News

2016 | 2015 | 2014 | 2013 | 2012 | 2011 | 2010 | 2009 | 2008
September 23, 2016
“There are the countries who actively fund organised groups. But there is also state-aware hacking where governments know it's going on but, potentially for their own benefit, there is a plausible deniability. However the targets of some of these cases are key. If you look at motive, there was a lot of scandal around Russian doping before the Olympics and then around a month or two later there was a large data breach of the doping association,” says Chris Hodson, from cyber security company Zscaler.
September 23, 2016
Burning questions still need answers, said Chris Hodson, an expert at cybersecurity firm Zscaler which has worked with everyone from the UK's National Health Service (NHS) to the United States Marines. "With no technical details included in Yahoo's report about how the data was exfiltrated, just that it was, it's impossible to assess credibility of the 'state sponsored' claim without this," he said. In this instance, we can only speculate that the 'state sponsored actor' claim was made with a view to placating the general public.
September 23, 2016
“With no technical details included in Yahoo’s report about how the data was exfiltrated, just that it was, it’s impossible to assess credibility of the ‘state sponsored’ claim. Advertisement “It might well be that Yahoo has had support from government departments and that attribution has been possible but equally, ‘state-sponsored’ is often prefixed to ‘actor’ in an effort to suggest sophisticated and surreptitious means of data exfiltration. We simply do not know,” Chris Hodson, EMEA chief information security officer at enterprise security firm Zscaler said
September 23, 2016
“If you look back five years to get into the cybercrime market you had to have a level of technical skill, you had to have the funding for infrastructure components for the likes of ransomware or APT [Advanced Persistent Threats]. Now there are these affiliate schemes – or what I am calling ‘cybercrime as a service’ – where we are seeing that the barrier for entry is no longer what it was way back when. That is causing this proliferation of criminals who are coming to the market,” Chris Hodson, CSIO for EMEA at Zscaler said.
September 21, 2016
In addition to tracking keystrokes, iSpy can steal passwords, take screenshots, monitor webcams and clipboards, said Zscaler researcher Atinderpal Singh in a blog. The malware is delivered through spam email with a malicious JavaScript or document attached.
September 21, 2016
“Overall, we are seeing a rise in malicious activity involving commercial keyloggers, which makes it very easy for a naive user with malicious intent to conduct successful attacks,” said Deepen Desai, director of security research at Zscaler. 
September 20, 2016
"iSpy keylogger contains advanced keylogger functionality to steal information, monitor the target user's system activity via screenshots, and act as a surveillance system for criminals by capturing video through an infected system's webcam,” says Deepen Desai, director of security research at Zscaler.
September 19, 2016
“This extradition ruling could well be setting a new precedent for cyber-crime convictions. The penalties for cyber-crime have historically been disproportionate to in-person crime. However, this verdict could see that change, as cyber-crime is now more frequent and more damaging to nation states and businesses than ever before,” Chris Hodson, CISO EMEA at Zscaler said. 
September 16, 2016
“By its very nature, hacking and online crime is complex and difficult to track, making attribution a tricky area for authorities. Even more so, when it comes to organized, financially-motivated criminal syndicates. The real challenge for courts and nation states is how they catch and prosecute the organized criminal syndicates that consistently cause economic loss and political havoc.”
September 16, 2016
By its very nature, hacking and online crime is complex and difficult to track, making attribution a tricky area for authorities. Even more so, when it comes to organized, financially-motivated criminal syndicates. The real challenge for courts and nation states is how they catch and prosecute the organized criminal syndicates that consistently cause economic loss and political havoc.
September 15, 2016
"Boards are holding CISOs accountable,” Michael Sutton, CISO with cloud-security vendor Zscaler, recently told CSO Australia. “That's a positive thing because the role of the CISO is getting elevated — but not every CISO will survive that transition. The back-office technologist who doesn't know how to deal with the business side, is never going to survive.”
September 14, 2016
“Zscaler is growing, and so is its team, with the announcement that Chris Stephens will now become the company's senior marketing manager for the Asia Pacific region.”
September 13, 2016
“Often the demographics of an individual like [Guccifer] are male, young, highly intelligent. And the fact that they are getting recognition for their success continues to fuel them,” Sutton said.
September 08, 2016
Face à cette pénurie de compétences, les DSI et les chefs d’entreprise doivent externaliser les mécanismes de protection et de sécurité. Alors que les applications quittent les datacenters au profit du Cloud, la meilleure approche consiste à déployer des mesures de sécurité qui fonctionnent également sur le nuage
September 07, 2016
Chris Hodson, EMEA CISO at Zscaler, told SCMagazineUK.com that in the case of Gugi, social engineering is coming via a spam SMS message. "Security professionals have a duty of care to educate users. SMS messages from an unknown number should always be treated with caution," he said.
August 31, 2016
Researchers at Zscaler recently discovered a new spyware campaign that used cybersquatting techniques to host, distribute and command-and-control the AgentTesla keylogger via a domain whose name was strikingly similar to Chesapeake, Virginia-based consulting and services firm Diode Technologies.
August 29, 2016
Wir empfehlen daher einen ganzheitlichen Ansatz, dessen Sicherheitsmodule intelligent zusammenspielen. Wichtig ist, dass alle Daten in Echtzeit korreliert und automatisch auf Schadcode-Muster analysiert werden. Dazu zählen nicht nur die innerhalb des Unternehmensnetzes generierten Daten, sondern auch die mobiler Nutzer, der IoT-Geräte und aller Zweigstellen
August 26, 2016
Zscaler said that it first learned about the keylogger when it landed in a customer’s cloud sandbox and was flagged for review. Upon further analysis, the company learned about the attackers’ cybersquatting tactics that were used to deliver the malware.
August 24, 2016
Seit Anfang August beobachten die Analysten des Threatlabz Teams von Zscaler eine neue Welle an Aktivität des Android Marcher Trojaners - seit 2013 ein alter Bekannter - der nun mit einer neuen Masche auf Bankinformationen argloser Anwender abzielt. Frühere Marcher-Varianten wurden als gefälschte Apps über den Amazon oder Google Play Store verbreitet.
August 21, 2016
Wir erleben viele Infektionsversuche dieser Malware-Familie in unserer Cloud. Diese häufigen Änderungen weisen auf eine aktive Malware-Entwicklung hin, die sich stetig verändert – was es zur häufigsten Bedrohung für Android-Geräte macht.
August 18, 2016
Das haben wir bei bösartigen Android-Applikationspaketen in letzter Zeit öfter beobachtet, dass sie Scareware-Taktiken verwenden und der User per Pop-up einen Hinweis erhält, sein Gerät sei infiziert. Das angebliche Update verspricht dann eine Säuberung des Geräts.
August 17, 2016
A site page serving the malware attempts to scare potential marks by showing that the device is vulnerable to viruses, inviting them to install a "fake" update to prevent future data theft. The tactic represents a change of tack by cybercrooks behind the scam, who previously spread the nasty through Amazon and Google Play store apps, cloud security firm Zscaler reports.
August 17, 2016
With the growing security concerns around mobile malware, this distribution is an attempt to lure users into downloading fake mobile firmware updates to infect their device. There's a bit of irony here too – users think they are downloading an update to protect their device, when in fact it's actually a malicious application designed to cause harm.
August 16, 2016
Manufacturers are looking for hardware components which are affordable and increase profit margins. Cheap, lightweight components in IoT devices often lack the capability to provide fundamental security services, such as encryption, as its hardware simply cannot support it.
August 16, 2016
Zscaler has labelled Marcher "the most prevalent threat to the Android devices" due to the constantly evolving nature of the malware. The best way for Android users to avoid falling victim to Marcher is to only download applications from trusted application stores such as Google Play, and not downloading anything from unknown sources.
August 08, 2016
While it may seem easier to simply blanket ban any live coverage during working hours, this will only leave employees feeling demotivated and encourage them to look for other means of viewing events. In turn, this could result in an increase in absence from the office and leave employees open to social engineering attacks, as their vigilance is lowered as they look for alternative means to stream events.
August 08, 2016
Zscaler was bashing the competition – literally – at Black Hat 2016. The cloud security company had set up a booth where attendees could suit up and take a hammer to security appliances, highlighting its own 100 percent cloud-based internet security solutions.
August 05, 2016
“At previous Games, Zscaler found that 80 percent of Olympic web domains were found to be scams and spams. This is an easy win for cyber-criminals, so I expect Phishing to be ripe again in 2016,” says Chris Hodson, CISO EMEA at Zscaler.
August 04, 2016
[Companies] are getting that advice from law enforcement. They have gone on record saying you are better off paying. The thing is if we did the basics, we wouldn’t be in that situation in the first place.
August 03, 2016
When you look at the way that stuff has been done in the past, companies have always used a VPN and the problem with a VPN is that it includes the letter ‘N’ which is ‘Network’ — it is a Virtual Private Network. Basically I have a client which runs on my machine and that creates a network tunnel and places me as a roaming user on that network. So I might only need to access one application but I have access to the entire network.
August 02, 2016
“En este tipo de eventos, es común también acceder a sitios de venta de boletos falsos u ofertas de boletos gratuitos. Y este tipo de acciones pueden llevarse a cabo desde los equipos de cómputo de la empresa o desde un dispositivo personal que utiliza la red empresarial. Por ello, Zscaler aconseja que las organizaciones se aseguren de identificar los sitios de phishing y detectar scripts en páginas web que podrían ser maliciosas.”
August 01, 2016
“In den vergangenen Jahren hat das Threatlabz Team von Zscaler festgestellt, dass 80 Prozent aller „olympischen“ Webseiten betrügerisch waren oder Spam beinhalteten, wie ap-verlag.de berichtete. Grund genug, dass Unternehmen besonders aufmerksam sein sollten. Die Risiken verbergen sich in Phishing und Malware-Attacken sowie in mobilen Applikationen.”
July 29, 2016
While the business and security implications around the Games should not be taken lightly, many of the tactics cybercriminals will be using to target unsuspecting users are unlikely to be anything new. Defence in depth is of the utmost importance and businesses need to be extra vigilant when it comes to advanced security threats this August.
