Jenkins Arbitrary File Leak Vulnerability, CVE-2024-23897, Can Lead To RCE
Introduction Jenkins, a Java-based open-source automation server widely used by developers for application building, testing, and deployment, has issued an advisory about a critical vulnerability that...
View ArticleNow and Next: How Zscaler is Transforming to Fuel Channel Success
Looking back at 2023, it was impossible to escape the constant buzz surrounding cybersecurity incidents in the market. But amid the chaos, one thing became clear: the cybersecurity market was booming...
View ArticleHow Zscaler’s Powerful Integrations Help the State of Oklahoma Efficiently Do...
How Zscaler’s Powerful Integrations Help the State of Oklahoma Efficiently Do More with Less On any given day, our team of security professionals who comprise the OMES Oklahoma Cyber Command stay on...
View ArticleCushman & Wakefield’s Roadmap for Consolidating and Simplifying Security...
Cushman & Wakefield’s Roadmap for Consolidating and Simplifying Security with Zscaler As a CISO leading the cybersecurity program at Cushman & Wakefield, one of the world's largest commercial...
View ArticleStart Your Journey in IT Support: A Beginner's Guide
Navigating the nuances of IT troubleshooting can be challenging, especially if you're just starting out. Our ebook, A Beginner’s Guide to Troubleshooting Devices, Networks, and Applications for Service...
View ArticleThe (D)Evolution of Pikabot
Introduction Pikabot is a malware loader that originally emerged in early 2023. Over the past year, ThreatLabz has been tracking the development of Pikabot and its modus operandi. There was a...
View ArticleMicrosoft, Midnight Blizzard, and the Scourge of Identity Attacks
Summary On January 19, 2024, technology leader Microsoft disclosed that it had fallen victim to a Russian state-sponsored cyberattack that gave the threat actors access to senior management mailboxes...
View ArticleNIS 2.0 - New Cybersecurity Rules In the EU
Back in 2021, the White House issued an executive order compelling federal government agencies to develop a plan for implementing a zero trust architecture. This was followed by a memorandum that...
View ArticleThe old social engineering playbook – Now with AI!
When you’ve been in the security world long enough, you start to see old playbooks being reused, with new technology. Case in point: ‘Deepfake’ has been an increasingly common phrase in the news,...
View ArticleAI-Powered Sales Leadership: Transforming the Playbook for World-Class Coaching
We are in an era of change brought about by AI. There’s a lot of positivity but also uncertainty. For sales leaders, the advent of artificial intelligence (AI) presents an opportunity to rewrite the...
View ArticleWhy Haven’t Firewalls and VPNs Stopped More Organizations from Being Breached?
Reducing cyber risk is an increasingly important initiative for organizations today. Due to the fact that a single cyber breach can be financially fatal as well as disastrous for countless...
View ArticleEuropean diplomats targeted by SPIKEDWINE with WINELOADER
IntroductionZscaler's ThreatLabz discovered a suspicious PDF file uploaded to VirusTotal from Latvia on January 30th, 2024. This PDF file is masqueraded as an invitation letter from the Ambassador of...
View ArticleSecuring Government Workload Communications in the Public Cloud
As government agencies continue their journey towards digital transformation, many are embracing hybrid cloud deployments to modernize their operations. A transition to a public or private cloud brings...
View ArticlePositioning Zscaler Private Access Relative to VDI: Part 1
What are some of the most common concerns heard from customers about virtual desktop infrastructure (VDI)? They are often related to cost, complexity, management, upkeep, and security. How can Zscaler...
View ArticleAndroid and Windows RATs Distributed Via Online Meeting Lures
IntroductionBeginning in December 2023, Zscaler’s ThreatLabz discovered a threat actor creating fraudulent Skype, Google Meet, and Zoom websites to spread malware. The threat actor spreads SpyNote RAT...
View ArticleFrom VDI replacement to complementary use: Part 2
In the first part of this VDI blog series, we discussed the two major use cases of access granularity and traffic inspection and how Zscaler can support these with the help of the Zero Trust Exchange...
View ArticleLinkedIn Outage Detected by Zscaler Digital Experience (ZDX)
At 3:40 p.m. EST on March 6, 2024, Zscaler Digital Experience (ZDX) saw a substantial, unexpected drop in the ZDX score for LinkedIn services around the globe. Upon analysis, we noticed HTTP 503 errors...
View ArticleMultiple Vulnerabilities Found In ConnectWise ScreenConnect
IntroductionOn February 19, 2024, ConnectWise released an advisory disclosing critical vulnerabilities impacting ScreenConnect Remote Monitoring and Management (RMM) software. The first vulnerability,...
View ArticleOutpace Attackers with AI-Powered Advanced Threat Protection
Securing access to the internet and applications for any user, device, or workload connecting from anywhere in the world means preventing attacks before they start. Zscaler Advanced Threat Protection...
View ArticleTo Help Build a More Inclusive Future, Develop Yourself
An organization's success comes down to its people, and fostering diversity in the workforce amplifies a business's ability to navigate complex challenges. Women bring unique skills and perspectives...
View Article