How safe are you? Find out with Zscaler's free, confidential and fast internet security test. Run test now >

CLOSE

News

2016 | 2015 | 2014 | 2013 | 2012 | 2011 | 2010 | 2009 | 2008
January 29, 2016
As companies embrace local Internet breakouts, they must also strengthen their security environments in the branches themselves. To do so, enterprises typically implement secure Web gateways (SWGs) that analyze specific ports such as HTTP/HTTPS and often use SWGs in combination with advanced threat detection (ATD) to detect the more advanced attacks. Now these capabilities are becoming available as a cloud service. Interfacing with a security-service provider such as Zscaler enables local Internet breakouts without requiring further investment in on-premises Internet security appliances.
January 28, 2016
The investment marks Google Capital’s fourth cybersecurity investment. Earlier ones included in CrowdStrike, Zscaler, and CloudFlare.
January 27, 2016
VMware, Zscaler, Websense and more all joined in to deliver new features and areas of operations to VeloCloud and further drive that impressive new year.
January 27, 2016
Early in the year, VeloCloud added complementary cloud security from Zscaler and Websense (now Forcepoint).
January 25, 2016
Zscaler made a list of the 20 riskiest applications, in terms of actual (attempted) user victimisation and based on data from one of Zscaler’s cloud-based data sets over a period of 180 days from the beginning of 2015. Facebook, Skype and Twitter top the list of sites containing the most malware. Often, users click on or unwittingly download malicious applications without realising they have put themselves and the organisation in danger.
January 22, 2016
Regionalized services can be deployed in private regional network hubs, owned and operated by the enterprise. For companies that would rather outsource this altogether we are seeing the emergence of security-as-a-service offerings such as Zscaler (which has of order 100 regional hubs), or Unified Communications-as-a-Service (UCaaS) offerings from the likes of Orange Business Services, 8X8, HP and others.
January 21, 2016
Malvertising, or "malicious advertising," is not a new threat, and just a few weeks into 2016 ThreatLabZ has observed a malvertising campaign injecting iframes into banner advertisements that lead to Angler Exploit Kit. Surprisingly, the Angler operators took some vacation for the New Year, as noted by F-Secure, and have only recently resumed operations, so we were surprised to see a malvertising campaign so soon after their break
January 21, 2016
ForeScout’s latest round of financing vaults the company into the coveted “unicorn” club, a burgeoning pack of venture capital-backed companies with billion-dollar valuations. As part of the late-stage injection, investors have appraised the firm at $1 billion; other “unicorns” in the cybersecurity category include Tanium, Okta, Illumio, Avast, Lookout, and Zscaler.
January 21, 2016
Commenting on the investment, Cisco vice president and general manager of the enterprise infrastructure and solutions group said the company "is committed to open networking, and interoperability with the VeloCloud solution will provide our joint customers with additional enhancements for application and cloud services performance." In addition to Cisco, VeloCloud’s vendor partners include BroadSoft, Equinix, Hewlett Packard Enterprise, IIx Console, Intel, VMware, Websense and Zscaler.
January 21, 2016
"Providing security as applications migrate to the cloud is increasingly important," said the financial analyst who asked not to be named. "Zscaler is key to providing cloud-based security today. Many of Cisco's competitors partner with Zscaler, which is an added bonus."
January 20, 2016
The natural next step is to look at how organisations can consolidate their existing security functions into one central framework. Results from Forrester support this suggestion. An overwhelming majority (98 per cent) of IT security professionals believe that an integrated security platform would be more effective in delivering a broad range of cyber security capabilities versus point solutions delivered by multiple vendors. In fact, 76 per cent of respondents claimed that the approach would be very effective in comparison.
January 20, 2016
Jeff Reed, vice president and general manager of Cisco's enterprise infrastructure and solutions group, noted in a statement that the company "is committed to open networking, and interoperability with the VeloCloud solution will provide our joint customers with additional enhancements for application and cloud services performance." VeloCloud is growing its vendor partnerships list, which now includes Cisco, BroadSoft, Equinix, Hewlett Packard Enterprise, IIx Console, Intel, VMware, Websense and Zscaler.
