Security Research Blog

News and views from the leading voice in cloud security.


By: Viral Gandhi

Mobile App Wall Of Shame: SMS touch

Privacy Leaks

App : SMS touch Price : $1.99 Category : Utility  Platform : iOS                                     Updated : Jul 06, 2015 Version : 4.5 Size : 16 MB Languages: English, Dutch, French, German, Italian, Spanish Seller: Alco Blom Rated 4+ Background:        …
By: Deepen Desai

SSL/TLS-based malware attacks

Sophisticated Malware Strains Using SSL to Encrypt Activity

Malware

Whether you call it SSL, TLS, or HTTPS, you’re talking about what has become the single greatest means for harboring the transmission of malware: encryption. Zscaler operates a globally distributed cloud security platform, and we have found that more than…
By: Whitney Black

Amazon’s Prime Day Won Shopping on Tuesday

I like to complain about Amazon’s shopping algorithm and how it tries to sell me sunscreen, granola bars, and diapers, as if that’s all I ever buy (more true than I like to admit). But like so many others, I…
By: Deepen Desai

UPDATE: Petya Ransomware Outbreak

Updated June 30, 2017

Ransomware

One month after the WannaCry outbreak, we have seen another widespread ransomware outbreak, possibly involving the Petya ransomware family variant. The initial vector has been confirmed to be a compromised software update package from MeDoc.  As we learn more, we will…
By: Rohit Hegde

Wonder Woman, Piracy, and the Cerber Ransomware

Magnitude Exploit Kit leading to Cerber Ransomware

Exploit Kit | Ransomware

It’s become a lucrative business for malicious actors to host illegal streaming websites and upload or link to bootlegged content. The income from such activity is generated from the advertisements served to visitors. At the same time, attackers have become…
By: Viral Gandhi

New Android Marcher Variant Posing as Adobe Flash Player Update

Android Marcher malware

Malware

Introduction Marcher is sophisticated banking malware that steals users’ financial information, such as online banking credentials and credit card details. We have observed Marcher evolving over time, using new tricks and payload delivery mechanisms. As we reported about previous encounters with…
By: Rohit Hegde

Top Exploit Kit Activity Roundup - Spring 2017

Exploit Kit

Overview This is the fifth in a series of posts in which we're examining recent activity of the current top exploit kits. An exploit kit (EK) is a rapidly deployable software package designed to leverage vulnerabilities in…
By: Shivang Desai

Malicious Android Ads leading to drive by downloads

Drive by downloads causing chaos

Mobile Malware

The Zscaler ThreatLabZ team recently identified an Android app that was downloading itself from advertisements posted on forums. Malvertising is a growing problem and one that we have covered on past occasions, especially given the rise in SSL sites that serve…

Learn more about Zscaler.
Join one of our webcasts.

Check how healthy is your Internet security with Security Preview, Zscaler's free security scan

How secure are you?

Check your security with our instant risk assessment, Security Preview. It’s free, confidential and safe. 85% of companies who run this test find vulnerabilities that require immediate attention.