#zscaler — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #zscaler, aggregated by home.social.
-
https://www.europesays.com/ch/?p=59388 UBS offers Autocallable Notes linked to Zscaler stock #13%Coupon #AMUB #AutocallableNotes #StructuredProduct #UBS #Zscaler
-
https://www.europesays.com/ie/404675/ Finding a job is tough. Here’s how AI can and can’t help #AI #ArtificialIntelligence #ArtificialIntelligence #BeWell #Business #DanielChait #DanielZhao #Éire #Finance #FinanceBusiness #GeneralNews #IE #Inc #InformationTechnology #Ireland #lifestyle #PatWhelan #SAPSE #Technology #USNews #WorldNews #Zscaler
-
Zscaler has acquired SquareX to extend Zero Trust enforcement into standard web browsers without requiring a separate enterprise browser or full agent deployment.
The strategy targets unmanaged and BYOD environments, aiming to reduce reliance on VPNs and VDIs while maintaining posture checks and policy enforcement within browser sessions.
💬 From an architecture perspective, where do browser-based controls fall short - and where do they excel?
Source: https://www.zscaler.com/press/zscaler-acquires-squarex
➕ Follow @technadu for vendor-neutral infosec analysis.
#Zscaler #ZeroTrustExchange #BrowserSecurity #Infosec #EnterpriseSecurity #CloudAccess #AIWorkflows #TechNadu
-
Zscaler has acquired SquareX to extend Zero Trust enforcement into standard web browsers without requiring a separate enterprise browser or full agent deployment.
The strategy targets unmanaged and BYOD environments, aiming to reduce reliance on VPNs and VDIs while maintaining posture checks and policy enforcement within browser sessions.
💬 From an architecture perspective, where do browser-based controls fall short - and where do they excel?
Source: https://www.zscaler.com/press/zscaler-acquires-squarex
➕ Follow @technadu for vendor-neutral infosec analysis.
#Zscaler #ZeroTrustExchange #BrowserSecurity #Infosec #EnterpriseSecurity #CloudAccess #AIWorkflows #TechNadu
-
Zscaler has acquired SquareX to extend Zero Trust enforcement into standard web browsers without requiring a separate enterprise browser or full agent deployment.
The strategy targets unmanaged and BYOD environments, aiming to reduce reliance on VPNs and VDIs while maintaining posture checks and policy enforcement within browser sessions.
💬 From an architecture perspective, where do browser-based controls fall short - and where do they excel?
Source: https://www.zscaler.com/press/zscaler-acquires-squarex
➕ Follow @technadu for vendor-neutral infosec analysis.
#Zscaler #ZeroTrustExchange #BrowserSecurity #Infosec #EnterpriseSecurity #CloudAccess #AIWorkflows #TechNadu
-
Zscaler has acquired SquareX to extend Zero Trust enforcement into standard web browsers without requiring a separate enterprise browser or full agent deployment.
The strategy targets unmanaged and BYOD environments, aiming to reduce reliance on VPNs and VDIs while maintaining posture checks and policy enforcement within browser sessions.
💬 From an architecture perspective, where do browser-based controls fall short - and where do they excel?
Source: https://www.zscaler.com/press/zscaler-acquires-squarex
➕ Follow @technadu for vendor-neutral infosec analysis.
#Zscaler #ZeroTrustExchange #BrowserSecurity #Infosec #EnterpriseSecurity #CloudAccess #AIWorkflows #TechNadu
-
Russian hackers are exploiting recently patched Microsoft Office vulnerability (CVE-2026-21509) https://www.helpnetsecurity.com/2026/02/03/russian-hackers-are-exploiting-recently-patched-microsoft-office-vulnerability-cve-2026-21509/ #government-backedattacks #cyberespionage #vulnerability #Don'tmiss #Microsoft #Hotstuff #MSOffice #CERT-UA #Zscaler #News #APT
-
Part of my #Monday work ritual is giving the ol' work laptop a refresh, which means shutting it down completely and powering it back on. But then it runs like slow ass, so I have to give it a reboot and then it's fine. Then once I log in with #Okta 853 times to get #Zscaler authenticated I'm off and running!
Gotta love #SSO.
-
AS53813 Zscaler seems to have 4x100G ports at Extreme IX Chennai https://www.peeringdb.com/ix/1786
Though, only 2 (out of 4) are announcing prefixes. In backup state probably.
https://lg.extreme-ix.org/lg/che-route-server-2-ipv4/routes/protocol/pb_1225_as53813
https://lg.extreme-ix.org/lg/che-route-server-2-ipv4/routes/protocol/pb_1227_as53813
https://lg.extreme-ix.org/lg/che-route-server-2-ipv4/routes/protocol/pb_2299_as53813
https://lg.extreme-ix.org/lg/che-route-server-2-ipv4/routes/protocol/pb_2300_as53813 -
Zscaler ThreatLabz documents BlindEagle APT's sophisticated attack on Colombian government infrastructure using steganography, compromised email accounts, and dual malware deployment (Caminho + DCRat). The September 2025 campaign demonstrates evolved tradecraft including Discord CDN abuse and fileless execution chains.