July 28, 2016
Businesses need to ensure that they are able to identify phishing sites and detect scripts which are running in webpages which could be malicious. Relying on URL filtering and reputation off-site is no longer an appropriate cybersecurity defense framework. Streaming sites should be enabled on a whitelist-only approach.
July 27, 2016
Protection and productivity should be at the forefront for business leaders across the world in the run up to the Games. In the last few years we’ve seen cybercriminals using spam emails and scam websites mirroring legitimate sites to entice users to click on, and download malicious files. This year’s events host similar risks and we should expect similar techniques from those trying to exploit users.
July 26, 2016
Although this threat is targeted toward end users rather than organizations, if it is a corporate issued mobile device then it may cause financial loss to the organization as well,” said Deepen Desai, director of security research at Zscaler.
July 26, 2016
The truth is that although security measures may work, industry professionals can’t set them and forget them — or operate under false assumptions. Only when security professionals become aware of what they don’t know, can they start asking the right questions and implementing the right security controls.
July 25, 2016
CISOs are increasingly worried that cloud computing and data loss go hand-in- hand. This does not have to be the case, but it is all too common. Business stakeholders are demanding the cost and elasticity benefits of cloud, and we need to make sure that a core set of security capabilities exist to support cloud adoption.
July 20, 2016
More warnings about Pokemon Go, this time via Zscaler ThreatlabZ. In a blog post out today, researchers found an Android SMS Trojan disguised as the Pokemon Go app, which once downloaded secretly sends SMS to premium numbers costing the victim money, as well as malware that downloaded an autoclicker onto the phone that opens several pages and clicks on advertisements.
July 20, 2016
“Cloud is not a trend. That’s for sure. It’s here to stay. Companies want to have control over their security but they don’t want to be in the business of managing owning, maintaining boxes,” Sutton said.
July 20, 2016
In speaking with SCMagazine.com, Amit Sinha, CTO and EVP of engineering and cloud operations at Zscaler, said the flaw is a ‘major vulnerability’ affecting all Mac users. ‘Any application that is installed on the Mac App Store has full access’ to the persistent cookies stored unencrypted in Safari's cookie store.
July 19, 2016
“This access could result in a malicious application lifting all the persistent cookies for a given user and accessing sites posing as that user,” Zscaler said. In the case of email, it could result in a malicious application getting access to all your email. Worse, it could gain access to a site that stores more personal and confidential information about you.
July 19, 2016
“As with most attacks, user awareness plays a huge part. The malware in question was not digitally signed. A vigilant user could have picked this up although it is more realistic to expect the organization to block the running of unsigned executables,” Zscaler EMEA CISO, Chris Hodson said.
July 19, 2016
Zscaler discovered a vulnerability in Apple's recent OS X version (El Capitan), which enabled applications that did not have the appropriate privileges to access cookies stored in the Safari browser.
July 18, 2016
Zscaler has found ransomware on the South African Gymnastics Federation and suggests it is a sign of things to come as interest in the Olympics heats up and sports fans search for live streams, tickets and other information. "As we get closer to the event, we expect to see a rise in threats and scams leveraging Olympics topics to target a large number of victims," it said.
July 13, 2016
The biggest problem of typical VPN deployment is opening the entire network for the user - not just to a few required applications. The more the network is increased through a VPN tunnel, the more potential security holes can occur.
July 12, 2016
Security researchers at Zscaler ThreatLabZ reckon the miscreants behind Sundown have accelerated the evolution of what started out as a fairly rudimentary exploit kit since the beginning of 2016. The crooks behind Sundown used stolen code from the rival RIG exploit kit for a short time before subsequently knitting together their own code, security researchers at cloud security firm Zscaler ThreatLabZ report.
July 05, 2016
Michael Sutton opens the feature with an overview of the culture change and the threat landscape’s impact on roles (this follows an interview between Michael and Tony Morbin last month).
July 04, 2016
For me curiosity is one of the more important characteristics to nurture for innovation. In my experience it’s important to encourage that sense of curiosity in each and every team member through the open sharing of new ideas. Nothing is ever a bad idea, it might get shot down quickly if it doesn’t meet the requirements but you can’t encourage innovation without an open flow of ideas.
July 02, 2016
The world of IT security has undergone tremendous transformation, sparked by the consumerisation of the enterprise, the adoption of cloud computing, the ubiquity of mobile and BYOD devices and the evolution of threats, which are more serious today than they have ever been before.
July 01, 2016
Ransomware authors are changing their methods according to their target. It’s no longer the stray individual that is under attack, but corporate PCs, mobile devices and even servers. Why lock and/or pilfer a person’s files worth hundreds when corporate data is infinitely more valuable?
June 30, 2016
Last September Zscaler discovered a nasty piece of Android ransomware in the form of the Adult Player app. That app had to be accessed from non Google sites, and offered pornographic videos. But in reality, when it was opened, it secretly took pictures of the user with the phone’s front-facing camera, before the device was locked and displayed a demand for $500 (£330).
June 29, 2016
Chris Hodson comments on the discovery of a new CCTV botnet. He asserts that IoT botnets are increasing because IoT-enabled devices are everywhere and the security development lifecycle for IoT devices is often expedited or bypassed due to strict deadlines around time to market or the cost of the hardware.
June 29, 2016
A comment by Zscaler about Shadow IT, why it is not a solution to simply block applications and solution approaches.
June 29, 2016
Making a decision between one [managed security service] provider or another is not something that should be left to mainstream IT today. A dedicated security professional is needed to understand, interact, manage and monitor service providers.
June 29, 2016
In the case of CCTV, price-point is also imperative. Manufacturers are looking for hardware components which are affordable and increase profit margins. Cheap, lightweight components in IoT devices often lack the capability to provide fundamental security services, such as encryption, as its hardware simply cannot support it. How many anti-malware products have been released for our IoT devices? Very few, if any.
June 27, 2016
  The lack of technical skills in-house restricts the freedom in which organizations can customize and manage their own security infrastructures. Instead, they have no choice but to look externally for assistance from consultants and managed service providers.
June 23, 2016
Die Verantwortlichen in Unternehmen haben daher die neue Aufgabe, auch Zweigstellen und mobile Mitarbeiter so gut wie möglich abzusichern. Allerdings ist die Einrichtung von Hardware-basierten Firewalls in jedem Branch-Office teuer, steigert die Komplexität und geht meist mit untragbarem Verwaltungsaufwand für die nötigen Upgrades einher.
June 23, 2016
Recently the attack vector is focusing more on the user side. Now the attackers are leveraging Office Documents with social engineering tactics. What will happen is if you open a malicious document that contains an embedded macro, you will see a security warning from Microsoft Office that says this document contains a macro. Basically it’s preventing you from getting infected. What hackers are now doing is they are saying that this content is protecting and if you want to view this content you will have to enable the macros.
June 22, 2016
Le ransomware est une menace qui se propage très rapidement sur les réseaux et sa spécificité est le chiffrement. C’est pourquoi l’analyse et la régulation des certificats SSL doivent faire partie de la stratégie sécuritaire de l’entreprise. Aujourd’hui, 25% du trafic internet utilise le protocole SSL et la plupart des entreprises ont confiance en ce protocole de sécurité et préfèrent allouer leurs ressources à l’analyse du trafic non chiffré. Cela équivaut à fermer sa maison avec une porte blindée mais laisser la fenêtre du salon ouverte.
June 22, 2016
L’app apparaît comme étant celle de la banque Sberbank et demande des privilèges administrateurs une fois installée, comme indiqué ci-dessous : l’équipe Zscaler a tenté d’installer l’application originale Sberbank à partir du Play Store Google, et il est difficile de différencier l’app malveillante de l’originale. Pour respecter notre travail, merci de ne reprendre que l'intro. Pour lire la suite de cet article original direction.
June 21, 2016
Mais les DSI et les RSSI ne doivent pas pour autant interdire les applications cloud dans leur globalité : ils peuvent trouver des moyens empêchant la création de ces failles. Pour rester à la page, les services informatiques doivent passer du dilemme « bloquer ou autoriser » à une approche de type « gérer et surveiller ».
June 17, 2016
Based in San Jose, Calif., Zscaler offers a cloud security solution that preserves the user experience, while boosting web and application security with a cloud-based firewall proxy architecture that acts as a single virtual proxy to the web. This security-as-a-service approach helps drive better web, application, cloud and mobile security for customers. The solution can act as a CASB between users and cloud applications, inspecting traffic for malware and threats, as well as providing secure access capabilities.
June 17, 2016
Die integrierte Security Plattform von Zscaler liefert ganzheitlichen Schutz und beste Performance dank Advanced Threat Protection, Bandbreitenmanagement, Remote Access, Next Generation Firewall und Web Security. Dieser Ansatz geht wesentlich weiter und schützt damit alle User, Branch Offices und die Unternehmenszentrale völlig ohne den Einsatz von Hardware am Perimeter.
June 15, 2016
Symantec may have not made the best call in terms of its choice in Blue Coat. Blue Coat lies in the web gateway security space with several faster-growing, smaller competitors like Zscaler, CipherCloud, Skyhigh and Cloudlock.
June 14, 2016
Scott Robertson, vice-president, Asia Pacific and Japan, Zscaler, has a different view. "While Symantec’s intent to buy Blue Coat validates the need for secure web gateway solutions, it does not align with where the market is going because it is essentially just a consolidation of the old paradigm – legacy appliances and on-premise software. With a distributed mobile workforce moving data and applications to the cloud, neither endpoints nor appliances are enough to keep enterprises secure today. The only viable way forward is a purpose-built cloud security platform to eliminate the need to buy, deploy and manage security appliances.
June 14, 2016
This article describes the increased use of malicious executables, a trend identified by Zscaler’s research team, ThreatLabZ. In addition to the rise in delivering executable payloads, cyber criminals are adding newer anti-VM and anti-analysis techniques to the malicious documents themselves, thereby protecting the end executable payloads from being downloaded and detected by automated analysis systems.
June 13, 2016
Pour la sixième année consécutive, Zscaler, spécialiste de la sécurité sur Internet, est le leader du Magic Quadrant de Gartner dans la catégorie des passerelles web sécurisées (Secure Web Gateways).
