Company > Blogs

News and views from the leading voice
in secure digital transformation

Hero Panel Image
Security Research
SSL threats
Insights and Research
4 Min read

2020: The State of Encrypted Attacks

This blog is an overview of the latest threat research conducted by ThreatLabZ, Zscaler’s security research team. The full report is available here. While SSL/TLS encryption is the industry standard for protecting data in transit from prying eyes, encryption has, itself, become a threat. It is often leveraged by attackers to sneak malware past s...
Phishing activity
Insights and Research
7 Min read

Election 2020-themed scams and threat activities

The United States presidential election is here. And as COVID-19 still runs unchecked throughout the world, 2020 continues to be an outlier year in so many ways. But one thing remains constant—scammers and threat actors taking advantage of current topics for their own profit. Strangely, this is probably the most normal aspect of 2020 thus far. ...
State of digital transformation EMEA
Work from Anywhere
4 Min read

State of Digital Transformation in EMEA: Is the Increase in Remote Work Increasing Risk?

The events of 2020 caused quite a bit of upheaval for enterprises in EMEA. But what effect, if any, did it have on their digital transformation plans? Amidst the landscape of a global pandemic, increasing cyberthreats, and a growing remote workforce, Zscaler commissioned its second study on the state of digital transformation in EMEA to discover...
APT-31 leverages COVID-19 Vaccine theme and abuses legitimate online services
Insights and Research
32 Min read

APT-31 Leverages COVID-19 Vaccine Theme and Abuses Legitimate Online Services

Recently, Zscaler's ThreatLabZ team discovered several malicious MSI installer binaries that were hosted on attacker-controlled GitHub accounts and distributed in-the-wild in August 2020. These MSI binaries dropped and displayed decoy content using a theme around a COVID-19 vaccine as a social engineering technique. After further analysis of the...
global networks
Zscaler Cloud Platform
3 Min read

A Crowning Achievement: Cyber Security Essentials Certification in the UK

The National Cyber Security Centre (NCSC) is on a mission to make the UK the safest place to live and work online. I’m excited to say that Zscaler has joined the NCSC’s effort by attaining the organization’s Cyber Security Essentials certification in the UK. This certification is the latest achievement in Zscaler’s compliance expansion initiative t...
ransomware
Zscaler Cloud Platform
4 Min read

Ransomware’s Pivot: A Business School Case Study

There are very few technology companies that successfully pivot their business strategy to adapt to a macro paradigm shift. A classic case study in adapting to changing market conditions is the Netflix video streaming service. Home video rentals evolved from local mom-and-pop video rental stores, to chains like Blockbuster and Hollywood Video, to D...
cover image
Insights and Research
17 Min read

Targeted Attacks on Oil and Gas Supply Chain Industries in the Middle East

Cybercriminals are known to look to current events to make their schemes and campaigns more engaging and relevant to unsuspecting victims. These events don't need to be global in nature, and are often only of local or regional interest. This helps the bad actors narrow their target hoping for a greater chance of success. So when the Abu Dhabi Na...
Spear Phishing campaign delivering Buer and Bazar
Insights and Research
10 Min read

Spear Phishing Campaign Delivers Buer and Bazar Malware

Zscaler ThreatLabZ became aware of a prevalent phishing campaign targeting employees of various organizations. During the past couple of weeks, many enterprise users have been getting spear phishing emails indicating that their employment with the company has been terminated. These emails contain a Google document link that leads to the Bazar b...
Android Malware
Insights and Research
7 Min read

Joker Playing Hide-and-Seek with Google Play

Joker is one of the most prominent malware families that continually targets Android devices. Despite awareness of this particular malware, it keeps finding its way into Google’s official application market by employing changes in its code, execution methods, or payload-retrieving techniques. This spyware is designed to steal SMS messages, contact ...
Targeting WordPress Sites
Insights and Research
6 Min read

Malware Leveraging XML-RPC Vulnerability to Exploit WordPress Sites

We have written a number of blogs about vulnerabilities within and attacks on sites built with WordPress. And, when you consider that 34 percent of all websites in the world are built with WordPress, it’s understandable that cybercriminals will continue to focus their attention on this popular platform. One of the most common attack vectors em...

Explore More Topics