January 20, 2016
This year, Juniper formed a wireless partnership with Aerohive Networks in addition to its alliance with Aruba, which was bought by HP. Juniper says it will continue to stay with Aruba. Software-defined WAN specialist Silver Peak inked alliances with a trio of companies at the same time: hyper-converged startup Nutanix, Infoblox and Zscaler. Cisco created partnerships with the likes of giants Apple and Ericsson, while expanding its Microsoft partnership even though it still sees the Redmond, Wash.-based tech giant as a competitor in some areas. The list of technology partnerships formed in 2015 goes on and on.
January 20, 2016
Venture capitalists last year rushed to fund start-ups touting potential solutions to increasingly widespread and sophisticated cyber attacks. Private cyber security companies including Crowdstrike, Illumio and Zscaler raised rounds of $100m, at valuations thought to be above $1bn in 2015. Tanium’s valuation grew from $1.7bn to $3.5bn in six months last year, according to a person familiar with their fundraising.
January 17, 2016
En 2016, les ransomware devraient de plus en plus toucher le monde de l'entreprise et il y a fort à parier que ces dernières devront s'acquitter de sommes nettement plus élevées que les particuliers. En effet, les criminels qui mènent ces campagnes de racket ne sont pas nés de la dernière pluie, et lorsqu'ils se rendent compte qu'ils ont verrouillé un code source et des documents financiers qui n'ont pas été correctement sauvegardés, vous pouvez avoir la certitude que le montant demandé pourra être des plus excessifs.
January 15, 2016
McCormack led Websense when Vista Equity Partners, a private equity firm also based in Austin, took the dot-com bust veteran private in 2013 for about $890 million. Its competitors have included Internet traffic-scrubbing cybersecurity firms such as Zscaler, a billion dollar “unicorn” startup, and Blue Coat, a once-public company acquired last year by Bain Capital for $2.4 billion.
January 14, 2016
However, new findings published by Zscaler's ThreatLabZ revealed that a new malware family is using compromised digital certificates to avoid detection. The way it works is it monitors the activity on an infected PC and conveys that information back to cyber criminals. In order to spread the virus, a phishing campaign is sent around via email. Known as Spymel, the malware is often difficult to spot as it uses legitimate certificates that were issued by DigiCert.
January 14, 2016
Zscaler détecte et publie régulièrement sur son blog des billets concernant les applications malveillantes provenant d’app-stores Android parallèles. Google devra restreindre les autorisations accessibles aux applications non homologuées par le processus de soumission de Google Play. Les applications chargées hors Google Play et qui demandent une autorisation de niveau administrateur devraient prochainement disparaitre. Google va également commencer à imposer des délais acceptables pour les correctifs et les mises à jour de firmware, lesquels sont en grande partie contrôlés par ses partenaires OEM.
January 13, 2016
Die Idee, Sicherheits-Appliances in einem Datencenter zu installieren, um die Mitarbeiter zu schützen, stammt aus den 1990er Jahren – und ist überholt. Statt an einem festen Arbeitsplatz sitzen diese nämlich heute zum Beispiel mit ihren Laptops in Cafés und arbeiten über die Cloud. Herkömmliche Sicherheits-Appliances sind nicht nur Altlasten aus traditionellen Standortkonzepten, sie engen den Geschäftsalltag ein, anstatt ihn zu fördern. Zudem sind sie oft nur für eine einzige Sicherheitsfunktion gebaut. Dadurch sprießen neue Appliances in den Datenzentren nur so aus dem Boden – für jede neue Bedrohung ein neues Gerät. Und jedes einzelne muss gekauft, installiert, gewartet und aktualisiert werden.
January 13, 2016
There Goes The Neighborhood — Bad Actors on GMHOST Alexander Mulgin Serginovic (Zscaler Threat Lab)
January 12, 2016
En 2016, les ransomware devraient de plus en plus toucher le monde de l’entreprise et il y a fort à parier que ces dernières devront s’acquitter de sommes nettement plus élevées que les particuliers. En effet, les criminels qui mènent ces campagnes de racket ne sont pas nés de la dernière pluie, et lorsqu’ils se rendent compte qu’ils ont verrouillé un code source et des documents financiers qui n’ont pas été correctement sauvegardés, vous pouvez avoir la certitude que le montant demandé pourra être des plus excessifs.