June 13, 2016
Für letzteren hat Blue Coat im November 2015 den Spezialanbieter Elastica für 280 Millionen Dollar übernommen. Durch die Integration von dessen Cloud Application Security Broker (CASB) wollte der Spezialist für Unternehmenssicherheit das Portfolio vor allem für Cloud-Szenarien erweitern. Er reagierte damit offensichtlich auf den Druck durch Firmen wie Zscaler, die die Absicherung diverser und komplexer Cloud-Nutzungszenarien besser beherrechen und in den Vordergrund stellen.
June 13, 2016
Zscaler, the leading cloud security provider, announced it has been named Leader by Gartner, Inc. in the 2016 Magic Quadrant for Secure Web Gateways. The report evaluates vendors on their “ability to execute” and “completeness of vision.” This is the sixth consecutive year that Zscaler has been recognised as a Leader amongst security providers.
June 10, 2016
The researchers noticed that a recent wave of malicious Microsoft Word documents were evading automatic analysis by using anti-virtual machine and anti-sandboxing techniques. Securityresearchers tend to use VMs or other types of sandboxes to protect their systems when analyzing files or malware code.
June 10, 2016
Zscaler said that attackers are now making use of macros, which of course are pieces of code embedded inside Microsoft Office documents (usually written in Visual Basic). Microsoft Office disables macros by default, but attackers are now apparently ‘using clever social engineering tactics to lure the user into enabling the macros.
June 09, 2016
Macro malware became almost extinct after Microsoft disabled VBA macros by default in Office applications,’ several years ago, says Deepen Desai, director of research at security vendor Zscaler. However, with modern attacks increasingly targeting end users and endpoint systems, there has been a steady resurgence in the use of macro malware, Desai told Dark Reading.
June 08, 2016
The malware author makes an assumption here that most clean virtual environment snapshots will be taken after a fresh Microsoft Office install with probably one or two document files opened for testing the installation,’” Desai said. “’Alternately, a standard user system with Office applications should have at least 3 or more recently accessed document files
June 02, 2016
This week, security firm Zscaler published a report on Android malware that's disguised as the official Sberbank mobile banking app. […] The app demonstrates one way that hackers have been tricking banking customers into revealing their access credentials, thus allowing attackers to drain their accounts.
June 01, 2016
The arrests were announced the same day researchers at security company Zscaler disclosed their analysis of a malicious Android application posing as the Sberbank mobile app. The malicious app steals credentials and requests extensive privileges on compromised devices. The app is worrisome because it can steal SMS messages and monitor incoming calls, two avenues by which banks send one-time passwords and PINs used as a second authentication factor.
May 31, 2016
Zscaler is a high-growth technology company which is focused on bringing cloud computing to internet security. It protects more than 15 million users at more than 5,000 of the world’s leading enterprises and government organizations worldwide against cyber-attacks and data breaches, while staying fully compliant with corporate and regulatory policies.
May 27, 2016
“What advice would you give to a new CISO standing in front of the board for the first time?” “You have to be able to translate your world into theirs. You’re in a world with technical risk – we had this many incidents and this many computers were infected. You need to translate that into language the board can understand. For example – you had 20 infections on computers. What does that mean to them? But it’s straightforward to translate that. We had this many breaches that caused this much downtime and resulted in this much productivity loss. That’s something the board can understand.”  
May 26, 2016
“Rather than prohibiting applications, CIOs and CISOs must find alternative ways to close the gaps. To keep pace, IT must go from ‘block or allow’ to ‘manage and monitor.’ It’s all too easy for businesses to feel overwhelmed at the new technology coming to the market, or new consumer apps penetrating the workplace.”
May 26, 2016
“In order to offer security as a service ZScaler has built its own cloud hosted in data centres around the world – two are in Australia. As Sutton explains; “You always access everything through the internet…now you go through us to get there. The security challenge is that the security model of old is broken – it looked for bad things.” But, he said that there were gaps in visibility of bad things because of the uptake of public cloud, BYOD and mobile devices.
May 16, 2016
Charles Milton, Director of EMEA channels at Zscaler, flags up a couple of trends that are impacting on the footprint of the company’s cloud security application: “There is obviously increased mobility and cloud apps. From our point-of-view a lot of projects are driven by the adoption of major corporate cloud apps, leading to people transforming networking and the way they do business, and therefore their perception of security – things like Office 365, salesforce.com.
May 10, 2016
Der Internet Security Spezialist Zscaler stellt dem traditionellen VPN-Konzept einen neuen Cloud-basierten Ansatz entgegen: Zscaler Private Access (ZPA). Auf Basis seiner globalen Cloud-Security-Infrastruktur wird eine Remote-Verbindung von einem bestimmten Anwender zu einer spezifischen Applikation möglich, ohne den Zugriff auf das gesamte Netzwerk zu öffnen.
May 09, 2016
In April, security researchers at Zscaler came across malware that targets a specific bank and steals user credentials. This infostealer Trojan seems to be Spanish in origin, and so far has targeted users in the U.S. and Mexico.
May 09, 2016
Cela comporte toutefois des risques… Preuve en est que la société Zscaler, spécialisée dans la sécurité des systèmes informatiques, reporte qu’un nouveau spyware se propage dans les mises à jour d’application Android de ces magasins en se faisant passer pour une nouvelle version de Chrome en version mobile.
May 06, 2016
L’équipe de recherche en sécurité de Zscaler a détecté une activité importante dans le cloud liée à un malware voleur d’information infostealer se déguisant en mise à jour de Google Chrome. Ce malware est capable de récupérer l’historique des appels, les données SMS, l’historique de navigation ainsi que les informations bancaires, pour les envoyer à un serveur C&C. Il est, par ailleurs, à même de détecter les antivirus installés et de les neutraliser pour éviter d’être repéré.
May 06, 2016
Zscaler Private Access ermögliche es durch die zugrunde liegende Zscaler-Cloud-Infrastruktur gleichzeitig auf interne Anwendungen im Netzwerk sowie auf Apps im Cloud-Rechenzentrum des Unternehmens zuzugreifen. Eine solche flexible Zugriffsoption sei bei klassischen VPNs nur über eine kostentreibende Umleitung des Datenverkehrs durch das unternehmenseigene Rechenzentrum möglich. Im Unterschied dazu erlaube Zscaler Private Access dem Anwender einen schnellen und automatisierten Zugriff auf seine intern oder extern gehosteten Anwendungen – der Datenverkehr werde durch die Zscaler Security Cloud gesichert.
May 06, 2016
 new malware strain has been uncovered that steals information through phishing and by imitating bank webpages. According to Zscaler researchers, it tracks for certain URLs—including those for Mexico’s second largest bank, Banamex—in order to intercept the websites and replace them with proxies.
May 06, 2016
Zscaler offers several different products on its platform that are all focused on cloud security. The Cloud Firewall product handles aggregate traffic at over 100 million sessions per second and provides native SSL inspection. One of the strengths of Zscaler's offerings is that it inspects every byte of traffic, so it should be easier to see and control the applications that are in use in the organization.
May 05, 2016
Dans son nouvel article de blog, l’équipe de recherche en sécurité de Zscaler a détecté une activité importante dans le cloud liée à un malware voleur d’information « infostealer » se déguisant en mise à jour de Google Chrome. Ce malware est capable de récupérer l’historique des appels, les données SMS, l’historique de navigation ainsi que les informations bancaires, pour les envoyer à un serveur C&C. Il est, par ailleurs, à même de détecter les antivirus installés et de les neutraliser pour éviter d’être repéré.
May 04, 2016
When this malware is installed, the data that it can potentially steal is transferred to a remote C2 (command & control server). As per the analysis of Zscaler, this malware can also detect and even terminate any antivirus app that is installed on the target computer. In fact, it is so resilient that the victim cannot delete it permanently from the device unless factory resets action is performed.
May 04, 2016
London-based communication service provider BT is plugging access points from security vendor Zscaler into its global network for better application performance over secure Internet connections. Zscaler's access points will act as a series of traffic checkpoints between businesses and the public Internet to identify and block potential threats, according to BT. The new service, Assure Managed Cloud with Zscaler, will provide real-time protection by scanning and filtering all network traffic, including SSL-encrypted sessions, the provider said.
May 03, 2016
A fake malicious Chrome update is being actively pushed onto Android users, saddling them with information-stealing malware that can be uninstalled only by restoring the device to factory settings – and losing data in the process. “Once installed, this infostealer cannot be removed from the phone as the malware does not allow the user to deactivate it’s administrative access. The only option to remove this malware is a factory reset which leads to further data loss,” Zscaler researchers have discovered.
May 03, 2016
Cloud security vendor Zscaler Inc. is hoping to unseat the Virtual Private Network (VPN) in the enterprise world. Traditionally, organizations provide remote access to corporate apps via a VPN in order to protect their networks from remote attacks, but VPNs can be a tricky beast to use. Zscaler’s alternative is something called Zscaler Private Access, a new service that allows organizations to provide access to internal apps and services while ensuring they are secure, without any sign of a VPN. 
May 02, 2016
There's a new piece of nasty Android malware floating around that Android users should be on the lookout for. Masquerading as a update for Google's mobile Chrome browser, the malware is hosted on webpages designed to look like they are official Google or Android landing pages. Originally spotted by the security firm Zscaler, the malware is designed to monitor call logs, browser history, text messages and banking information. Once installed, the malware logs the aforementioned data and sends it all back to a remote command and control server. What's more, Zscaler notes that the malware is capable of checking if a user has any antivirus apps installed, and if so, "terminating them to evade detection."
May 02, 2016
Dès lors, Zscaler se propose de « découpler les applications du réseau physique pour offrir un accès granulaire, par utilisateur, aux applications et services sur le réseau interne, dans le centre de calcul, ou dans un cloud public ». Il s’agit en fait de mettre en place un tunnel, via l’infrastructure Cloud du prestataire de service, entre le poste client et l’actif du système d’information auquel il cherche à accéder, le tout sans connexion directe. Ce tunnel est chiffré et évite, accessoirement, d’exposer ouvertement une adresse IP ou un serveur dédié sur Internet.
May 02, 2016
Zscaler Private Access  ZPA, built on Zscaler’s cloud, delivers per-user application access, for apps in the datacenter, public cloud or both. Unlike VPNs, users are never “on-net,” and can only see authorized apps.
