“Even though SMS touch is a paid app, it fails to accommodate standard code security practices. Encryption is absolutely necessary to protect user information and to prevent privacy leakage,” Zscaler research Viral Gandhi said, adding that Zscaler informed the app's developer and it intends to issue a patch in the coming months.
“Encrypted traffic has become one of the biggest threats to enterprise data over the last few months. Hackers are increasingly hiding more malware behind SSL, TLS or HTTPS, as the Threat Report published in the first half year 2017 by the Zscaler ThreatLabZ Research team shows.”
“Today’s cloud applications break traditional hub and spoke architectures. Apps like Office 365 and Azure require direct Internet connections to deliver a fast user experience, and organisations are turning to SD-WAN to provide those direct connections in their branch offices,” said Punit Minocha, Zscaler VP of business and corporate development.
“If applications are moving to the cloud, the network that’s designed to bring everything to the data center becomes irrelevant; it’s no good. Network security will become irrelevant, the Internet will become your corporate network and we’ll connect the right user with the right application,” said Jay Chaudhry, chief executive officer, chairman and founder at Zscaler Inc.
“Talari added WAN optimization features to its product and made them available at no extra cost. Also, it partnered with cloud-based security vendor Zscaler Inc. to provide customers with an alternative to on-premises firewalls for internet traffic.”
“I think we are heading in the direction where SSL will become [a de-facto measure taken by attackers], because it provides an additional layer of security for them to cover the C&C communications,” said Deepen Desai, senior director of research for Zscaler.
Deepen Desai, senior director, security research and operations at Zscaler commented: “Hackers are increasingly using SSL to conceal device infections, shroud data exfiltration and hide botnet command and control communications. In fact, our study found that the amount of phishing attempts per day delivered over SSL/TLS has increased 400 percent from 2016.”
“For each branch office and each employee, regardless of whether they are inside or outside of the organisation, security must be consistently applied, updated and delivered in real-time. Otherwise, there is no way to control access to the network or the cloud applications those employees are using,” said Zscaler technical director of EMEA Yogi Chandiramani.
“Crimeware families are increasingly using SSL/TLS,” said Deepen Desai, senior director of security research at Zscaler. Malicious content being delivered over SSL/TLS has more than doubled in the past six months, Zscaler said. The company blocked an average of 8.4 million SSL/TLS-based malicious activities per day in the first half of 2017 for its customers on its Zscaler cloud platform.
The Zscaler integration allows Talari to route its outbound SD-WAN traffic to its security platform. This is where it’s inspected for things like malware and data leakage before being routed to the public Internet. It also allows customers to remove existing, expensive equipment at each location, offloading the work to Zscaler.
“Now, employees are everywhere. The center of gravity has moved from the data center to the cloud. So now, how do you do network security? Network security assumes that you control the network. If you don’t control the network, how do you secure the network? You can’t,” said Zscaler CEO Jay Chaudhry
"The momentum and adoption of the cloud is accelerating more and more. It's hard to find a CIO or CTO that says, 'Cloud-first is not my strategy.' It is becoming something where if a CIO feels like he is not embracing cloud or she is not embracing cloud, then they feel like the laggard,” said Zscaler CEO Jay Chaudhry.
“Hardware vendors like connected fridge manufacturers haven't had to climb the same learning curve as software vendors have over the past decade. As such, despite the fact that devices and appliances now regularly arrive with network connectivity capabilities, few have security controls baked in throughout the development process,” said Zscaler CISO of the EMEA Chris Hodson.
“It was pretty common that the CISO never made his way into the boardroom, and was never asked to go in there. But now it is the norm that the CISO is expected to come in and report on a fairly regular basis. That’s because it’s not the CISO alone that has to be held accountable: it’s the company, and the entire executive staff,” said Zscaler CISO Michael Sutton
What VPNs don't do, however, is keep you from visiting malicious websites in the first place. With eero Plus, instead of VPN, you get access to Zscaler internet security. Zscaler provides enterprise-level security, blocking known malicious sites and preventing you from downloading malware and viruses.
It is not the first time we have heard of Marcher. The banking trojan hid itself in a fake Android app for Super Mario Run. The malicious software was found by Internet security provider Zscaler.
For each branch office and each employee, regardless of whether they are inside or outside of the organisation, security must be consistently applied, updated and delivered in real-time. Otherwise, there is no way to control access to the network or the cloud applications those employees are using.
“In order not to lose the newly gained flexibility through SD-WAN by means of costs and effort for internet security at every location, a cloud-based security solution is available for the sites. A platform solution can take over the complete functionality of a hardware stack as a service from the cloud.”
At present, senior executives are struggling with the need to approve the budget required to enhance the security of their business. It is important for companies to be aware of new trends, otherwise they risk becoming more vulnerable to data theft.
