ThreatLabz Discovers 117 Vulnerabilities in Microsoft 365 Apps Via the...
Introduction In Part 1 of this series, we’ve demonstrated how ThreatLabz reverse engineered the SketchUp 3D library in Microsoft 365 as well as the SKP file format. Furthermore, we developed two...
View ArticleCoverage Advisory for CVE-2023-50164: Apache Struts Path Traversal and File...
Introduction On December 7, the Apache Software Foundation released Apache Struts versions 6.3.0.2 and 2.5.33 to address a critical vulnerability currently identified as CVE-2023-50164, which is a path...
View ArticleThreat Actors Exploit CVE-2017-11882 To Deliver Agent Tesla
Introduction First discovered in 2014, Agent Tesla is an advanced keylogger with features like clipboard logging, screen keylogging, screen capturing, and extracting stored passwords from different web...
View ArticleElevating Cybersecurity: Introducing Zscaler and Microsoft Sentinel's...
The evolution of Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) technologies has been pivotal in shaping modern cybersecurity strategies....
View ArticleImmortalizing the Heroic Journeys of Zscaler Customer Advocates
Look! Up in the sky! Is it a bird? Is it a plane? It’s our Zscaler IT Heroes—a series of colorful illustrated stories celebrating our customers as the “heroes” of their organizations’ digital...
View ArticleTeamwork at the Christmas party: Fundraising for 20 orphans in Burkina Faso
The CEUR team donated 25,000 euros to the Hummaid orphanage In February 2023, the Hummaid orphanage in Burkina Faso was officially opened with a Zscaler team of volunteers on site. Since then a...
View ArticleTop 5 Cyber Predictions for 2024: A CISO Perspective
Amidst the ever-evolving realm of enterprise security, a new year unfolds, introducing a dynamic array of emerging threats. While the “prediction season” gains momentum, it's pivotal to reflect on the...
View ArticleWhat Did Plato Have to Say About Zero Trust Security?
Plato was a philosopher from the fifth century B.C. whose work guided human thought for centuries. Nearly 2,500 years later, his influence still echoes everywhere. This is true even in cybersecurity...
View ArticleExploring Encrypted Attacks Amidst the AI Revolution
Introduction Zscaler ThreatLabz researchers analyzed 29.8 billion blocked threats embedded in encrypted traffic from October 2022 to September 2023 in the Zscaler cloud, presenting their findings in...
View ArticleAI: Boon or Bane to Security?
Security professionals believe offensive AI will outpace defensive AI A recent Cybersecurity Insiders report found that AI is transforming security—making fundamental (and likely permanent) changes to...
View ArticleData Protection Predictions for 2024
As IT teams reflect on 2023 and look forward to 2024, we can all agree that data is the lifeblood of an organization. To that end, every organization’s goal should be to have visibility and control of...
View ArticleData validation on production for unsupervised classification tasks using a...
Abstract Have you ever been working on an unsupervised task and wondered, “How you I validate my algorithm at scale?” In unsupervised learning, in contrast to supervised learning, our validation set...
View ArticleHow the Zscaler Zero Trust Exchange Makes Divestiture Seamless, Easy, and...
When thinking about logistics and the trucking industry in particular, technology probably isn’t the first association that comes to mind. While trucking has been around since shortly after the advent...
View ArticleApache OFBiz Authentication Bypass Vulnerability (CVE-2023-51467)
Introduction On December 26, 2023, researchers at SonicWall announced the discovery of a zero-day security flaw in Apache OFBiz. Tracked as CVE-2023-51467, the vulnerability allows threat actors to...
View ArticleDigital Experience Monitoring Predictions for 2024
In 2023, we’ve seen an increase in companies focused on maximizing growth as it relates to productivity and innovation. Employers were looking to optimize employee experiences and reduce costs in hopes...
View ArticleDreamBus Unleashes Metabase Mayhem With New Exploit Module
Introduction Zscaler’s ThreatLabz research team has been tracking the Linux-based malware family known as DreamBus. Not much has changed in the last few years other than minor bug fixes, and slight...
View ArticleHybrid Work and Zero Trust: Predictions for 2024
2023 was dubbed “the year of efficiency”. It saw many organizations work towards operational efficiencies in an effort to become nimbler. “More with less” was the mantra spoken by several C-level execs...
View ArticleSecuring Public Sector Against IoT Malware in 2024
The rapid proliferation of the Internet of Things (IoT) represents vast opportunities for the public sector. Connected devices and smart technology are pivotal to enhancing the efficiency and...
View ArticleMust-Haves to Augment Your Zero Trust Architecture
Must-Haves to Augment Your Zero Trust Architecture With all the fluctuations in interest rates lately, working in the mortgage industry sometimes feels like a wild roller coaster ride. At Guaranteed...
View Article4 Ways Enterprises Can Stop Encrypted Cyber Threats
Want to uncover the 86% of cyber threats lurking in the shadows? Join our January 18th live event with Zscaler CISO Deepen Desai to learn how enterprises can stop encrypted attacks, as well as explore...
View Article