May 02, 2016
Auf eine neue Android-Malware, die Bankdaten und andere private Daten stiehlt, hat jetzt Zscaler hingewiesen. Die Schadsoftware tarnt sich als Update für den Browser Chrome und wird nicht von einer einheitlichen, sondern einer ganzen Reihe unterschiedlicher URLs gehostet, die mit Namensbestandteilen wie “android-update” oder zumindest “goog” einen offiziellen Eindruck erwecken sollen. Sie sind jeweils nur kurz aktiv und werden dann, um eine URL-basierte Erkennung zu verhindern, gewechselt.
April 30, 2016
ZScaler points out that established anti-viruses, such as ESET, Kaspersky and Avast are vulnerable to the attack and stop working as soon as the admin rights are provided to the malicious software. After the malware takes out your anti-virus program, the info-thief starts its work. The fake Chrome will track the full list of calls and texts and forward the list to a command-and-control server. 
April 30, 2016
Director of Security Research at Zscaler, Deepen Desai, was interviewed by ZDNet and he said that “The malware may arrive from compromised or malicious websites using scareware tactics or social engineering.” Users are advised to stay away from dubious websites and to no click OK no matter how tempting it is. Desai added that “One common theme we have seen in recent malicious android application packages involves scareware tactics where the user will see a popup indicating that their device is infected with a virus and asks them to update to clean up infection.”
April 29, 2016
Zscaler has been working on the Private Access technology for nearly three years, according to Patrick Foxhoven, CIO and vice president of Emerging Technologies at Zscaler. He added that Private Access is functionally different from a traditional Internet Protocol Security (IPsec) or Secure Sockets Layer VPN (SSL-VPN). "The VPN space hasn't been disrupted in a meaningful way in over a decade," Foxhoven told eWEEK. "We wanted to bring a disruptive cloud-scale approach to the challenge of remote access.”
April 29, 2016
Zscaler researcher Viral Gandhi said in a blog post that the malware's author uses domain squatting on several URLs that mimic those of a Google Android update in order to trick users and spread the Infostealer. He added the fake URLs are very short lived being, regularly replaced with newer ones to serve the malware and effectively evade URL based filtering.
April 29, 2016
Security researchers discovered malware targeting Android devices that disguises as a Google Chrome update package in an attempt to fool users and lower their defenses.
April 29, 2016
Zscaler notes that the malware is powerful enough and can be used to compromise privacy of Android device users and leak critical information like credit card information which, can in turn, lead to cases of financial banking fraud.
April 29, 2016
Android Infostealer was first found by Zscaler inside third-party Android app stores in China, which are notorious for serving up malware disguised as legitimate apps. However, Zscaler found new instances of it in April, disguised as an update to the browser Google Chrome. Several rogue URLs were offering a download file titled Update_chrome.apk. When the user installs the APK, it prompts for administrative access. Worryingly, the malware payload is capable of checking for installed security applications and terminating them. Zscaler saw hard coded checks for antivirus applications like Kaspersky, ESET, Avast and Dr. Web.
April 29, 2016
“We are seeing many new URLs dropping this malware actively in the wild. Such infection of the victim’s device leads to critical information leakage like credit card details, SMS and call logs – which can further lead to financial banking fraud,” Zscaler said. “Once installed, this Infostealer cannot be removed from the phone as the malware does not allow the user to deactivate its administrative access. The only option to remove this malware is a factory reset, which leads to further data loss.”
April 29, 2016
According to Zscaler’s Director of Security Research Deepen Desai, Update_chrome.apk is spreading via “compromised or malicious websites using scareware tactics or social engineering.” Desai told ZDNet that the firm has seen Android malware use “scareware tactics where the user will see a popup indicating that their device is infected with a virus and asks them to update to clean up infection."
April 29, 2016
The research team at technology company Zscaler has unearthed new Android Infostealer malware which is capable of harvesting call logs, SMS data, browser history and banking information and sending them to a remote command and control server. What’s more, the firm says the malware, which disguises itself as a Google Chrome update, also has the ability to go unseen by checking for well-known installed anti-virus applications such as Kaspersky, ESET and Avast and terminating them.
April 29, 2016
Criminals continue devoting attention to mobile malware. Zscaler finds information stealing Android malware circulating in the wild posing as a Chrome update.
April 29, 2016
BT annonce aujourd’hui la connexion directe de son réseau mondial aux points d’accès Zscaler afin de permettre à ses clients de bénéficier d’une plus faible latence et d’optimiser à la fois les performances des applications et celles des interconnexions Internet sécurisées. Cette amélioration des interconnexions réduit la nécessité de déplacer le trafic sur de grandes distances pour accéder aux points d’accès sécurisés de Zscaler.
April 29, 2016
BT has directly connected Zscaler access points to the company’s global network so that BT customers can benefit from lower latency and better performing applications. The improved interconnectivity reduces the need to move traffic over great distances to access Zscaler nodes for secure internet access.
April 29, 2016
Director of Security Research at Zscaler, Deepen Desai, told ZDNet, “The malware may arrive from compromised or malicious websites using scareware tactics or social engineering.” An easy way to avoid that trouble is to stay away from questionable websites in the first place, and think twice about clicking “Ok.” He said, “One common theme we have seen in recent malicious android application packages involves scareware tactics where the user will see a popup indicating that their device is infected with a virus and asks them to update to clean up infection.” Syndicated in Yahoo Tech 
April 29, 2016
It’s been hiding, say researchers at Zscaler, in multiple domains similar to Google update paths. Each URL stays online only for a shot time, to be replaced by a new one regularly to avoid detection.
April 29, 2016
Zscaler is warning Android users about a fake Google Chrome update that installs malware onto their devices. The malware steals information including browser data, banking details, call logs and SMS data which is then sent to a remote server.
April 28, 2016
Die Remote-Verbindung eines Anwenders zu einer Applikation erfolge dabei aufgrund granularer Richtlinien, die durch den Cloud-basierten Ansatz über eine zentrale Administrationsoberfläche leicht einzurichten und zu verwalten seien. Zscaler Private Access komme damit ohne jegliche Hardware wie VPN-Konzentratoren oder Load Balancer aus und gehe deshalb mit geringem Administrations- und Implementierungsaufwand einher.
April 28, 2016
“The service is also designed to replace the need for stacks of security gear at individual data centers, to protect traffic going between data centers, as often exists today. ‘If enterprises are looking at moving some of their applications out to an AWS or Google Compute or Azure, they have to extend their network out to those public clouds in order to provide connectivity,’ Wessels says. ‘They want to embrace the agility of the cloud and put their private applications there. But they are having to use old legacy network plumbing tools to be able to extend that connectivity.’”
April 27, 2016
“The VPN hasn’t changed in 20 years,” says Zscaler’s engineering sales director Mark Ryan as he sets out the case for something called Private Access, his firm’s reinvention of the VPN in a form it believes is more suitable for a world of remote access to cloud applications. 
April 27, 2016
Zscaler, spécialiste de la sécurité internet, annonce sous l’appellation Zscaler Private Access, un nouveau service grâce auquel les entreprises peuvent autoriser l’accès à leurs applications et services internes sans compromettre la sécurité de leur réseau.
April 27, 2016
Der Anbieter erweitert damit seine cloud-basierenden Security-Dienste. Statt wie diese Geräte mit dem Netzwerk zu verbinden, sorgt Zscaler Private Access für den Zugriff von Personen auf Applikationen. So soll Komplexität reduziert und Sicherheit erhöht werden.
April 26, 2016
Intended as an alternative to traditional VPNs that are difficult to set up and maintain, Zscaler Private Access routes traffic via secure tunnels through a global network of data centers based on which of those data centers will provide the lowest network latency, says Denzil Wessels, senior director of product management for emerging technologies at Zscaler. As part of that process, a Zscaler policy engine ensures that the traffic moving through those tunnels is limited to the applications that any given user has permission to access.
April 26, 2016
Cloud security provider Zscaler today announced the introduction of Zscaler Private Access, a new service that enables organizations to provide access to internal applications and services while ensuring the security of their networks.
April 26, 2016
Zscaler stellt den Clouddienst 'Zscaler Private Access' vor. Dieser ermöglicht es Firmen, Mitarbeitern und Zulieferern granularen und gezielten Zugriff auf einzelne Applikationen und Services zu gewähren, ohne die Sicherheit der Unternehmensdaten zu gefährden. Dabei spielt es keine Rolle, ob die Anwendungen lokal oder in der Cloud laufen.
April 26, 2016
“An additional benefit of ZPA is that it allows companies to transition off of an existing VPN infrastructure without breaking access. Applications can be moved one at a time into the Zscaler Private Access platform without modifying the existing network. As each application is removed, a smaller, simpler VPN is left behind.”
April 26, 2016
‘Zscaler Private Access extends Zscaler’s security capabilities across the entire spectrum of enterprise traffic, including all web traffic and all private application access, for all ports and protocols,’ said Jay Chaudhry, CEO of Zscaler. ‘We’ve used our cloud security infrastructure to significantly advance the state-of-the-art in security and access to a company’s private applications.’
April 26, 2016
Denzil Wessels, senior director of product management for emerging technologies at Zscaler, said that one of the big use cases was third-parties and independent contractors who need access to apps. With a traditional VPN, their access was only as good as the rules that were defined for them. But, ZPA offers per-application access by user, which means they'll only be able to access the apps they need.”
April 26, 2016
Zscaler Private Access takes a new approach by decoupling applications from the physical network to deliver granular, per-user access to apps and services running on the internal corporate network, in a data center or in a public cloud. The service is based on Zscaler’s existing global cloud, so there is no requirement for additional hardware or forklift upgrades of existing hardware. Customers are already using this technology in the wild, and they seem pretty happy: MAN Diesel & Turbo ‘is always looking for the state of the art in security technology and have been searching for an alternative to our global VPN solution,’ said Tony Fergusson, IT Infrastructure Architect for MAN Diesel & Turbo. ‘In general, legacy VPN technology is extremely complex, doesn't scale well and, most importantly, lacks application-centric security. Traditional VPNs extend the network perimeter to any user that connects, which is a security risk. Zscaler Private Access allows me to give users access to a single application and not to my entire network. This granular application control is also perfect for the growing demand of contractors and partner access.’”