In the red hot cybersecurity category, Jay Chaudhry and Zscaler claim they operate the largest cloud security platform in the world. More than 5,000 organizations depend on Zscaler to process 35 billion transaction each day, detecting an average of 125 million threats.
Mathias Widler from Zscaler is also very positive about the GDPR. In his view, companies benefit from greater data hygiene, which is accompanied by the required processes and safety measures. Widler said, "The legal basis is adapted to the Internet by the GDPR and thus the long overdue balance between privacy and data protection is restored."
Today, Secure Socket Layer (SSL) encryption, a protocol that creates a security channel between two machines communicating over the Internet or an internal network, is applied to more than half the Internet traffic. This method may seem safe but, in reality, It has a disadvantage. Indeed, it is very easy to hide modern cyber attacks in SSL traffic,” said Guyomarc’h.
“Zscaler said its network is well-suited for enterprises deploying SD-WAN technologies because it has more than 100 data centers around the world. That means it can provide security to companies with many locations," said Punit Minocha, VP of business and corporate development at Zscaler.
Many companies have now learned that out-of-the-box architectures do not work with Office 365's cloud applications, according to Punch Minocha, Vice President of Business Development at Zscaler. "In order to realize the full power and flexibility of Office 365, a majority of companies are planning a network transformation away from traditional architecture to secure Internet access for branch offices," said Minocha.
“As the CIO, you should take lead your company’s Office 365 transition not just because it is so widely used, but also because it is a catalyst for understanding how to architect solutions for the consumption of cloud services. You are doing much more than simple app implementation, you are changing the way users work — the way IT works — and preparing your organization for a cloud-centric future,” said Zscaler chief tech evangelist, Larry Biagini
"In order to realize the full power and flexibility of Office 365, a majority of companies are planning a network transformation away from traditional architecture to secure Internet access for branch offices," said Punit Minocha, Vice President of Business Development at Zscaler.
“To take the fight back to WannaCry, organisations must enforce user authentication and access controls before any systems are accessed; users are mobile and their access should be based on who they are, not what network they are on. In addition, firms must continue to ensure advanced threat prevention techniques like sandboxing are in place for all Internet traffic moving forward,” said Zscaler CEO, Jay Chaudhry.
“At present, senior executives are struggling with the need to approve the budget required to enhance the security of their business. It is important for companies to be aware of new trends, otherwise they risk becoming more vulnerable to data theft,” said Zscaler Southern Europe regional director Didier Guyomarc’h.
Today’s cloud applications break traditional hub-and-spoke architectures. Apps like Office 365 and Azure require direct internet connections to deliver a fast user experience, and organizations are turning to SD-WAN to provide those direct connections in their branch offices,” said Punit Minocha, Zscaler’s vice president of business and corporate development. “Zscaler provides the critical missing piece, security, while eliminating the cost and management complexity of appliances.
“We are more and more dependent on our digital tools so we need to protect ourselves. We need a new approach because criminal are using the latest technology to attack,” said Zscaler Regional Sales Engineering Manager, Ivan Rogissart.
After a few sleep cycles, the malware waits for the user to open an app from its targeted list. We found that this variant is capable of targeting over 40 financial apps. When the user opens any of the targeted apps, the malware will quickly overlay a fake login page, which lures the victim into supplying user credentials
A new variant of the Android Marcher malware uses pornographic enticements and new game hype to lure users to download a bogus Adobe Flash player, according to Zscaler researchers who discovered the latest variant.
Uncovered by researchers at Zscaler Threatlabz, this version of the banking trojan is using new lure techniques to spread infections, including adult content and links taking advantage of hype around new mobile games. All of the malware downloads are accessed from third-party sites and not via the official Google Play store.
"We have been seeing regular infection attempts for this Marcher variant in the past month," wrote Zscaler senior security researcher Viral Gandhi. "The frequent changes in the Marcher family indicate that the malware remains an active and prevalent threat to Android devices."
Zscaler's team goes on to state that less than 20 percent of antivirus software was able to detect this new form of Marcher. Its code is highly obfuscated, and that makes it even more dangerous—those who have it may have their credentials harvested without ever realizing it.
“Developers of the Android banking malware Marcher are now disguising the trojan as an Adobe Flash Player update, the cloud security company Zscaler has reported in a Thursday blog post.”
“As hackers get more savvy and look to expand their target market, we are increasingly seeing a shift from consumer ransomware to corporate malware targeting entire tech-heavy institutions like universities and colleges, all of which hold personal identifiable information in bulk. The outbreak at UCL highlight the sizeable risk of malware spreading within an education environment,” said Zscaler CISO, EMEA, Chris Hodson
“One year after the GDPR came into effect, 52 percent of respondents believed that the deadlines would not be met and almost a third envisioned starting their compliance project only in 2018, a survey published by the CXP and sponsored by Zscaler, a cloud security specialist, revealed.”
