Piracy, and the Cerber Ransomware

Magnitude Exploit Kit leading to Cerber Ransomware

Exploit Kit | Ransomware

It s become a lucrative business for malicious actors to host illegal streaming websites and upload or link to bootlegged content. The income from such activity is generated from the advertisements served to visitors. At the same time, attackers have…
By: Viral Gandhi

New Android Marcher Variant Posing as Adobe Flash Player Update

Android Marcher malware


Introduction Marcher is sophisticated banking malware that steals users financial information, such as online banking credentials and credit card details. We have observed Marcher evolving over time, using new tricks and payload delivery mechanisms. As we reported about previous encounters…
By: Rohit Hegde

Top Exploit Kit Activity Roundup - Spring 2017

Exploit Kit

Overview This is the fifth in a series of posts in which we're examining recent activity of the current top exploit kits. An exploit kit (EK) is a rapidly deployable software package designed to leverage vulnerabilities in web browsers to…
By: Shivang Desai

Malicious Android Ads leading to drive by downloads

Drive by downloads causing chaos

Mobile Malware

The Zscaler ThreatLabZ team recently identified an Android app that was downloading itself from advertisements posted on forums. Malvertising is a growing problem and one that we have covered on past occasions, especially given the rise in SSL sites that serve…
By: Deepen Desai

WannaCry 2.0 ransomware attacks continue...

Analysis of WannaCry variants and propagation vectors seen in the wild.


Introduction An aggressive ransomware campaign went viral on May 12, 2017, that impacted over 200,000 systems worldwide and the attack remains active. The use of the leaked NSA ETERNALBLUE  SMB exploit by the dropper payloads, which target a Microsoft Windows vulnerability in…
By: Deepen Desai

Google Docs Phishing Campaign

Viral phishing campaign targeting Google users and enterprise Google deployments


Introduction An aggressive phishing campaign went viral earlier today that impacted multiple Google Mail users, including those in enterprise Google deployments. The campaign involved unsuspecting users receiving an email with a Google Doc link from one of their known contacts. If…

Learn more about Zscaler.
Join one of our webcasts.

Check how healthy is your Internet security with Security Preview, Zscaler's free security scan

How secure are you?

Check your security with our instant risk assessment, Security Preview. It’s free, confidential and safe. 85% of companies who run this test find vulnerabilities that require immediate attention.