April 25, 2016
Denzil Wessels, senior director of product management for emerging technologies at Zscaler, said that one of the big use cases was third-parties and independent contractors who need access to apps. With a traditional VPN, their access was only as good as the rules that were defined for them. But, ZPA offers per-application access by user, which means they'll only be able to access the apps they need.
April 22, 2016
But several other cyber security companies have put their IPOs on hold for months already. They include Bit 9 + Carbon Black, Veracode and Zscaler, according to venture capitalists.
April 21, 2016
Businesses need to employ sandboxing technology and dynamic data analysis in order to counter-act aggressive corporate ransomware attempts. In the coming months, we will continue to see ransomware become increasingly corporate focused, and as it does, enterprises won’t get away with paying consumer prices. Hackers will narrow their attacks to target enterprise servers and in doing so, will demand much, much more. The criminals behind ransomware campaigns are savvy and now that they’re realising that they can lock up enterprise source code and important financial documents, they know they’re in for a big payday.
April 21, 2016
We use a program called Zscaler as our filtering system. It will work at home as well as it does at school, but it is not 100 percent. It only catches what someone has identified as a problem, so we try to teach our students and teachers safe searching.
April 19, 2016
We’ve added four contributing members since then. The contributing members are Reversing Labs, Barracuda, Zscaler and Eleven Paths. We sort of put a cap on it last year while we got our act together. We had to learn how to trust each other and we had to build some infrastructure to allow efficient sharing.
April 19, 2016
Wanting to allow mobile workers to work remotely, another commercial company, Zscaler, noting the move to cloud services in Web 2.0, decided to introduce a cloud-based security service; company CISO Michael Sutton explained that although “SSL by default is great for privacy, it is terrible for the enterprise.”
April 19, 2016
Skyhigh a d’ores et déjà établi un partenariat avec Bay Dynamics, Bitsight, Centrify, Checkpoint, Cisco, Cyphort, Exabeam, Gemalto, HPE, IBM, Ionique, Juniper Networks, Logrhythm, Microsoft, Mobileiron, Okta, Onelogin, Ping Identity, Titus, Vera, VMware, et Zscaler. 
April 16, 2016
"Besides being able to quickly pivot their network infrastructure and delivery techniques, and being able to generate randomized payloads to avoid signature-based blocks, they also use tactics like code-signing certificates to give their installers an extra air of legitimacy," Desai said. "We were able to identify them with the Zscaler Behavioral Analysis Engine, which allowed us to evaluate the threats on the basis of what they will actually do on a user's machine versus how they're coded."
April 15, 2016
Zscaler, San Jose, Calif., Cloud Security Platform
April 15, 2016
In September, Google invested in Zscaler, an Internet security company, in a $25 million continuation of its Series D round. In total in that round Zscaler raised $110 million.
April 14, 2016
Skyhigh a d’ores et déjà établi un partenariat avec Bay Dynamics, Bitsight, Centrify, Checkpoint, Cisco, Cyphort, Exabeam, Gemalto, HPE, IBM, Ionique, Juniper Networks, Logrhythm, Microsoft, Mobileiron, Okta, Onelogin, Ping Identity, Titus, Vera, VMware, et Zscaler. 
April 13, 2016
The tech hub's venture capitalists were investing so much money in startups worth at least a billion dollars that a baby one-horned horse was born every four days. They often had cute, if difficult to interpret, names, like Twilio, Sprinklr and Zscaler.
April 12, 2016
Locky ist eine der aktivsten und lukrativsten Malware-Varianten, die in den letzten drei Jahren ihre Kreise gezogen hat. Die Ransomware folgt dem bereits bekannten Modell der asymmetrischen Verschlüsselung, um die Dokumente des Nutzers zu sperren und Lösegeld für die Entschlüsselung zu erpressen. Es ließ sich darüber hinaus eine Überschneidung zwischen den URLs feststellen, die zur Auslieferung der Locky- und Dridex-Payloads benutzt wurden.
April 07, 2016
According to Microsoft Technet's official site, this service can support firewalls and proxies like Blue Coat, Cisco, Fortigate, Zscaler, Palo Alto, Check Point, McAfee Secure Web Gateway, and many more.
April 07, 2016
Details regarding the actual attack and what government systems were infected is scant. Government officials said it knew the initial attack occurred in 2011, but are unaware of who specifically is behind the attacks. “Given the nature of malware payload involved and the duration of this compromise being unnoticed – the scope of lateral movement inside the compromised network is very high possibly exposing all the critical systems,” Deepen said. 
April 07, 2016
Zscaler’s route to market has been through large service providers. It has relationships with companies such as Verizon, BT, Orange Business Services, AT&T, along with many other regional service provider relationships and value-added, nimble resellers who are delivering mobility and digital solutions to the enterprise market, [Scott Robertson] said. In Australia, it has relationships with companies like Telstra, Optus and The Missing Link.
April 07, 2016
These currently include devices from Blue, Cisco, Zscaler, Fortigate, Palo Alto, McAfee, Check Point, Squid, Juniper, Sophos, Websense, and Microsoft.
April 07, 2016
Training starts with feeding it firewall and proxy system logs from vendors like Blue Coat, Cisco, Zscaler, Palo Alto, Juniper Networks and others
April 06, 2016
Supported devices include firewalls and proxies from most major vendors, among them Blue Coat, Cisco, Zscaler, Fortigate, Palo Alto, Check Point, Websense, Juniper, and Microsoft’s own Forefront Threat Management Gateway.
April 04, 2016
Zscaler       Logiciel       1       0,138       Juillet 2015       Etats-Unis
March 24, 2016
Making that jump, however, drove Somerville/ISNet to reconsider how its SECaaS services – which bundle commercial antivirus, intrusion prevention, VPN and other security tools from the likes of Cisco Systems, McAfee, IronPort Systems, Zscaler, and Check Point Security Systems – could keep up with surging demand.
March 23, 2016
In both attacks, cyber criminals used the same ransomware known as Locky, which arrives via email attachments and encrypts all the data on an infected system and deletes the originals. Security firm Zscaler says it has blocked around 75 unique and new payloads from this ransomware family in the past month alone.
March 23, 2016
Zscaler warned that the Locky ransomware family is still going strong and that it has blocked 75 unique and new payloads that was targeting its customers. They warned that the ransomware authors have migrated from infecting Microsoft Word documents to now delivering the malicious content through zip attachment files in spam emails. 
March 23, 2016
Elsewhere in the security world, Zscaler has discovered new instances of the Locky ransomware that was used to target the Hollywood Hospital last month.
March 23, 2016
On the list of 174 unicorns compiled by Fortune, SMB software companies are few in number: Stripe, Zenefits, DocuSign, CloudFlare, Zscaler and Powa are among them.
March 23, 2016
The campaign sends users a .zip archive that contains malicious JavaScript that downloads and executes the Locky payload, according to researchers at Zscaler who also witnessed a surge of infections over the last three weeks and published their findings Tuesday. According to Deepen Desai and Dhanalakshmi PK, the researchers who penned the blog post, the ransomware has evolved into one of the most active and lucrative malware strains they’ve seen in the past three years.
March 22, 2016
Zscaler delivers a safe and productive Internet experience for every user, from any device and from any location – 100% in the cloud. With its multi-tenant, distributed cloud security platform, Zscaler effectively moves security into the Internet backbone, operating in more than 100 data centers around the world.
March 21, 2016
Zscaler head of security research Deepen Desai said now that BinDiff is free, it will help application security and malware coverage. “The graphical view provided by BinDiff makes it easier to spot the similarities as well as differences in the disassembled code. This tool can be used for identifying new vulnerabilities as well verifying vulnerability fixes by comparing the vendor patches with the original file,” Desai said. 
March 21, 2016
The current valuation of Zscaler is $1 billion, which was founded in 2007 by Jay Chaudhry. The startup provides automated threat forensics and dynamic malware protection against advanced cyber threats, such as advanced persistent threats and spear phishing for more than 6,000 corporate, government and military organizations and more than 15 million paying users.
March 21, 2016
TPG Growth, the middle market growth equity platform of TPG, has partnered with companies such as Airbnb, Domo, Uber and Zscaler and recently led the incubation and launch of STX Entertainment.
March 18, 2016
Die neue Einheit Telekom Security, die vom 1. Januar 2017 an offiziell als eigener Geschäftsbereich starten soll, wird den Angaben zufolge die Sicherheitsbereiche aus verschiedenen Konzerneinheiten bündeln. Das Ziel: die Schlagkraft des Bonner Konzerns am Markt für Cybersecurity erhöhen. Dabei geht man auch neue Wege - zum Beispiel mit der Sicherheitslösung „Internet Protect Pro“ in Kooperation mit dem amerikanischen Hersteller Zscaler. 
March 18, 2016
Zscaler has uncovered new instances of the Android Marcher Trojan being hidden as a flash player for watching pornography on Android devices – by prompting users to update their flash player through the Google Play Store an deceiving users into filling in their payment details, the proprietors are exploiting goodness knows how many hapless porn-watchers.
March 18, 2016
Internet Protect Pro is a cloud-based firewall based on software from Zscaler. For its German customers, Deutsche Telekom will run it in its own data centers in Biere, Germany, ensuring that their data doesn't leave the country.
March 17, 2016
Zscaler is quickly becoming one of the most popular cloud security vendors around. The company's Zscaler platform uses a SaaS model to protect organizations from threats coming to or from the Internet, as well as public and hybrid clouds.
March 15, 2016
Zscaler delivers a safe and productive Internet experience for every user, from any device and from any location – 100% in the cloud. With its multi-tenant, distributed cloud security platform, Zscaler effectively moves security into the Internet backbone, operating in more than 100 data centers around the world.
March 14, 2016
Researchers said they captured over 50 unique payloads from this campaign serving a fake adobe flash player for watching porn. The goal of the malware is to steal the user's financial information from a phishing page designed to mimic the Google Play store payment page that supposedly needs to be filled out before a victim can access the “content,” researchers said.  