Office 365 transforms the world's most popular business software suite into a cloud-based service with new powerful capabilities and productivity enhancements that will benefit more and more businesses. However, after the first implementation, many organizations find that users have negative experiences with network performance and thus do not profit from the hoped-for productivity gains.
The Zscaler ThreatLabZ team warns against a malvertising campaign that is currently active in the US and Europe with an Android app, which automatically uploads itself to a system via forums, such as "GodLikeProductions", and requests admin rights as well Connection to a Command & Control server.
An Android malware detected on a popular forum is forcibly downloading on users' devices, which later installs a second app that intrudes further and is difficult to remove. Security researchers from Zscaler say the malvertising campaign seems to be affecting malicious ads delivered on the GodLike Productions forum, a site that ranks in Alexa's Top 11K most popular websites on the Internet.
Zscaler said that the way around this would normally be to uninstall apps by removing admin privileges via settings. However, the app uses the unconventional method of registering as an Android receiver to preserve its admin privileges.
This information comes from the Zscaler ThreatLabZ team, a San Jose, California-based security firm. Zscaler discovered the issue by scouring the Godlike Productions forums, a hotbed of UFO and conspiracy theory activity. For once, the tinfoil-hatted commenters had it right; someone really WAS out to get them, and that someone was a cybercriminal.
This information comes from the Zscaler ThreatLabZ team, a San Jose, California-based security firm. Zscaler discovered the issue by scouring the Godlike Productions forums, a hotbed of UFO and conspiracy theory activity. For once, the tinfoil-hatted commenters had it right; someone really WAS out to get them, and that someone was a cybercriminal.
Zscaler has identified over 300 instances of malicious APKs from this campaign affecting users in US and UK over the last two weeks, including an attack on a conspiracy forum called ‘GodLikeProductions.’
“Achieving a greater level of data hygiene is crucial for companies to meet the requirements of GDPR. By addressing the lack of consistency in data handling across the business, organisations have the chance to protect themselves while regaining the trust of those they need the most: customers,” said Zscaler senior sales engineering manager, Andy Kennedy.
The Zscaler study indicates that one third of companies have already set up direct connections to the Internet from their different locations. Several major providers offer direct links to public cloud data centers, eliminating intermediate steps. 70% of companies surveyed by Zscaler plan to use this type of connection to the Cloud.
A new piece of research from cloud security provider Zscaler looks at the issues with deploying Office 365 in large organisations – and found that companies still suffered from latency despite upgrading their firewalls.
The reason why legacy architecture is no good, Zscaler explained, is because it sends traffic through a centralised security gateway that slows down the software. Almost two thirds of businesses have upgraded their firewall to address issues, but it's not enough to stop latency challenges after deploying Office 365.
“Through their own experiences, organisations are finding out that they simply cannot run a cloud application of the magnitude of Office 365 on legacy architecture," said Punit Minocha, vice president of business development for Zscaler.
Zscaler recommends that enterprises architect their network to allow direct access to the Microsoft cloud from branch offices. Only 33 percent of respondents had done so prior to deployment, but 70 percent are considering implementing direct internet connections, as well as traffic shaping and intelligent bandwidth allocation post-deployment.
The survey from cloud security company Zscaler finds that majority of respondents (64 percent) are concerned about the impact Office 365 has on their bandwidth and latency.
“To fully leverage the power of Office 365, a majority of organizations are looking to transform their networks from traditional hub-and-spoke implementations to ones that securely access the internet directly from branch offices," said Punit Minocha, Zscaler’s vice president of business development.
Zscaler recommends that enterprises architect their network to allow direct access to the Microsoft cloud from branch offices. Only 33 percent of respondents had done so prior to deployment, but 70 percent are considering implementing direct internet connections, as well as traffic shaping and intelligent bandwidth allocation post-deployment.
Other cybersecurity essentials matter, Mr. Sutton said, especially when it comes to backing up data. "Not just backing it up, but testing the back-ups, so we know if anything happens, we can have quick access to that data," he said.
The spread of the cloud is changing the corporate network. Applications are deployed in the cloud, data is stored in the cloud, and users access these resources from anywhere. For the user, the internal network can no longer be distinguished from the external network in the cloud, also driven by the increasing mobility in the working world.
Companies face a challenge when it comes to including all employee devices in its security plan. They have to offer comprehensive protection against malware and data loss while ensuring compliance with corporate policies for internet use.
"We believe that there is a possibility that these first two variants will combine to produce an attack that will be even more devastating. It could use a combination of standard open ports and protocols such as 80 and 443 which are essential in doing business to initially infect and then move laterally," said Deepen Desai, senior director of security research at Zscaler.
“I actually think ransomware is a relatively easy threat to combat,” said Michael Sutton, chief information security officer of cloud security company Zscaler. “It just reveals how weak security is in many enterprises.”
