Abusing Microsoft’s Azure domains to host phishing attacks
Recently, the Zscaler ThreatLabZ team came across various phishing attacks leveraging Microsoft Azure custom domains. These sites are signed with a Microsoft SSL certificate, so they are unlikely to...
View ArticleZenith Live: Empowering Transformation
Last year, we held our first Zenith Live Cloud Summits in Las Vegas and London. In a year full of exciting occurrences and big news, Zenith Live turned out to be one of the true highlights of 2018 for...
View ArticleMachine Learning and Artificial Intelligence in Cybersecurity
This article originally appeared in Forbes. In the last few years, we have witnessed a renaissance in machine learning (ML) and artificial intelligence (AI). AI broadly refers to the ability of...
View ArticleAre you prepared to fend off emerging cyberattacks?
In 2012, then-FBI director Robert Mueller made an alarming comment on the state of cybersecurity. He said: “There are only two types of companies: those that have been hacked, and those that will be.”...
View ArticleFive sessions you won't want to miss at Zenith Live 2019
You know that feeling when you get a message about an extra ticket to the game—but you open the message a day too late? Or when your co-workers go out for happy hour and you stay behind at work only to...
View ArticleThe 3-phased approach to adopting ZTNA technologies
Is the concept of zero trust on its way to becoming the next “big thing?" Well, Gartner says that zero trust network access (ZTNA) is the technology that will make zero trust real and replace the...
View ArticleHow To Prevent Complacency From Putting Enterprise Security At Risk
This article originally appeared on Forbes. If you’re having a bad day, know that things could always be worse: This message could have greeted you when you turned on your computer. One fateful morning...
View ArticleAnother great reason to attend Zenith Live: CPE credits
While we can’t predict the future, we are all trying our best to prepare for what comes next—in our lives and our careers. One strategy for getting prepared to meet the future and succeed in it is...
View ArticleSaefko: A new multi-layered RAT
Recently, the Zscaler ThreatLabZ team came across a new remote-access trojan (RAT) for sale on the dark web. The RAT, called Saefko, is written in .NET and has multiple functionalities. This blog...
View ArticleThe five pillars of secure cloud transformation
This article originally appeared in Forbes. Cloud adoption can change not just the way an enterprise works, but the way its IT leadership manages applications, connectivity and security. Transition...
View ArticleStories from the DLP Front
This article originally appeared in Forbes. Meet Kevin. He works in his company’s research lab. And he’s the most dangerous person in the world. The funny thing is that Kevin doesn’t know it yet —...
View ArticleChanging from network access to application access
This article originally appeared on Compare the Cloud.net The workplace is changing, which is leading many companies down the path of digital transformation. Employees are no longer anchored to their...
View ArticleFour security hurdles with SD-WAN (and how to avoid them)
Software-defined WAN (SD-WAN) has been reshaping the way enterprises construct their networks for the past few years. SD-WAN allows companies to intelligently route their traffic so that internet-bound...
View ArticleThe democratisation of IT is introducing security risks
Several forces have changed the way IT and the CISO think about network security and have also brought about the rise of a new model, identified by Gartner as zero trust network access (ZTNA)....
View ArticleSetting a penalty precedent for PII data breaches
According to a recent Bloomberg story, a federal appeals court in San Francisco denied Facebook’s request to dismiss the case Echavarria v. Facebook Inc., which has been filed against the company for...
View ArticlePut those cloud security objections to rest
Last month I sat down with Tom Field of Information Security Media Group (ISMG) to talk about cloud security. Specifically, we talked about why there are IT leaders who, in spite of the fact that they...
View ArticleMachine learning and AI for cybersecurity: An intern's perspective
My Zscaler 2019 summer intern, Anupma Sharan, returned to her Carnegie Mellon University campus this week and blogged about her amazing internship experiences. Anupma’s blog provides a glimpse into the...
View ArticleTo flip the security model, start with "yes"
Returning home after a week-long trip to Las Vegas, I had the opportunity to reflect on some of the news that came out of the Black Hat and DEF CON security conferences. The annual Black Hat conference...
View ArticleCrowdsourcing cybersecurity
Crowdsourcing—garnering input or support for a venture from a large number of people via the internet—has become an everyday practice, and the most common variety is the crowdfunding campaign....
View ArticleUse your superpower to thwart cybercriminals
English artist Banksy once said, “Invisibility is a superpower.” Banksy was speaking of the shield anonymity provides, but the statement also applies to information security: Invisibility is an...
View Article