January 12, 2016
“Users are all too willing to begrudgingly pay an expensive but not excessive ransom in exchange for the return of their precious data,” Sutton says. “Even the FBI are recommending that it’s easier to pay than fight. The wildly profitable CryptoLocker has attracted many clones since it was largely knocked offline following Operation Tovar.” Many of these clones, including more popular variants such as CryptoWall and TorrentLocker largely followed the proven formula, but we’re starting to see variations such as mobile and Linux focused ransomware. “The latter is especially important as it’s more likely to impact the websites and code repositories of enterprises, who in our experience are also very willing to pay up rather than risk losing critical intellectual property,” says Sutton.
January 12, 2016
“The digital certificate will give a false sense of authenticity to the end user especially when the certificate belongs to a legitimate software vendor,” said Deepen Desai, director of security research at Zscaler. “This approach also helps malware authors in evading detection as it is common for security vendors to bypass advanced heuristic checks for payloads that are signed using legitimate trusted certificates,” he said. Although such techniques have been used in the past to install spyware and adware payloads, it is a relatively new trend when it comes to malware.
January 12, 2016
As Deepen Desai, director of security research at Zscaler explained, “The digital certificate will give a false sense of authenticity to the end user especially when the certificate belongs to a legitimate software vendor. This approach also helps malware authors in evading detection as it is common for security vendors to bypass advanced heuristic checks for payloads that are signed using legitimate trusted certificates,” he said.
January 12, 2016
In August, according to Zscaler security firm, cybercriminals compromised more than 2,600 WordPress websites and deployed malicious iframes on 4,200 distinct pages. The criminals exploited vulnerable versions of WordPress 4.2, and prior, to plant the iframes which were used to redirect users to domains hosting the Neutrino exploit kit. The Neutrino landing page was designed to exploit Flash Player vulnerabilities in order to serve the last variant of the popular ransomware CryptoWall 3.0.
January 12, 2016
Az elmúlt évben két jelentősebb hibát is kiszűrtek a rendszerben. Tavaly augusztusban a Zscaler kutatói figyeltek fel arra, a WordPress egyik biztonsági hibáját kihasználva az ilyen weboldalakon keresztül terjesztették tömegesen a Neutrino exploit kitet. Ez a kiberbűnözők egyik legfelkapottabb exploitja, amelybe nagyon gyorsan belekerül minden új lehetőség, amivel akár a nulladik napi sérülékenységek is kihasználhatók.
January 11, 2016
Η Zscaler, ένας πωλητής προϊόντων ασφάλειας στον κυβερνοχώρο με έδρα τις ΗΠΑ, ανακάλυψε ένα νέο trojan, το οποίο εξαπλώνεται μέσω spam e-mail και χρησιμοποιεί ψηφιακά πιστοποιητικά για να μολύνει τους υπολογιστές και να περάσει απαρατήρητο από τα προϊόντα ασφάλειας. Ονομάζεται Spymel και αυτό το trojan φτάνει πρώτα στους υπολογιστές ως ένα συμπιεσμένο αρχείο που επισυνάπτεται σε e-mail.
January 11, 2016
“There are a lot of security vendors who do not perform SSL inspection. You have to do SSL man in the middle inspection,” Zscaler head of security research Deepen Desai told SCMagazine.com. “A lot of these advanced attacks are multi-stage attacks trying to exploit this scenario.” Once executed, the code logs user keystrokes and prevents the user from terminating the malware through system tools like TaskMgr, Procexp, ProcessHacker and Taskkill.
January 11, 2016
“The infection cycle typically starts with a malicious JavaScript file that arrives in a ZIP archive via email attachment,” explained Zscaler researchers Tarun Dewan and Amandeep Kumar, in an analysis. “Once the user opens the JavaScript file, it will download and install the malware executable on the victim machine.” The malicious JavaScript file, surprisingly, is not obfuscated and easy to read. But the downloaded malware executable is a highly obfuscated .NET binary, which is digitally signed with a certificate issued to “SBO INVEST”.
January 11, 2016
Zscaler found that the C&C server may send a host of commands to infected machines. These include collecting information about the infected system and the files found on it, as well as deleting, executing or renaming a specified file. A specified file can be uploaded to the C&C and so can a screenshot of the desktop. Enabling or disabling video recording can also be performed.