Visibility into an organisation’s network is paramount for a strong security posture. Whether it be delivering a structured training course to enhancing staffing skills around IoT or upgrading technology, it can be difficult to get an unobstructed view am
In late March, Zscaler experts found an SLocker variant that was capable of avoiding all mobile antivirus apps, which in hindsight, is consistent with Wandera's most recent report.
Two paradigm shifts in IT, however, contribute to a restriction of the important security predictions: agile software development and cloud computing. This means that the main focus on pentesting must move away from the entire system and begin earlier and more flexibly in the development process in order to meet the insurance function again.
Many companies are already overwhelmed with the very first steps towards digitalization. One statement is a surprise to me in this process: the fact that resellers say there is no demand for a solution from the cloud as a cornerstone for the transformation. My thesis is that value-added resellers are often not even created for digital transformation, have concerns or are waiting for customers to actively ask for support in the implementation of cloud projects.
Zscaler's Threatlabz team reports an aggressive phishing campaign that affects Google mail users and Google business users: users received an email with a Google Doc link from one of their known contacts.
The security firm Zscaler saw more than 10,000 hits in two hours to the domains used in the attack. Those aren’t huge numbers, measured against Google’s massive user base. But they’re a plenty-big foothold for attackers, especially given the low level of effort put into making this attack convincing or deceptive.
Michael Sutton, CISO at cloud-based security company Zscaler, praised Netflix for refusing to pay up, suggesting that doing so would only embolden attackers to commit similar acts in the future. ‘It's quite possible that the same attacker has succeeded elsewhere, but we've not heard about it because the ransom was paid,’ said Sutton.
[Zscaler] fits squarely in the architecture and architectures that we are designing for our customers,’ said Gary Fish, founder and CEO of Fishtech.
More than 10,000 instances of malicious JavaScript payloads have been detected in the past two weeks by the Zscaler ThreatLabz team, according to a post on the company blog.
According to researchers at Zscaler, between 1 million to 5 million users had downloaded the application via the U.S.-based Google Play store over the past three years. Zscaler said Google booted the app after being notified of its behavior
The security provider Zscaler has discovered an Android -spyware in the Google Play Store, which apparently remained there for three years undetected. Since 2014, it has been downloaded between one and five million times. The researchers suggest that the app was not detected by antivirus software because they do not as usually receive its commands via SMS or the mobile Internet.
Android spyware SMSVova managed to dupe users into thinking it offered a system update app, but instead secretly operated in the background and revealed victims' real-time geo-location data to attackers, according to researchers at cloud security company Zscaler ThreatLabz.
This incident, which lasted almost three years and may have impacted as many as 5 million devices, is being used to criticize the Google Play store’s lack of policing of dangerous malware. This is far from the first time a case like this has been reported, including another Zscaler spyware discovery from earlier this year.
Zscaler ThreatLabz found that the app claimed to give users access to the latest Android software updates, but in fact was being used to spy on a user’s exact geolocation, which could have been used for any number of malicious reasons.
Google intervened this week, after a report from mobile security firm Zscaler, but by the time Google took it down, between one and five million users had already installed it on their phones.
Android spyware masqueraded as a fake system update on Google Play's Store in an attempt to log unsuspecting users' location data. Zscaler's Shivang Desai answers that question in a blog post.
Discovered by IT security researchers at Zscaler, the SMSVova Android spyware poses as a system update in the Play Store and was downloaded between one million and five million times since it first appeared in 2014.
According to Zscaler, a US-based cybersecurity firm, the spyware was caught posing as an Android security update and had been downloaded between one and five million times since 2014. After responsible disclosure, Google removed the application from its marketplace.
This app made it to [the] Play Store in 2014. Google's app vetting process has improved tremendously over the years, but we are unsure if existing and older apps are vetted on an ongoing basis. This would be a heavy task given the size of these play stores
One of the alerts was from Zscaler, which said it had discovered a spyware tool posing as a system update in Google Play. The malware appears to have been available on the Google app store since at least 2014 and has been downloaded between 1 million and 5 million times, the security vendor said in an alert Wednesday.
Today, even financial services are embracing the cloud. And it's driven by two reasons. Number one, the cost competitiveness and the speed at which the development is happening with cloud applications, so they can get them faster. And two, better technologies are evolving to make sure data can be protected and regulatory requirements can be met.
"The jRAT payload is capable of receiving commands from a C&C server, downloading and executing arbitrary payloads on the victim's machine. It also has the ability to spy on the victim by silently activating the camera and taking pictures," said Sammer Patil, security researcher at Zscaler.
The RIG exploit kit is diminished, but continues to drop various ransomware payloads such as CryptoShield, Cerber and Locky, primarily in the geographic locations of South America, Southeast Asia, and Australia. That’s a shift, according to Zscaler, from targeting Western Europe, North America, and Russia.
Chris Hodson, EMEA CISO at Zscaler, is more positive about whether it can be achieved technically. “In a word, yes,” he told SC Media. “Though encryption remains only part of the security puzzle. Front loading the internet with the ‘silver bullet' of encryption only serves to protect information in transit between two parties and does not maintain security hygiene overall.