March 14, 2016
Security firm Zscaler is warning about a new variant of the Android Marcher Trojan that is using Adobe Flash and adult content sites as a way to trick users into becoming infected and giving up financial information. Many different vulnerabilities show up in Adobe Flash—in fact, Adobe just released fixes to address 23 of the latest security flaws this week. 
March 11, 2016
Any action that leads to the opening of Google Play store app will trigger the fake payment screen to appear, it said. “This is a new tactic for Marcher where the malware authors are pushing a redirect link to the official Google Play store and the X-Video app,” Zscaler told Threatpost. Researchers theorize the redirect is likely to force the Google Play store app to launch. 
March 11, 2016
Rather, the Android Marcher Trojan uses a fake version of an Adobe Flash Player installer to infect users. "The majority of the Marcher Trojan downloads that we are blocking in the cloud are from porn sites," Deepen Desai, head of security research at Zscaler, told eWEEK. This appears to be a popular social engineering tactic where the user is prompted to install the Flash Player update to view the porn video and the attack cycle can start with an email or SMS."
March 08, 2016
The tricky balance between back doors and encryption: Zscaler's Jay Chaudhry
March 04, 2016
At the 2016 RSA Conference, CSO's Steve Ragan chats with Zscaler CEO Jay Chaudhry about the Apple/FBI case, and whether there's a way to have encryption backdoors without letting everyone in.
March 02, 2016
The researchers warned that ransomware has now migrated from holding Windows PCs users to ransom onto the Android OS, with several varieties attacking the open source platform in 2015. Last September for example, Zscaler discovered a nasty piece of Android ransomware in the form of the Adult Player app. This app was not available to download from the Android app store but had to be accessed from other sites, and appeared to offer pornographic videos.
March 01, 2016
Zscaler is the only true integrated cloud security platform. It delivers carrier-grade internet security, advanced persistent threat (APT) protection, data loss prevention, SSL decryption, traffic shaping, policy management and threat intelligence – all without the need for on-premise hardware, appliances or software. Zscaler’s cloud-based Next Generation Firewall fills the security whitespace, allowing for better visibility, control and protection for the entire extended enterprise, with a total cost of ownership up to 90 percent lower than hardware-based protections.
February 27, 2016
Larry Biagini, General Electric's former chief tech officer, has ditched retirement to become chief tech evangelist at the Internet traffic-scrubbing startup Zscaler.
February 25, 2016
“It made sense for us to have someone who can evangelize the message,” says Jay Chaudhry, Zscaler’s founder, chief exec, and chairman, on a call with Fortune. “Quite often a (chief information officer) will say, I like what you’re saying but I’m nervous about moving to the cloud. It’s a major change and the whole business depends on it.” Chaudhry says he met Biagini four years ago while courting GE and that the two got along well. Now Biagini has been enlisted to help steer Zscaler’s marketing and product strategy, Chaudhry says.
February 23, 2016
Mobily has introduced information security services in the Kingdom, based upon the “highest international standards.” The company has developed valuable international partnerships to facilitate provision of optimal services. This includes partnerships with organizations such as Zscaler, Arbor and IBM, among others.
February 22, 2016
"What Zscaler does is see who is coming in and going out. If your PC is calling a host in Korea, you cut it off and inform the IT department," Jay says. "In the competitive world of IT security - there is a shouting match, we cover more threats, we're up to speed. It is a race to the bad guys but being in the cloud is very beneficial. We're set apart. Security boxes inspect traffic but they don't inspect everything because it uses more cycles. They say look at the header, they may look at source, they may look at behaviour. But we put our R&D into inspecting every byte that goes in and out. Tracking a phone call is easy but inspecting the content of the conversation is hard. That's what we do. We inspect the content. So my software does it better than any box."
February 19, 2016
MarketsandMarkets says SECaaS will grow from $3.1 billion in 2015 to more than $8.5 billion in 2020. That’s a compound annual growth rate of 22 percent. This is largely due to the increasing bring-your-own device (BYOD) trend among businesses worldwide... MarketsandMarkets names Symantec, McAfee, Cisco, Trend Micro, CipherCloud, Zscaler, Alert Logic, Radware and others as “major vendors.”
February 18, 2016
Evidently, research by Zscaler shows the phony application contains one sinister Trojan that steals SMS. The malware claims itself to be a 'security control' and so tricks victims that they believe it is an application for making AliPay more powerful. AliPay is described as the East's PayPal having zero transaction fees. Worldwide, over 300 traders are AliPay users. The online payment service enables transactions through fourteen prominent foreign currencies.
February 15, 2016
Jay Chaudhry, CEO said: "Is being public a destination? No it is a step in the journey. Many companies go public because they need funds to scale. Many go public because VCs have put in money and they want a return and they need to get their money out. ZScaler doesn't have any of those pressures. Public helps the brand, large firms feel more comfortable doing business with public companies because all the numbers are out there. The employees are shareholders and have easy liquidity. But it is a step."
February 12, 2016
Zscaler researchers discovered an Android malware masquerading as a security feature for AliPay, a Chinese online payment app similar to PayPal with a large customer base and used by 65 financial institutions, including Visa and MasterCard. “The fake app is a malicious SMS stealer Trojan” that appears as "Security Controls" to hoodwink victims, they wrote in a blog post.
February 12, 2016
Selon Julien Sobrier, « l’un des gros problèmes, c’est d’avoir une vue d’ensemble de tous les objets connectés et de l’endroit où ils sont situés dans le réseau ». En effet, les entreprises n’ont pas encore conscience de la multitude d’objets qui peuvent se connecter au réseau comme la photocopieuse, les smart TV, les systèmes de climatisation et autres éléments de domotique ou encore les badges d’accès. Julien Sobrier a pu observer « dans des études, que dans une banque par exemple, le système réseau pour la climatisation était sur le même réseau que les appareils qui s’occupaient des cartes de crédit ».
February 12, 2016
A l’heure de la remise en cause du Safe Harbor, signalons que Skyhigh dispose de trois datacenters situés aux Etats-Unis, en Asie et en Europe (Francfort). Equinix est d’ailleurs la plate-forme retenue par la start-up pour travailler au plus près de se ses clients. Un partenariat a également été noué avec Zscaler pour fournir une solution d’analyse des logs dans les proxys au spécialiste de la sécurité qui travaille notamment avec LVMH et plusieurs banques françaises.
February 12, 2016
ИБ-эксперты компании Zscaler предупредили пользователей Android-устройств о новой угрозе. Вредоносное ПО маскируется под функцию безопасности популярного приложения для осуществления online-платежей AliPay, но на самом деле представляет собой троян для перехвата SMS-сообщений. Пользователи загружают вредонос в полной уверенности, будто скачивают приложение, усиливающее защиту AliPay. Через три секунды после установки трояна его иконка удаляется, однако сама программа никуда не исчезает. Незаметно для жертвы вредонос регистрирует сервисы Android, способные работать в фоновом режиме и выполнять задачи с длительным временем реализации.
February 11, 2016
Standalone SMS-stealing trojans are strange because there's not that much they can do. Zscaler suspects that this trojan may be part of a larger cybercrime campaign, alongside other Android hacking tools. SMS stealers are often used together with other malware families, allowing attackers to intercept two-factor authentication codes and payment verification codes for online banking operations.
February 11, 2016
According to Zscaler research, the fake app is a malicious SMS stealer Trojan. It portrays itself as "security controls," tricking victims into thinking it’s an app enhancing AliPay. AliPay, the PayPal of the East, is a third-party online payment platform with no transaction fees, supporting more than 65 financial institutions including Visa as well as MasterCard. Globally, more than 300 merchants use AliPay. It also supports transactions in 14 major foreign currencies.
February 11, 2016
During an ongoing analysis to protect our customers from the latest mobile threats, we came across an Android malware that disguised itself as a security feature for a famous Chinese online payment app, AliPay.
February 10, 2016
According to Zscaler, the changing IT landscape, brought on by the shift of applications from the data centre to the cloud and the increased access through mobile devices, introduces new threats that go undetected by appliances deployed in the data centre. As a result, enterprises have to rethink their traditional appliance-centric castle-and-moat security architectures while continuing to provide their users with access to cloud applications and services. To combat this, Zscaler’s cloud security platform provides inline threat protection to guard against cyber attacks, prevent data leakage and allow safe enablement of cloud applications by employees, the company says.
February 09, 2016
Zscaler's cloud security platform provides full inline threat protection to guard against cyber attacks, prevent data leakage and enable the safe usage of cloud applications. CloudLock delivers crowdsourced-based application risk scores (CloudLock Community Trust ratings) for more than 101,000 applications, six times as many as any other CASB vendor.
February 09, 2016
In November 2015, the Cyber Threat Alliance (CTA), an organisation counting Symantec, Fortinet, Zscaler, Intel Security and Palo Alto among its members, put the total damage done by CryptoWall 3.0 at a headache-inducing $325 million. Astonishingly, the world barely blinked at the scale of this estimate.
February 08, 2016
There's probably no more embarrassing way to get a phone bricked by ransomware than through an inability to curb certain, ahem, urges while on the go. But that is exactly what's happening according to researchers at Zscaler who have found that certain porn apps on android are actually no more than a masquerade for ransomware. Even worse, some of them are automatically taking unauthorized selfies of users and using those in ransom letters to make sure they pay up.
February 04, 2016
SD-WAN also could serve as a simple interface to zScaler or other cloud-based security services, allowing for local internet breakouts without requiring further investment in on-premise security appliances.
February 03, 2016
С недавних пор злоумышленники возродили интерес к макросам Microsoft Office, активно используемым для распространения банковских троянов, а в последнее время и вредоноса BlackEnergy. По информации исследователей из американской компании zScaler, данную технику применяют операторы трояна Kasidet, также известного как Neutrino. Вредоносные макросы Office распространяются в виде вложений в фишинговые письма. По наблюдениям zScaler, за последние две недели активность вредоносной спам-кампании значительно возросла. Помимо Kasidet, тот же VBA-дроппер загружает банковский троян Dridex.
February 03, 2016
Researchers at Zscaler spotted attackers using macro malware as a vector to spread the Neutrino bot, also known as Kasidet, via spearphishing emails. Over the past two weeks, attackers have been using the same visual basic for applications (VBA) macros found in Microsoft Office that have been leveraged to place Dridex to drop Neutrino as well, according to a Jan. 29 security post. 
