Company > Blogs

News and views from the leading voice
in secure digital transformation

Hero Panel Image
Security Research
Gabble-Babble of RATs
Insights and Research
14 Min read

Catching RATs Over Custom Protocols

Adversaries generally use Standard Application Layer Protocols for communication between malware and command and control (C&C) servers. This is for several reasons: first, malicious traffic blends in more easily with legitimate traffic on standard protocols like HTTP/S; second, companies that rely on appliances for security often don’t inspect ...
Emerging security threats
Insights and Research
4 Min read

Insight from the Front Lines: Zscaler ThreatLabZ to Give Keynote at Zenith Live

We’re excited to announce that Zscaler ThreatLabZ will be a part of our keynote lineup at this year’s Zenith Live on June 15 and 16. Backed by the world’s largest security cloud, Zscaler ThreatLabZ is our internal research team dedicated to uncovering and investigating emerging threats, while educating the cybersecurity world about how to protect a...
Machine learning
Insights and Research
7 Min read

How and When to Embed Machine Learning in Your Product

To help companies think about how to build ML into their product infrastructures at scale, Capital G held a Q&A session with Howie Xu. It was originally published March 15, 2021, on Medium. Machine learning can enable a company to make sense of mass quantities of data, separate noise from signal on an immense level and unleash a product’s...
Malware campaign
Insights and Research
11 Min read

A look at HydroJiin campaign

Zscaler ThreatLabZ recently came across an interesting campaign involving multiple infostealer RAT families and miner malware. We’ve dubbed the campaign “HydroJiin” based on aliases used by the threat actor. The threat actor is in the business of selling malware, and lurks around in online forums that are common hangouts for neophyte to mid-level c...
Cover Image
Insights and Research
11 Min read

Android apps targeting JIO users in India

Introduction In March 2021, through Zscaler cloud we identified a few download requests for malicious Android applications which were hosted on sites crafted by the threat actor to social engineer users in India. This threat actor leverages latest events and news related to India as a social engineering theme in order to lure users to download a...
Ares malware
Insights and Research
17 Min read

Ares Malware: The Grandson of the Kronos Banking Trojan

Kronos is a banking trojan that first emerged in 2014 and marketed in underground forums as a crimeware kit to conduct credit card, identity theft, and wire fraud. In September 2018, a new Kronos variant named Osiris introduced several new features including TOR for command and control (C2) communications. The last update to Osiris appears to have ...
Cover image
Insights and Research
18 Min read

Low-volume multi-stage attack leveraging AzureEdge and Shopify CDNs

Introduction In Feb 2021, Threatlabz observed a few instances of a low-volume multi-stage web attack in Zscaler cloud. This web attack leveraged legitimate servers of Microsoft (azureedge.net), Dropbox and content delivery network of Shopify (cdn.shopify.com) to host the malicious files. The attack chain started from a Wordpress site with a c...
Zero day attack
Insights and Research
4 Min read

Disrupt the Microsoft Exchange Attacks with Zscaler Zero Trust Architecture

The recent Microsoft Exchange server attacks have reportedly impacted 30,000+ organizations in the United States and 100,000+ organizations globally. Originally attributed to the Chinese threat group HAFNIUM, other threat actors are now believed to be using this vulnerability to steal administrator passwords, write and execute files, and gain acces...
cyberattack
Insights and Research
6 Min read

Microsoft-Themed Phishing Attack Targets Executives Using Fake Google reCAPTCHA Technique

ThreatLabZ, the Zscaler threat research team, recently observed a new series of Microsoft-themed phishing attacks aimed at senior-level employees at multiple organizations. The Zscaler cloud has blocked over 2,500 of these phishing attempts over the last three months. The attack is notable for its targeted aim at senior business leaders with titles...
Zero-day Exploits Related to Microsoft Exchange Servers
Insights and Research
3 Min read

Coverage Advisory for Exploits Related to Microsoft Exchange Servers

Update [19-Mar-2021] Microsoft has released to GitHub the new Microsoft Exchange On-Premises Mitigation Tool and posted a blog with step-by-step instructions on how to use the tool. This is a free, one-click tool designed to help customers who have not yet applied the on-premises Exchange security update to temporarily protect their servers prio...

Explore More Topics