The Internet is the new network, connecting users to applications; and companies need to shift from the notion of protecting the network to policy based controls; together with VeloCloud we combine advanced cloud-based security with the exceptional performance, quality and reliability of VeloCloud Cloud-Delivered SD-WAN to bring agility to the branch, simplify networking and security, and reduce costs, comments Zscaler’s VP of business development, Punit Minocha.
Recent leaks, intelligence reports and the world’s response to them have set a new precedent. Cyberattacks are no longer just for the sake of siphoning data or extortion, but for discrediting their targets, be they large entities or individuals.
“The malware author will usually target popular apps, especially the ones that do not leverage strong anti-tamper techniques” that check if an app has been tampered by a third party and stops it from working if modifications are detected,” said Deepen Desai, senior director of security research at Zscaler
“Mr Hodson pointed out that often businesses don't compare like with like when assessing cloud costs. A cloud deployment might be more expensive than the existing system but the real comparison should be with the cost of bringing the existing system up to the required current standard. In such instances, he said, the cloud is usually cheaper.”
“Zscaler has discovered a new Ransomware for Google's mobile operating system Android. The security researchers Gaurav Shinde and Viral Gandhi write in the Zscaler blog that the blackmail software was not recognized by any anti-virus software. However, it is also an example that a ransom payment does not automatically cause the cybercriminals to release an infected Android smartphone.”
“Almost all strings, method names, variable names, and class names are disguised in such a way that it's extremely difficult to understand the code. Most of these methods are invoked using Java reflection technique, which allows the author to evade static analysis detection”
"Considering the stealth tactics designed into this sample, it wouldn't be difficult to imagine the author successfully uploading this ransomware to the Google Play Store," said Gaurav Shinde, Zscaler analyst.
In view of the malware attacks and procedures discovered by the report, organizations are well-disposed to address the threat potential of encrypted data traffic. And also with the technical possibilities and processes through which the data protection is reconciled with the necessary data security. SSL inline scanning and, above all, interception and blocking of harmful data traffic can be prevented by law if companies take appropriate measures.
Chris Hodson, EMEA CISO at Zscaler said, "While some may argue that only half of all Android devices receiving a security update in the past year is nowhere near enough, it’s important to remember that Rome wasn’t built in a day. Cyber security is iterative and 50 per cent shows a dramatic increase compared to previous years. This is likely as a direct result of the prioritisation of security updates from phone carriers and the “over-the-air” update process of Android 7.0, which streamlined the boot-up process."
Zscaler researchers say these [dubious streaming] links are redirecting viewers "to a site that installs a browser hijacker, which prompts users to install toolbars and change the homepage to search.searchliveson[.]com to continue watching the game.”
Alley-OOPS! March Madness fans scouring the web for bracket contests and live game streams may instead find themselves all fouled up by online scams, Zscaler reported in a blog post this week. The cloud-based security company reported a sizable spike in malicious activity related to sporting events between March 4 and 21, with a huge jump on March 18 and 19 – the first weekend of the NCAA Division I Men's Basketball Tournament
One of those secrets included the creation of a dex file that when executed plays a specific YouTube video and generates ad revenue for the video’s author. A .dex file (Dalivk Executables) is a compiled version of Android program. The functionality of downloading and executing .dex files allows these adware apps to execute arbitrary code pushed by C2 server, explained Deepen Desai, senior director of research and operations at Zscaler.
In an analysis of more than 75,000 apps from the Google Play Store, mobile security company Zscaler found that 68 percent of the apps required SMS access permission, 46 percent asked for the phone’s state permission, which allows apps to access the phone’s SIM card information, and 36 percent requested GPS location permission.
What’s more, with a year to go until the GDPR comes into force, it’s a reminder of how far behind some firms are in their preparations. No company will want a breach to come as a surprise as we move into a regulatory minefield with excruciating consequences for non-compliance. Identification needs to be a priority moving forwards, so that dwell time can be reduced and unnecessary harm mitigated. Moving on from that, prevention can be achieved using platforms that meet GDPR requirements and are architected with ‘security and privacy by design
Zscaler, a cloud-based security platform for businesses, created a Value Management Office. The Office helps each client define, quantify, and track their unique business goals associated with Zscaler implementation. Zscaler and their clients hold each other accountable to specific, measurable, time-based results.
Chris Hodson, EMEA CISO at Zscaler told SC Media UK: "Reassuring customers that no financial details were exposed is irrelevant. If users are able to see other customers' bills, then there's a totally feasible scenario where one user could ask for a replacement sim based on the billing details, get a replacement phone and reset passwords for major accounts – including banking. This has real implications for identity fraud.”
Even with simple web browsing, exploit kits represent a significant threat. Infection with Ransomware may result in the user being denied access to his data. However, these infections can be prevented. For example, users should always block scripts and programs from untrusted sources. Also, suspicious advertising ads should not be clicked.