February 02, 2016
Zscaler looks to bring the best of cloud computing to the Internet security market. With a per-user subscription model based fully in the cloud, Zscaler acts as a "check post" between an enterprise and the Internet, scanning traffic using its solutions for Internet security, advanced persistent threat protection, data loss prevention, SSL decryption, traffic shaping, policy management and threat intelligence.
February 02, 2016
Today, vendors are emerging with solutions to deliver guaranteed application performance to the modern users and workloads of the hybrid enterprise, by applying the SDN principles to the WAN in the form of so-called SD-WAN solutions. A simple interface to Zscaler or other cloud-based security services enabling local Internet breakouts without requiring further investment in on-premises Internet security appliances.
February 02, 2016
A Chinese government website got hit by a ransomware malady. Initially exposed by Zscaler IT security company in November 2015, this virus campaign put all visitors of cxda.gov.cn web page at risk. Whenever a person visited the compromised website, a malicious script would reroute their traffic to a third-party page hosting the Angler exploit kit. The exploit kit was leveraged to contaminate the users with CryptoWall 3.0 ransom Trojan. Luckily, the infection was shortly removed from the site. This case is unique because it was the first time ransomware distributors took advantage of a government website to infect unsuspecting end users. 
February 02, 2016
"Malicious Office document file is a popular vector for malware authors to deliver their payloads. Dridex authors have leveraged this technique for over a year and it was interesting to see the same campaign and URLs being leveraged to deliver Kasidet payloads," the researchers wrote.
February 02, 2016
The Neutrino bot is getting a new boost of rejuvenation from a retro form of distribution that's been making a huge comeback lately. According to research last week out from Zscaler, Neutrino--also known as Kasidet--has spiked again in the wild with the help of malicious Microsoft Office macros. This latest example of VBA-related malware is another piece of evidence that a once forgotten class of malware has roared back to life in the last 18 months. The delivery of Kasidet backdoors is the continuation of a months-long series of campaigns to drop the Dridex banking malware on victim computers using malicious macros, Zscaler researchers say.
February 01, 2016
“Malicious Office documents are a popular vector for malware authors to deliver their payloads,” said Zscaler researchers, in the analysis. “Dridex authors have leveraged this technique for over a year and it was interesting to see the same campaign and URLs being leveraged to deliver Kasidet payloads. While this does not establish any links between the two malware family authors, it reaffirms the fact that a lot of the underlying infrastructure and delivery mechanisms are often shared by these cyber criminals.”
February 01, 2016
What makes this announcement interesting is that it comes hot on the heels of yet another malware, in this case Kasidet, being exposed by Zscaler and being distributed by macros. The risk is that by claiming white lists are the magic bullet Glasswall, and Sim in particular, are at risk of oversimplifying the security message.
February 01, 2016
There are two techniques used by the malware to steal data. The first is to use memory scraping to take data from PoS systems. This is done by checking any memory space used by a number of system functions. The second approach is to hook to the browser and this is where Kasidet is having good success on users machines. Internet Explorer (all versions), FireFox and Chrome are all susceptible but Zscaler has not said if Microsoft Edge, its latest browser is also affected.
February 01, 2016
It’s well documented that attackers have reignited their love affair with the Office macro, using it as a vector for spreading banking malware and even the BlackEnergy Trojan as of late. According to researchers at the San Jose security company Zscaler, the bot Kasidet, also known as Neutrino, has also adopted this technique. Attackers peddling the bot have stepped it up over the past two weeks, according to a trio of researchers, Abhay Yadav, Avinash Kumar and Nirmal Singh, with the company.
February 01, 2016
Symantec is on trend. The malware company has extended its DLP to email and storage services. Cloud access security brokers such as Zscaler and Netskope have DLP capabilities (Symantec's former CEO, Enrique Salem, is a Netskope board member).
January 29, 2016
As companies embrace local Internet breakouts, they must also strengthen their security environments in the branches themselves. To do so, enterprises typically implement secure Web gateways (SWGs) that analyze specific ports such as HTTP/HTTPS and often use SWGs in combination with advanced threat detection (ATD) to detect the more advanced attacks. Now these capabilities are becoming available as a cloud service. Interfacing with a security-service provider such as Zscaler enables local Internet breakouts without requiring further investment in on-premises Internet security appliances.
January 28, 2016
The investment marks Google Capital’s fourth cybersecurity investment. Earlier ones included in CrowdStrike, Zscaler, and CloudFlare.
January 27, 2016
VMware, Zscaler, Websense and more all joined in to deliver new features and areas of operations to VeloCloud and further drive that impressive new year.
January 27, 2016
Early in the year, VeloCloud added complementary cloud security from Zscaler and Websense (now Forcepoint).
January 25, 2016
Zscaler made a list of the 20 riskiest applications, in terms of actual (attempted) user victimisation and based on data from one of Zscaler’s cloud-based data sets over a period of 180 days from the beginning of 2015. Facebook, Skype and Twitter top the list of sites containing the most malware. Often, users click on or unwittingly download malicious applications without realising they have put themselves and the organisation in danger.
January 22, 2016
Regionalized services can be deployed in private regional network hubs, owned and operated by the enterprise. For companies that would rather outsource this altogether we are seeing the emergence of security-as-a-service offerings such as Zscaler (which has of order 100 regional hubs), or Unified Communications-as-a-Service (UCaaS) offerings from the likes of Orange Business Services, 8X8, HP and others.
January 21, 2016
"Providing security as applications migrate to the cloud is increasingly important," said the financial analyst who asked not to be named. "Zscaler is key to providing cloud-based security today. Many of Cisco's competitors partner with Zscaler, which is an added bonus."
January 21, 2016
Commenting on the investment, Cisco vice president and general manager of the enterprise infrastructure and solutions group said the company "is committed to open networking, and interoperability with the VeloCloud solution will provide our joint customers with additional enhancements for application and cloud services performance." In addition to Cisco, VeloCloud’s vendor partners include BroadSoft, Equinix, Hewlett Packard Enterprise, IIx Console, Intel, VMware, Websense and Zscaler.
January 21, 2016
ForeScout’s latest round of financing vaults the company into the coveted “unicorn” club, a burgeoning pack of venture capital-backed companies with billion-dollar valuations. As part of the late-stage injection, investors have appraised the firm at $1 billion; other “unicorns” in the cybersecurity category include Tanium, Okta, Illumio, Avast, Lookout, and Zscaler.
January 21, 2016
Malvertising, or "malicious advertising," is not a new threat, and just a few weeks into 2016 ThreatLabZ has observed a malvertising campaign injecting iframes into banner advertisements that lead to Angler Exploit Kit. Surprisingly, the Angler operators took some vacation for the New Year, as noted by F-Secure, and have only recently resumed operations, so we were surprised to see a malvertising campaign so soon after their break
January 20, 2016
This year, Juniper formed a wireless partnership with Aerohive Networks in addition to its alliance with Aruba, which was bought by HP. Juniper says it will continue to stay with Aruba. Software-defined WAN specialist Silver Peak inked alliances with a trio of companies at the same time: hyper-converged startup Nutanix, Infoblox and Zscaler. Cisco created partnerships with the likes of giants Apple and Ericsson, while expanding its Microsoft partnership even though it still sees the Redmond, Wash.-based tech giant as a competitor in some areas. The list of technology partnerships formed in 2015 goes on and on.
January 20, 2016
Venture capitalists last year rushed to fund start-ups touting potential solutions to increasingly widespread and sophisticated cyber attacks. Private cyber security companies including Crowdstrike, Illumio and Zscaler raised rounds of $100m, at valuations thought to be above $1bn in 2015. Tanium’s valuation grew from $1.7bn to $3.5bn in six months last year, according to a person familiar with their fundraising.
January 20, 2016
Jeff Reed, vice president and general manager of Cisco's enterprise infrastructure and solutions group, noted in a statement that the company "is committed to open networking, and interoperability with the VeloCloud solution will provide our joint customers with additional enhancements for application and cloud services performance." VeloCloud is growing its vendor partnerships list, which now includes Cisco, BroadSoft, Equinix, Hewlett Packard Enterprise, IIx Console, Intel, VMware, Websense and Zscaler.
January 20, 2016
The natural next step is to look at how organisations can consolidate their existing security functions into one central framework. Results from Forrester support this suggestion. An overwhelming majority (98 per cent) of IT security professionals believe that an integrated security platform would be more effective in delivering a broad range of cyber security capabilities versus point solutions delivered by multiple vendors. In fact, 76 per cent of respondents claimed that the approach would be very effective in comparison.
January 17, 2016
En 2016, les ransomware devraient de plus en plus toucher le monde de l'entreprise et il y a fort à parier que ces dernières devront s'acquitter de sommes nettement plus élevées que les particuliers. En effet, les criminels qui mènent ces campagnes de racket ne sont pas nés de la dernière pluie, et lorsqu'ils se rendent compte qu'ils ont verrouillé un code source et des documents financiers qui n'ont pas été correctement sauvegardés, vous pouvez avoir la certitude que le montant demandé pourra être des plus excessifs.
January 15, 2016
McCormack led Websense when Vista Equity Partners, a private equity firm also based in Austin, took the dot-com bust veteran private in 2013 for about $890 million. Its competitors have included Internet traffic-scrubbing cybersecurity firms such as Zscaler, a billion dollar “unicorn” startup, and Blue Coat, a once-public company acquired last year by Bain Capital for $2.4 billion.
January 14, 2016
However, new findings published by Zscaler's ThreatLabZ revealed that a new malware family is using compromised digital certificates to avoid detection. The way it works is it monitors the activity on an infected PC and conveys that information back to cyber criminals. In order to spread the virus, a phishing campaign is sent around via email. Known as Spymel, the malware is often difficult to spot as it uses legitimate certificates that were issued by DigiCert.
January 14, 2016
Zscaler détecte et publie régulièrement sur son blog des billets concernant les applications malveillantes provenant d’app-stores Android parallèles. Google devra restreindre les autorisations accessibles aux applications non homologuées par le processus de soumission de Google Play. Les applications chargées hors Google Play et qui demandent une autorisation de niveau administrateur devraient prochainement disparaitre. Google va également commencer à imposer des délais acceptables pour les correctifs et les mises à jour de firmware, lesquels sont en grande partie contrôlés par ses partenaires OEM.
