Research Blog

News and views from the leading voice in cloud security.

By: Deepen Desai

Agent Tesla Keylogger delivered using cybersquatting

Compromise | Malware

Introduction Zscaler ThreatLabZ recently came across an attack chain in which cybersquatting was being used to deliver a commercial keylogger, called AgentTesla, with an intent to steal confidential information. The keylogger payload was configured to relay the stolen information back…
By: Viral Gandhi

Android Marcher: Continuously Evolving Mobile Malware

Mobile Malware

Founded in 2013, the Android Marcher mobile malware has widely been targeting Google Play -- harvesting user credentials and credit card data. The malware waits for victims to open the Google Play store and then displays a fake html overlay…
By: Viral Gandhi

Pokémon GO : Pikachu thunder shocks user’s wallet and personal life.

Mobile Malware

The recent release of Pok mon GO has led the game to become one of most popular apps for Android and iOS - having been downloaded by more than 5 million users. The game is currently available in multiple countries…
By: Abhinav Bansal

Apple Patches Persistent Cookie Vulnerability Discovered by Zscaler


  Cookies are a fundamental part of our everyday web access.  We take them for granted and freely give websites access to relevant cookies in our browsers because they dramatically enhance our user experience. Cookies are considered persistent if they…
By: Chris Mannon

Zika isn't the Only Thing You Need to Worry About During the Rio Olympics

Abuse | Compromise | Exploit | Exploit Kit | Malware | Scam

In just a few weeks, thousands of athletes and fans from around the world will gather in Rio de Janeiro for one of the world's most widely anticipated international sporting events, the Olympics. However, as one of the most popular…
By: Ed Miles

Sundown Chronicles - Observations of an Exploit Kit's Evolution

Since the apparent deaths of the Angler and Nuclear exploit kits, we have seen elevated activity from other groups. While RIG and Neutrino have been the primary actors in the void left by Angler and Nuclear, Sundown has also been…
By: Derek Gooley

Top Exploit Kit Activity Roundup

Exploit Kit

Overview The majority of malware and other computer security threats are delivered through web browsing. Exploit kits are rapidly deployable software packages designed to leverage vulnerabilities in web browsers to deliver a malicious payload to a victim s computer. Authors…
By: Deepen Desai

Malicious Documents leveraging new Anti-VM & Anti-Sandbox techniques

Malicious documents with macros evading automated analysis systems

Evasion/Stealth | Malware

Introduction Zscaler ThreatLabZ recently came across a new wave of malicious documents evading automated analysis systems using a new technique. Malicious executables that leverage numerous techniques to detect the virtual environment and automated analysis systems are very common, but we are…

Learn more about Zscaler.
Join one of our webcasts.

How secure are you?

Check your security with our instant risk assessment, Security Preview. It’s free, confidential and safe. 85% of companies who run this test find vulnerabilities that require immediate attention.

Average risk level results from people like you: VERY HIGH