Punit Minocha, Zscaler VP for business development, said: “This joint effort brings together Zscaler’s ability to provide high-performance, cloud-delivered internet security with Barracuda’s experience in the small and midsize market to provide comprehensive security that is easy to deploy at an affordable price.”
Zscaler's Deepen Desai describes how attackers are increasingly hiding their activities within encrypted traffic in the below video, making this kind of inspection important. TLS/SSL inspection also lets administrators examine application, cross-network, cross-cloud, cross-datacenter and IoT communications for threats. If these communications aren't being inspected, then all the other security defenses in place become less effective.
“Now that criminals have the capacity to wreak havoc by hosting malware and injecting code through malvertising, we've reached a tipping point where all traffic must be treated as suspect, with every byte subject to the same scrutiny. There's now no excuse not to prioritise SSL encryption, especially when platforms exist that can scale to meet this demand without adding latency," said Chris Hodson, EMEA CISO at Zscaler.
“Zscaler Inc., a San Jose, Calif., cloud-security company, has appointed Karen Blasing to its board of directors. Besides her role as independent director, Ms. Blasing will chair the board’s audit committee. The move follows the appointment of Remo Canessa as chief financial officer in February.”
“Irrespective of where data resides, businesses cannot outsource responsibility. So, as more third party cloud services are adopted, this management of the supply chain must be considered. Especially as the EU GDPR age promises excruciating fines for those who cannot comply," said Chris Hodson, EMEA CISO at Zscaler
“Security tends to be a very compute-intensive operation,” observes Punit Minocha, Zscaler’s vice president of business development. “Given that our security is done in the cloud, the end customer no longer has to make a trade-off between security and performance.”
“‘Exploit kits still pose a significant threat. There is nothing new about exploit kit authors hiding their activities and frequently changing tactics,’ Deepen Desai, senior director of research and operations at Zscaler said. ‘There is no reason to believe we won’t see a resurgence of exploit kits in the future. The question is when.’”
We have seen new RIG gates and landing pages hosted in South America, Southeast Asia, and Australia. Previously, RIG hosts were mainly limited to Western Europe, North America, and Russia. These new hosts indicate an effort to increase the target demographics and potential victim pool worldwide for RIG-distributed ransomware.
"Zscaler is embracing an innovative approach to help enterprises transform and simplify their network infrastructure and provide fast and secure access to applications, whether they are on the corporate or cloud. As the SaaS landscape has changed dramatically in recent years, companies are struggling with increased network and security complexity and have a strong need for a new security approach, "said Aleksandra Verhoeve, explaining their decision to move to Zscaler.
Microsoft Office 365 has been widely praised for its ability to improve collaboration and productivity. But those benefits are quickly undone by poor performance, which is a major problem for Office 365 users in regional and branch offices. In these environments, traffic is often backhauled to centralised resources over MPLS links before it can go out to the Internet and connect to Office 365. Then the traffic from Office 365 takes the same circuitous route back to the user. It all leads to frustrating latency and high costs.
As companies discover the benefits of the cloud in terms of agility, productivity, and cost, organizations are increasingly embracing cloud applications and infrastructure services. Thus, global spending on the public cloud is expected to total $ 216 billion by 2020. But what about security? The Cloud Rush has highlighted the limitations of existing security systems as threats become increasingly strong.
Zscaler reported that the iSpy keylogger malware gets onto an endpoint when end users open a malicious attachment in a spam or phishing email, from which the main iSpy malware is downloaded onto the system.
We are approaching new problems with the same old solution,” said William Harmer, a senior director at Zscaler, a cloud security company. “We are coming at it from the perimeter, the corporate stack, … in a world that’s become mobile, where the network is irrelevant and the perimeter is porous.
So while the potential of AI for security is exciting – it remains a work in progress and by no means presents an imminent threat to skilled workers or deserves the bad reputation it has gained of late.
Attacks on IT via devices on the Internet of Things (IoT) have reached a new dimension. Similar to "Code Red" and "Nimda" about 15 years ago in the software environment, the hardware industry is now in the thread cross.
“Zscaler had the best booth in terms of allowing attendees to relieve a bit of aggression. Taking a very literal approach to data destruction, Zscaler supplied an arsenal of destruction tools to eviscerate hard drives. With hammer in hand, attendees hacked away, splintering dated data to smithereens.”
Sinha explained how Zscaler is enabling a better security model for cloud-first workloads. “We want to sit between users and the destinations that they go to all across the world,” he said.
“If you want to introduce cloud computing in your company, you need a clear strategy, which also takes account of network infrastructure, remote access and Internet security. Read about how "clouding" succeeds in practice.”
“The main hurdle with “cloudification” is that network infrastructure has to be taken into consideration as well as security to ensure consistent user experience, when accessing cloud-based apps. Teams can’t just strengthen the hardware they’ve already got at a few internet gateways.”