January 13, 2016
There Goes The Neighborhood — Bad Actors on GMHOST Alexander Mulgin Serginovic (Zscaler Threat Lab)
January 13, 2016
Die Idee, Sicherheits-Appliances in einem Datencenter zu installieren, um die Mitarbeiter zu schützen, stammt aus den 1990er Jahren – und ist überholt. Statt an einem festen Arbeitsplatz sitzen diese nämlich heute zum Beispiel mit ihren Laptops in Cafés und arbeiten über die Cloud. Herkömmliche Sicherheits-Appliances sind nicht nur Altlasten aus traditionellen Standortkonzepten, sie engen den Geschäftsalltag ein, anstatt ihn zu fördern. Zudem sind sie oft nur für eine einzige Sicherheitsfunktion gebaut. Dadurch sprießen neue Appliances in den Datenzentren nur so aus dem Boden – für jede neue Bedrohung ein neues Gerät. Und jedes einzelne muss gekauft, installiert, gewartet und aktualisiert werden.
January 12, 2016
En 2016, les ransomware devraient de plus en plus toucher le monde de l’entreprise et il y a fort à parier que ces dernières devront s’acquitter de sommes nettement plus élevées que les particuliers. En effet, les criminels qui mènent ces campagnes de racket ne sont pas nés de la dernière pluie, et lorsqu’ils se rendent compte qu’ils ont verrouillé un code source et des documents financiers qui n’ont pas été correctement sauvegardés, vous pouvez avoir la certitude que le montant demandé pourra être des plus excessifs.
January 12, 2016
“Users are all too willing to begrudgingly pay an expensive but not excessive ransom in exchange for the return of their precious data,” Sutton says. “Even the FBI are recommending that it’s easier to pay than fight. The wildly profitable CryptoLocker has attracted many clones since it was largely knocked offline following Operation Tovar.” Many of these clones, including more popular variants such as CryptoWall and TorrentLocker largely followed the proven formula, but we’re starting to see variations such as mobile and Linux focused ransomware. “The latter is especially important as it’s more likely to impact the websites and code repositories of enterprises, who in our experience are also very willing to pay up rather than risk losing critical intellectual property,” says Sutton.
January 12, 2016
“The digital certificate will give a false sense of authenticity to the end user especially when the certificate belongs to a legitimate software vendor,” said Deepen Desai, director of security research at Zscaler. “This approach also helps malware authors in evading detection as it is common for security vendors to bypass advanced heuristic checks for payloads that are signed using legitimate trusted certificates,” he said. Although such techniques have been used in the past to install spyware and adware payloads, it is a relatively new trend when it comes to malware.
January 12, 2016
As Deepen Desai, director of security research at Zscaler explained, “The digital certificate will give a false sense of authenticity to the end user especially when the certificate belongs to a legitimate software vendor. This approach also helps malware authors in evading detection as it is common for security vendors to bypass advanced heuristic checks for payloads that are signed using legitimate trusted certificates,” he said.
January 12, 2016
In August, according to Zscaler security firm, cybercriminals compromised more than 2,600 WordPress websites and deployed malicious iframes on 4,200 distinct pages. The criminals exploited vulnerable versions of WordPress 4.2, and prior, to plant the iframes which were used to redirect users to domains hosting the Neutrino exploit kit. The Neutrino landing page was designed to exploit Flash Player vulnerabilities in order to serve the last variant of the popular ransomware CryptoWall 3.0.
January 12, 2016
Az elmúlt évben két jelentősebb hibát is kiszűrtek a rendszerben. Tavaly augusztusban a Zscaler kutatói figyeltek fel arra, a WordPress egyik biztonsági hibáját kihasználva az ilyen weboldalakon keresztül terjesztették tömegesen a Neutrino exploit kitet. Ez a kiberbűnözők egyik legfelkapottabb exploitja, amelybe nagyon gyorsan belekerül minden új lehetőség, amivel akár a nulladik napi sérülékenységek is kihasználhatók.
January 11, 2016
Zscaler found that the C&C server may send a host of commands to infected machines. These include collecting information about the infected system and the files found on it, as well as deleting, executing or renaming a specified file. A specified file can be uploaded to the C&C and so can a screenshot of the desktop. Enabling or disabling video recording can also be performed.
January 11, 2016
Η Zscaler, ένας πωλητής προϊόντων ασφάλειας στον κυβερνοχώρο με έδρα τις ΗΠΑ, ανακάλυψε ένα νέο trojan, το οποίο εξαπλώνεται μέσω spam e-mail και χρησιμοποιεί ψηφιακά πιστοποιητικά για να μολύνει τους υπολογιστές και να περάσει απαρατήρητο από τα προϊόντα ασφάλειας. Ονομάζεται Spymel και αυτό το trojan φτάνει πρώτα στους υπολογιστές ως ένα συμπιεσμένο αρχείο που επισυνάπτεται σε e-mail.
January 11, 2016
“The infection cycle typically starts with a malicious JavaScript file that arrives in a ZIP archive via email attachment,” explained Zscaler researchers Tarun Dewan and Amandeep Kumar, in an analysis. “Once the user opens the JavaScript file, it will download and install the malware executable on the victim machine.” The malicious JavaScript file, surprisingly, is not obfuscated and easy to read. But the downloaded malware executable is a highly obfuscated .NET binary, which is digitally signed with a certificate issued to “SBO INVEST”.
January 11, 2016
“There are a lot of security vendors who do not perform SSL inspection. You have to do SSL man in the middle inspection,” Zscaler head of security research Deepen Desai told SCMagazine.com. “A lot of these advanced attacks are multi-stage attacks trying to exploit this scenario.” Once executed, the code logs user keystrokes and prevents the user from terminating the malware through system tools like TaskMgr, Procexp, ProcessHacker and Taskkill.
January 10, 2016
Besides using digital certificates to hide from antivirus software, Spymel also has some extra tricks up its sleeve. The trojan comes with a module called ProtectMe, which, when loaded, has the ability to prevent the user from terminating the malware's process via the taskkill shell command and tools like Process Explorer, Task Manager, and Process Hacker. Zscaler researchers say that Spymel's C&C server is located somewhere in Germany, at android.sh (213.136.92.111), on port 1216. This is probably a rented server, and its owner's real location is somewhere else.
January 08, 2016
“The digital certificate will give a false sense of authenticity to the end user especially when the certificate belongs to a legitimate software vendor,” says Deepen Desai, director of security research at Zscaler. “This approach also helps malware authors in evading detection as it is common for security vendors to bypass advanced heuristic checks for payloads that are signed using legitimate trusted certificates,” he said.
January 08, 2016
There’s a wide range of commands that SpyMel supports, basically giving full backdoor control to the remote attacker. They can browse through files, rename files, delete files and send out an update to install on the victim machine. Many banking sites display an interactive keyboard or keypad that can be used to enter credentials or pin code—SpyMel’s video recording feature will allow the attackers to compromise those credentials as well. It’s targeting the Web browsers. This particular malware arrives via spam email and all Windows users are a target. Once a particular system has been compromised, it can lead to more targeted attack since the victim has been identified by the attacker.
January 07, 2016
Deutsche Unternehmen fragen verstärkt nach einer effizienten Lösung für die Sicherheit von Unternehmensdatenverkehr im Internet für alle Mitarbeiter, unabhängig von deren Standort – das berichtet EBF. Genau diesen Bedarf will das Kölner Beratungs- und Softwarehaus jetzt adressieren und hat dafür ein Partnerschaftsabkommen mit dem Security-Anbieter Zscaler unterzeichnet.
January 07, 2016
In late December, security experts at Zscaler ThreatLabZ detected a new infostealer malware family dubbed Spymel that uses stolen certificates to evade detection. “ThreatLabZ came across yet another malware family where the authors are using compromised digital certificates to evade detection. The malware family in this case is the information stealing Trojan Spymel and involved a .NET executable signed with a legitimate DigiCert issued certificate.” states a blog post published by Zscaler.
January 07, 2016
“The malware monitors application like Task Manager, Process Explorer, and Process Hacker. It uses GetForegroundWindow() API to get the handle of active window and changes it's functionality if process is from the above list,” Zscaler researchers explained. Attackers can use the C&C server to send various commands to the malware, including for collecting information about the infected system and the files found on it, deleting, executing or renaming a specified file, uploading a specified file to the C&C, capturing a screenshot of the desktop, and enabling or disabling video recording.
January 07, 2016
With more than 140 million downloads, WordPress is the most popular CMS on the Web, but it’s also the most attacked. It’s not uncommon for malicious actors to exploit vulnerabilities in both WordPress itself and various plugins. In August, security firm Zscaler reported that thousands of WordPress websites had been compromised and abused to redirect visitors to Neutrino exploit kit sites set up to serve malware.
January 07, 2016
ThreatLabZ came across yet another malware family where the authors are using compromised digital certificates to evade detection. The malware family in this case is the information stealing Trojan Spymel and involved a .NET executable signed with a legitimate DigiCert issued certificate.
January 06, 2016
Password reuse attacks will begin to decline, thanks in large part to the smartphone, said Zscaler CISO Michael Sutton. "Smartphones can be many things but they make for a handy, secure, always with you, data repository. As such, people are starting to adopt password managers such as 1Password and LastPass and other user friendly smartphone apps that present a convenient option for always having sensitive data such as passwords within easy reach," he said.
January 04, 2016
American business magnate, Warren Buffet once said, “it takes twenty years to build a reputation and five minutes to ruin it. If you think about that you’ll do things differently.” Hot on the heels of the fallout from the TalkTalk hack, for many organisations and their Chief Information Security Officers (CISOs) in particular, that stark reality rings true. Doing things differently in relation to data security strategy is no longer a project for the wish-list, but a boardroom priority.
January 01, 2016
A quick sort of the cybercorns listed identifies those that deliver value as a cloud service: Okta, Zscaler, CloudFlare and Illumio deliver products and technologies form-factored for the cloud, paid for on a subscription basis, that are easy to adopt, sticky (valuable) and non-intrusive in traditional IT operations.