Research Blog

News and views from the leading voice in cloud security.

By: Viral Gandhi

Are mobile apps a leaky tap in the enterprise?

Mobile Privacy Trends

In almost every enterprise, mobile and cloud represent a large and growing proportion of overall traffic. While they offer many advantages in productivity, they also bring about new challenges for organizations trying to simplify their infrastructures while maintaining critical security…
By: Sameer Patil

Threat Campaigns during the U.S. Election

U.S. presidential elections are among the most followed political events in the world. Many U.S. policies, as they apply to foreign affairs, are dependent upon the outcome of the race as well as the political party that holds the majority…
By: Shivang Desai

Android malware targeting South Korean mobile users

Mobile Banking Trojan


In a recent cycle of malware hunting, ThreatLabZ came across a malicious Android application specifically targeting South Korea. There have been a few attempts in the past to target South Korea, in which malicious apps were either trying to pose as bank apps or as…
By: Dhanalakshmi

Compromised Websites Delivering Tech Support Scams and Credit Card Hijacks

Tech Support Scams and Magento Credit Card Hijacking

Compromise | Scam

Introduction   Tech support scams and credit card hijacking attacks are not new. These types of cyber-fraud have been seen in the wild as supported extensions for Internet Explorer, Firefox, and Chrome; they become distributed through various monetization platforms during…
By: Atinderpal Singh

iSpy Keylogger


Keyloggers have always been present in attackers toolkits. They give attackers the power to record every keystroke from a victim s machine and steal sensitive information. Zscaler ThreatLabZ recently came across a signed keylogger campaign in our cloud sandbox. In…
By: Ed Miles

A quick look at recent malvertising exploit chains

Featuring RIG and Sundown EK

Exploit Kit

Introduction Zscaler ThreatLabZ, during our daily exploit kit (EK) tracking, have been seeing some changes in both RIG and Sundown EKs. We recently encountered a malvertising chain serving both EKs on subsequent visits, and decided to compile a quick look at…
By: Derek Gooley

Top Exploit Kit Activity Roundup - Summer 2016

Exploit Kit

Overview This is the second in a series of blogs collecting the recent activity of the current top exploit kits. Exploit kits are rapidly deployable software packages designed to leverage vulnerabilities in web browsers to deliver a malicious payload to…
By: Deepen Desai

Agent Tesla Keylogger delivered using cybersquatting

Compromise | Malware

Introduction Zscaler ThreatLabZ recently came across an attack chain in which cybersquatting was being used to deliver a commercial keylogger, called AgentTesla, with an intent to steal confidential information. The keylogger payload was configured to relay the stolen information back…

Learn more about Zscaler.
Join one of our webcasts.

How secure are you?

Check your security with our instant risk assessment, Security Preview. It’s free, confidential and safe. 85% of companies who run this test find vulnerabilities that require immediate attention.

Average risk level results from people like you: VERY HIGH