“Businesses need to be careful when selecting a technology supplier. A wrong choice could lead to a false sense of security, more chaos and disastrous consequences,” he warned.
I don’t think enterprise were particularly well prepared for [the cloud]. I think now there’s this rush to move everything into the cloud. But networking teams were ill prepared; it’s crushing their network because they have all this new internet traffic. Security teams are scrambling because now they have to secure data in locations they don’t own and control.
Life was good when your users and your data were inside the network perimeter, but mobility in the cloud happened and your users moved out and your applications moved to the cloud, yet organizations are still building a perimeter around a network where the data no longer sits.
Office 365 is one of the number of apps to lead the confines of the data center to move to the cloud. For those of you who were at Microsoft’s night conference in September, the new recommendation for an optimal deployment was to go direct to the internet. So what they have realized is backhauling all the traffic across a traditional hub spoke architecture and going through some sort of centralized proxy could actually break Office 365.
“I have witnessed Zscaler’s momentum from the outside and I am thrilled to be joining the Zscaler team. Zscaler foresaw the massive growth in cloud services years ago, and I am convinced that Zscaler is unique in its ability to secure this transformation from the corporate data center to the cloud," Canessa said.
Mr. Canessa said Illumio was a “great” company, but he felt Zscaler was a better fit given its momentum. Mr. Canessa’s hiring follows just weeks after the company announced technology industry veteran Charles H. Giancarlo would join its board.
Cloud security startup Zscaler on Friday hired Remo Canessa as chief financial officer, tapping a person who has helped lead two big tech IPOs in the past.
Ransomware has become a profitable business for the bad guys. We’re seeing numerous affiliate schemes where criminals are leasing ransomware infrastructure to other criminals and taking a percentage of the profits. This evidences the same service-based model we see in all industries. With this framework, the barriers to entry are lowered, and more criminals are turning to ransomware.
“All over the world, Zscaler has seen the emergence of demand for cloud security causing a major transformation in IT business security operations from both startups to multiple multi-billion dollar industries - and Australia and New Zealand is no exception,” said Zscaler country manager for A/NZ, Sean Kopelke.
Based on today's data on malware, which is transported to the company via SSL-encrypted data traffic and the resulting threat potential, companies are doing well to expand their security strategy by legally compliant SSL scanning. It is important for the works council to collect and deal with concerns about data protection.
Zscaler: Another security solution gaining traction in our network is Zscaler. It's focus on next-generation firewalls, sandboxing, SSL inspection, and vulnerability management has made it the cloud-based internet security company to watch in our network.
Chris Hodson, EMEA CISO at Zscaler, plays devil's advocate and points out that “decrypting traffic has a significant time, performance and cost impact and in some areas is simply not possible because the necessary cryptographic keys aren't available
Android users must be more vigilant today than ever before and only deploy apps from legitimate Google and Apple application stores. We have identified examples of malware on these sites but a fraction of the likelihood," he told CNBC via email.
"Generally, when you go to business meetings, it's not for political talk," he said. "But I had a few business meetings today and every meeting would start with, 'So, America, you're closing down? You're going to build a wall around yourself?' I'm not sure we're gaining much from this. But we have a lot to lose. Every country out there used to look at America as a role model," he said. "This goes against our fundamental values. Reagan went to Berlin and said, 'Mr. Gorbachev, tear down this wall!' Now we've come full circle."
“Majority of these enterprises are based in Indian metros like Mumbai, Delhi, Bangalore, Chennai but they have branch offices across tier-2 and tier-3 cities,” he says. We have traditionally been in the business around the security controls which is a dire need across all verticals including pharma, ITES, retail, and manufacturing as per him.”
“The spyware in this analysis was portraying itself as the Netflix app. Once installed, it displayed the icon found in the actual Netflix app on Google Play,” Zscaler’s Shivang Desai explained in a blog post. “As soon as the user clicks the spyware’s icon for the first time, nothing seems to happen and the icon disappears from the home screen. This is a common trick played by malware developers, making the user think the app may have been removed. But, behind the scenes, the malware has not been removed; instead it starts preparing its onslaught of attacks.”
"Android apps for Netflix are enormously popular [...] but the apps, with their many millions of users, have captured the attention of the bad actors who are exploiting the popularity of Netflix to spread malware," shared Shivang Desai, a researcher with Zscaler.
Watch out for the fake Netflix app, which could be spying on you — stealing your contacts, uninstalling apps and more. Zscaler came across this fake app, which turned out to be a new variant of SpyNote RAT (Remote Access Trojan). Read more.
“Deepen Desai, Zscaler’s senior director of security research and operations, told Threatpost Tuesday that while researchers haven’t seen this particular RAT variant being spammed in the wild yet, they did see it on one of their threat feeds.”
