Company > Blogs

News and views from the leading voice
in secure digital transformation

Hero Panel Image
Security Research
Advisory For Email Based Attack From Nobelium
Insights and Research
2 Min read

Coverage Advisory For Email Based Attack From Nobelium

Background: On 27th May Microsoft released a blog on a very sophisticated attack conducted by the threat actor, named Nobelium. While it is believed that threat actor kept changing the initial attack vector multiple times in past few months, the latest technique of abusing mass email service to send spear phishing emails targeted approximately 3...
Android Malware Flubot
Zscaler Cloud Platform
3 Min read

Zscaler Protections Against Flubot Banking Malware

A huge wave of the Flubot malware has been making its rounds in the wild, primarily targeting users in Europe -- particularly the UK -- and in the US. Flubot is an Android banking malware which lures victims to install the app, eventually stealing victim's bank credentials. Flubot has a complete list of capabilities, but features overlay attack ...
Cover image
Insights and Research
15 Min read

Threat Actors Distribute Malicious VPN Apps Masquerading as Popular Vendors

Introduction In May 2021, Zscaler ThreatLabZ observed several new domains registered by a threat actor for distribution of spoofed and malicious versions of popular VPN softwares. Threat actors have shifted their tactics, techniques, and procedures (TTPs) to target VPN users over the past year, taking advantage of the increase in remote work and...
ransomware-attack-notification
Insights and Research
2 Min read

ThreatLabZ Ransomware Review: The Advent of Double Extortion

The recent ransomware attack on the Colonial Pipeline abruptly halted operations on the largest refined products pipeline in the United States, impacting fuel availability across the eastern half of the country. In this attack, the criminal group Darkside utilized a “double extortion” attack -- exfiltrating nearly 100GB of data and threatening to p...
Recent Magecart trends and enhancements
Insights and Research
5 Min read

Magecart Attacks in 2021

Skimmer groups are growing rapidly and targeting various e-commerce platforms using a variety of ways to remain undetected. The Zscaler ThreatLabZ research team has been tracking these skimmer groups and monitoring the techniques they're using. The latest techniques include compromising vulnerable versions of e-commerce platforms, hosting skimme...
ransomware
Zscaler Cloud Platform
2 Min read

Coverage Advisory for DarkSide Ransomware Activity Targeting Manufacturing, Legal, Insurance, Healthcare and Energy Sectors

Background A cybersecurity advisory was released by the Federal Bureau of Investigation (FBI) related to a DarkSide ransomware infection targeting manufacturing, legal, insurance, healthcare and energy sectors. In May 2021, the FBI received notification that the ransomware variant DarkSide had infected a critical infrastructure company. The atta...
Gabble-Babble of RATs
Insights and Research
14 Min read

Catching RATs Over Custom Protocols

Adversaries generally use Standard Application Layer Protocols for communication between malware and command and control (C&C) servers. This is for several reasons: first, malicious traffic blends in more easily with legitimate traffic on standard protocols like HTTP/S; second, companies that rely on appliances for security often don’t inspect ...
Emerging security threats
Insights and Research
4 Min read

Insight from the Front Lines: Zscaler ThreatLabZ to Give Keynote at Zenith Live

We’re excited to announce that Zscaler ThreatLabZ will be a part of our keynote lineup at this year’s Zenith Live on June 15 and 16. Backed by the world’s largest security cloud, Zscaler ThreatLabZ is our internal research team dedicated to uncovering and investigating emerging threats, while educating the cybersecurity world about how to protect a...
Machine learning
Insights and Research
7 Min read

How and When to Embed Machine Learning in Your Product

To help companies think about how to build ML into their product infrastructures at scale, Capital G held a Q&A session with Howie Xu. It was originally published March 15, 2021, on Medium. Machine learning can enable a company to make sense of mass quantities of data, separate noise from signal on an immense level and unleash a product’s...
Malware campaign
Insights and Research
11 Min read

A look at HydroJiin campaign

Zscaler ThreatLabZ recently came across an interesting campaign involving multiple infostealer RAT families and miner malware. We’ve dubbed the campaign “HydroJiin” based on aliases used by the threat actor. The threat actor is in the business of selling malware, and lurks around in online forums that are common hangouts for neophyte to mid-level c...

Explore More Topics