January 10, 2016
Besides using digital certificates to hide from antivirus software, Spymel also has some extra tricks up its sleeve. The trojan comes with a module called ProtectMe, which, when loaded, has the ability to prevent the user from terminating the malware's process via the taskkill shell command and tools like Process Explorer, Task Manager, and Process Hacker. Zscaler researchers say that Spymel's C&C server is located somewhere in Germany, at android.sh (213.136.92.111), on port 1216. This is probably a rented server, and its owner's real location is somewhere else.
January 08, 2016
There’s a wide range of commands that SpyMel supports, basically giving full backdoor control to the remote attacker. They can browse through files, rename files, delete files and send out an update to install on the victim machine. Many banking sites display an interactive keyboard or keypad that can be used to enter credentials or pin code—SpyMel’s video recording feature will allow the attackers to compromise those credentials as well. It’s targeting the Web browsers. This particular malware arrives via spam email and all Windows users are a target. Once a particular system has been compromised, it can lead to more targeted attack since the victim has been identified by the attacker.
January 08, 2016
“The digital certificate will give a false sense of authenticity to the end user especially when the certificate belongs to a legitimate software vendor,” says Deepen Desai, director of security research at Zscaler. “This approach also helps malware authors in evading detection as it is common for security vendors to bypass advanced heuristic checks for payloads that are signed using legitimate trusted certificates,” he said.
January 07, 2016
ThreatLabZ came across yet another malware family where the authors are using compromised digital certificates to evade detection. The malware family in this case is the information stealing Trojan Spymel and involved a .NET executable signed with a legitimate DigiCert issued certificate.
January 07, 2016
Deutsche Unternehmen fragen verstärkt nach einer effizienten Lösung für die Sicherheit von Unternehmensdatenverkehr im Internet für alle Mitarbeiter, unabhängig von deren Standort – das berichtet EBF. Genau diesen Bedarf will das Kölner Beratungs- und Softwarehaus jetzt adressieren und hat dafür ein Partnerschaftsabkommen mit dem Security-Anbieter Zscaler unterzeichnet.
January 07, 2016
With more than 140 million downloads, WordPress is the most popular CMS on the Web, but it’s also the most attacked. It’s not uncommon for malicious actors to exploit vulnerabilities in both WordPress itself and various plugins. In August, security firm Zscaler reported that thousands of WordPress websites had been compromised and abused to redirect visitors to Neutrino exploit kit sites set up to serve malware.
January 07, 2016
“The malware monitors application like Task Manager, Process Explorer, and Process Hacker. It uses GetForegroundWindow() API to get the handle of active window and changes it's functionality if process is from the above list,” Zscaler researchers explained. Attackers can use the C&C server to send various commands to the malware, including for collecting information about the infected system and the files found on it, deleting, executing or renaming a specified file, uploading a specified file to the C&C, capturing a screenshot of the desktop, and enabling or disabling video recording.
January 07, 2016
In late December, security experts at Zscaler ThreatLabZ detected a new infostealer malware family dubbed Spymel that uses stolen certificates to evade detection. “ThreatLabZ came across yet another malware family where the authors are using compromised digital certificates to evade detection. The malware family in this case is the information stealing Trojan Spymel and involved a .NET executable signed with a legitimate DigiCert issued certificate.” states a blog post published by Zscaler.
January 06, 2016
Password reuse attacks will begin to decline, thanks in large part to the smartphone, said Zscaler CISO Michael Sutton. "Smartphones can be many things but they make for a handy, secure, always with you, data repository. As such, people are starting to adopt password managers such as 1Password and LastPass and other user friendly smartphone apps that present a convenient option for always having sensitive data such as passwords within easy reach," he said.
January 04, 2016
American business magnate, Warren Buffet once said, “it takes twenty years to build a reputation and five minutes to ruin it. If you think about that you’ll do things differently.” Hot on the heels of the fallout from the TalkTalk hack, for many organisations and their Chief Information Security Officers (CISOs) in particular, that stark reality rings true. Doing things differently in relation to data security strategy is no longer a project for the wish-list, but a boardroom priority.
January 01, 2016
A quick sort of the cybercorns listed identifies those that deliver value as a cloud service: Okta, Zscaler, CloudFlare and Illumio deliver products and technologies form-factored for the cloud, paid for on a subscription basis, that are easy to adopt, sticky (valuable) and non-intrusive in traditional IT operations.