Conti Ransomware Attacks Persist With an Updated Version Despite Leaks
In late January 2022, ThreatLabz identified an updated version of Conti ransomware as part of the global ransomware tracking efforts. This update was released prior to the massive leak of Conti source...
View ArticleWhat You Need to Know About the LAPSUS$ Software Supply Chain Attacks
Join the ThreatLabz research team and our product experts on Tuesday, 3/29/22 at 9:30am PT for an analysis of the LAPSUS$ Okta attack and strategies for assessing and reducing the impact to your...
View ArticleIntroducing Integrated Deception as part of the world’s first and only...
Whether it’s the rise in encrypted attacks, hands-on-keyboard threats, human-operated ransomware, or, for that matter, successful breaches, we don’t need to throw more doom and gloom statistics to tell...
View ArticleWhat You Need to Know About the LAPSUS$ Supply Chain Attacks
Join the ThreatLabz research team and our product experts on Tuesday, 3/29/22 at 9:30am PT for an analysis of the LAPSUS$ Okta attack and strategies for assessing and reducing the impact to your...
View ArticleDigital-First Insurance Solutions at Tower
Even before the onset of the COVID-19 pandemic and rapid growth of the work-from-anywhere trend, Tower’s goal was to meet the 21st-century head-on with customer-focused, digital-first insurance...
View ArticleA Modernized Approach to M&A
Mergers and acquisitions (M&A) form a key part of many growth strategies. As a result, every M&A deal is high stakes, with due diligence and rigor essential to mitigate risk and...
View ArticleAnalysis of BlackGuard - a new info stealer malware being sold in a Russian...
Introduction: Hacking forums often double up as underground marketplaces where cybercriminals buy, rent, and sell all kinds of malicious illegal products, including software, trojans, stealers,...
View ArticleSecurity Advisory: Spring Cloud Framework Vulnerabilities
Background: Over the past few days, the Zscaler ThreatLabz team has been closely monitoring the reports of potential RCEs in Spring Cloud Framework and Spring Cloud Function. Spring is an open-source...
View ArticlePreparing For the Log4j Long Haul: How to Mitigate Log4Shell Risk
It has been several months since the discovery of the pervasive Apache Log4j / Log4Shell vulnerability, but the end of managing this threat is not yet in sight. Moderate estimates predict that security...
View ArticleAnalysis of Domain Fronting Technique: Abuse and Hiding via CDNs
What is Domain Fronting? Domain fronting is a technique in which a client conceals the true intended destination of an HTTPS request from censors and network security filters by “fronting” the request...
View ArticleAnalysis of Spring Cloud Framework Vulnerabilities
Background: Over the past few days, the Zscaler ThreatLabz team has been closely monitoring the reports of potential RCEs in Spring Cloud Framework and Spring Cloud Function. Spring is an open-source...
View ArticleWise Organizations Learn from the Successes of Others
Enterprises worldwide are producing and delivering products enjoyed by customers in countless industries, and though the products may vary widely, behind the scenes, almost all these enterprises...
View Article5 Tips for Leveraging Zero Trust to Up Your Work-from-Anywhere Game
Today’s competitive talent environment requires bold moves for companies seeking the best workers. That’s why Careem has committed to a remote-first workplace and borderless hiring with a global reach....
View ArticleFFDroider Stealer Targeting Social Media Platform Users
Introduction Credential stealing malware is commonly observed in the landscape of cyber attacks today. Zscaler ThreatLabz team has discovered many new types of stealer malwares across different attack...
View ArticleData Protection: Outside is Where All the Fun Happens
Now that summer is approaching, it’s time to go outside and play. Outside is where all the fun happens, or that’s what I keep telling my boys. Pay no attention to those addicting video games - the real...
View ArticleThe Five Takeaways You Shouldn’t Miss from Zero Trust Live
We recently wrapped up Zero Trust Live, our premier virtual event for IT and security leaders. In this post, I'll help you digest the key news and highlights from the event which featured an incredible...
View ArticleMachine Identity in the Cloud - Bypassing All Security Controls
Modern public cloud environments provide great flexibility, agility, and benefits to companies of all sizes. In addition to operational benefits and cost reductions, the public cloud offers great...
View ArticleThe Top 5 Benefits of Cloud-Native Application Protection Platform (CNAPP)
CNAPP platforms help an enterprise integrate security principles and standards across the development lifecycle by implementing security controls at each stage—development, integration, deployment, and...
View ArticleThe Latest Sandworm Botnet Attack Shows Why Firewalls Can’t Do Zero Trust
US Attorney General Merrick Garland announced Wednesday that US officials have disrupted a two-tiered global botnet of thousands of infected firewall devices allegedly controlled by the threat actor...
View ArticleEven the Cloud is Bigger (and More Secure) in Texas
Zscaler is proud to have been named to the Texas Risk and Authorization Management Program (TX-RAMP) program. Our early entry into the TX-RAMP program gives our Texas customers access to the largest...
View Article