“There were two interesting sub-classes found inside Main Activity: Receiver and Sender,” the blog said. “Receiver was involved in receiving commands from the Server and the main functionality of Sender was to send all the data collected to the C&C over Wi-Fi.”
“The spyware in this analysis was portraying itself as the Netflix app. Once installed, it displayed the icon found in the actual Netflix app on Google Play,” researchers explained, in an analysis. “As soon as the user clicks the spyware’s icon for the first time, nothing seems to happen and the icon disappears from the home screen. This is a common trick played by malware developers, making the user think the app may have been removed. But, behind the scenes, the malware has not been removed; instead it starts preparing its onslaught of attacks.”
“Security is fundamentally moving away from the box-based approach," Mr. Chaudhry said. "It’s almost like moving from individual power generators in homes to power plants.”
Technical expertise in the protection of critical data and infrastructures must be accompanied by a Chief Information Security Officer (CISO), as well as leadership skills, in order to be responsible for the management strategies. Employee mobility, digital transformation, increasingly intelligent attack scenarios, and legal requirements on data protection must be brought into line with the protection strategy in order to successfully counteract opportunistic attacks as well as industrial pioneering.
“The DroidJack RAT is another example of a growing trend in which malware authors seek to exploit public interest as a way to spread malware. In this case, like others before, the event of a popular game release became an opportunity to trick unsuspecting users into downloading the RAT. As a reminder, it is always a good practice to download apps only from trusted app stores such as Google Play,” Zscaler concludes.
Zscaler researchers also reveal that the RAT is able to extract WhatsApp data from the infected devices. All of the gathered information is stored in a database and is then sent to the command and control (C&C) server.
They include the main sections of their suite -- Skype, Office, Xbox are all accessible -- but they don't have full integration. For example, clicking on Skype will just send you to you Skype and leave you there and clicking Office Trust Center will send you to the help page of the Office Trust Center," Harmer told SearchSecurity via email."While not ideal, this setup is better than nothing as it reminds you that you have different places to deal with privacy for each of the components.
Der Internet-Security-Spezialist Zscaler hat nun in seiner Security Cloud die Gefahrensituation untersucht, die von IoT-Geräten seiner Kunden ausgeht, deren Traffic durch die Zscaler-Cloud läuft. Die zweimonatige Analyse von August bis Oktober verfolgte darüber hinaus das Ziel herauszufinden, ob diese Geräte in die prominenten DDoS-Attacken dieser Monate involviert waren. Die Untersuchung konzentrierte sich vor allem auf die Faktoren Gerätetyp, genutzte Protokolle der Geräte, Lokation der Server mit denen kommuniziert wird und die Häufigkeit der In- und Outbound-Kommunikation.
Zscaler also reports about this modus, knowing that Android users are eagerly waiting for "Super Mario Run," the Trojan malware will attempt to present a fake web page promoting its release. Some details of the malware are cited in their report.
The malware targets all the financial apps on a users’ device. When they use them they are presented with a fake login screen that captures their details. In the Zscaler blog, Ghandi lists the finance apps the malware targets. It includes the Android apps from banks such as Société Générale, BNP Paribas, RBS, NatWest, Halifax, HSBC, TSB and Santander. All data gathered is sent back to a Command and Control (C&C) server where it is harvested and shared.
Due to the constantly evolving nature of the malware, Zscaler researchers have previously dubbed Marcher "the most prevalent threat to the Android devices" and the malware attacks all versions of Google's mobile operating system.
“Once the user's mobile device has been infected, the malware waits for victims to open one of its targeted apps and then presents the fake overlay page asking for banking details. Unsuspecting victims will provide the details that will be harvested and sent out to the malware's command and control (C&C) server" Zscaler says.
Marcher is a sophisticated banking malware strain that targets a wide variety of banking and financial apps and credit cards by presenting fake overlay pages. Once the user's mobile device has been infected, the malware waits for victims to open one of its targeted apps and then presents the fake overlay page asking for banking details. Unsuspecting victims will provide the details that will be harvested and sent out to to the malware's command and control (C&C) server.
“Recently, ThreatlabZ came across a variant of Android Marcher Trojan disguised as the Super Mario Run app in one of our threat feeds,” the firm explained. “This malware scams users by presenting fake finance apps and credit card page in order to harvest banking details.”
“While it may be the CIO’s responsibility to enact the requirements needed to achieve a secure environment, the CSO is ultimately responsible for enabling security," Harmer said. "CSOs must understand the requirements laid out by the CIO and are responsible for providing the most effective, easily integrated and cost-effective security solutions. Separation of CIO and CSO responsibility is fundamental and should be implemented by default.”
“Android Marcher has been around since 2013 and continues to actively target mobile user’s financial information," says Zscaler’s Viral Gandhi. "To avoid being a victim of such malware, it is always a good practice to download apps from trusted app stores such as Google Play. This can be enforced by unchecking the ‘Unknown Sources’ option under the ‘Security’ settings of your device.”