#SecurityLand #ThreatHorizon #Zscaler #BlindEagle #Colombia #Government #Ecuador #APT #RAT #Malware
Read More: https://www.security.land/blindeagle-colombian-government-caminho-dcrat-attack/
-
Attacks to exploit router vulnerabilities to execute commands and spread malware account for 75% of all attacks, according to Zscaler report
https://www.admin-magazine.com/News/Routers-Remain-Top-Target-for-IoT-Attacks-Per-Zscaler-Report?utm_source=mam
#router #vulnerabilities #IoT #malware #Mirai #Mozi #Android #spyware #Zscaler -
Zscaler Acquires AI Security Company SPLX https://www.securityweek.com/zscaler-acquires-ai-security-company-splx/ #Acquisition #M&ATracker #Zscaler #SplxAI #SPLX #M&A #AI
-
Interesting 🤔 Security leaders at #Okta and #Zscaler share lessons from Salesloft Drift attacks
https://cyberscoop.com/okta-zscaler-security-leaders-salesloft-drift-attacks/ #Infosec
-
Hackers Hide RMM Installs as Fake Chrome Updates and Teams Invites https://hackread.com/hackers-rmm-installs-fake-chrome-updates-teams-invite/ #MicrosoftTeams #Cybersecurity #PhishingScam #CyberAttack #RedCanary #Security #Phishing #Malware #ITarian #Zscaler #Chrome #Atera #Fraud #Scam #Zoom #RMM
-
Hackers Hide RMM Installs as Fake Chrome Updates and Teams Invites https://hackread.com/hackers-rmm-installs-fake-chrome-updates-teams-invite/ #MicrosoftTeams #Cybersecurity #PhishingScam #CyberAttack #RedCanary #Security #Phishing #Malware #ITarian #Zscaler #Chrome #Atera #Fraud #Scam #Zoom #RMM
-
Hackers Hide RMM Installs as Fake Chrome Updates and Teams Invites https://hackread.com/hackers-rmm-installs-fake-chrome-updates-teams-invite/ #MicrosoftTeams #Cybersecurity #PhishingScam #CyberAttack #RedCanary #Security #Phishing #Malware #ITarian #Zscaler #Chrome #Atera #Fraud #Scam #Zoom #RMM
-
Hackers Hide RMM Installs as Fake Chrome Updates and Teams Invites https://hackread.com/hackers-rmm-installs-fake-chrome-updates-teams-invite/ #MicrosoftTeams #Cybersecurity #PhishingScam #CyberAttack #RedCanary #Security #Phishing #Malware #ITarian #Zscaler #Chrome #Atera #Fraud #Scam #Zoom #RMM
-
Zscaler, Palo Alto Networks, SpyCloud among the affected by Salesloft breach https://www.helpnetsecurity.com/2025/09/02/zscaler-palo-alto-networks-spycloud-among-the-affected-by-salesloft-breach/ #PaloAltoNetworks #AstrixSecurity #databreach #Salesforce #Don'tmiss #PagerDuty #WideField #Hotstuff #Mandiant #SpyCloud #Zscaler #Google #Tanium #Gmail #OAuth #News
-
Zscaler, Palo Alto Networks, SpyCloud among the affected by Salesloft breach https://www.helpnetsecurity.com/2025/09/02/zscaler-palo-alto-networks-spycloud-among-the-affected-by-salesloft-breach/ #PaloAltoNetworks #AstrixSecurity #databreach #Salesforce #Don'tmiss #PagerDuty #WideField #Hotstuff #Mandiant #SpyCloud #Zscaler #Google #Tanium #Gmail #OAuth #News
-
Zscaler, Palo Alto Networks, SpyCloud among the affected by Salesloft breach https://www.helpnetsecurity.com/2025/09/02/zscaler-palo-alto-networks-spycloud-among-the-affected-by-salesloft-breach/ #PaloAltoNetworks #AstrixSecurity #databreach #Salesforce #Don'tmiss #PagerDuty #WideField #Hotstuff #Mandiant #SpyCloud #Zscaler #Google #Tanium #Gmail #OAuth #News
-
Zscaler, Palo Alto Networks, SpyCloud among the affected by Salesloft breach https://www.helpnetsecurity.com/2025/09/02/zscaler-palo-alto-networks-spycloud-among-the-affected-by-salesloft-breach/ #PaloAltoNetworks #AstrixSecurity #databreach #Salesforce #Don'tmiss #PagerDuty #WideField #Hotstuff #Mandiant #SpyCloud #Zscaler #Google #Tanium #Gmail #OAuth #News
-
77 Malicious Android Apps With 19M Downloads Targeted 831 Banks Worldwide – Source:hackread.com https://ciso2ciso.com/77-malicious-android-apps-with-19m-downloads-targeted-831-banks-worldwide-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #cybersecurity #CyberAttack #googleplay #Hackread #security #malware #Zscaler #Anatsa #TeaBot
-
77 Malicious Android Apps With 19M Downloads Targeted 831 Banks Worldwide https://hackread.com/77-malicious-android-apps-19-million-install-banks/ #Cybersecurity #CyberAttack #GooglePlay #Security #security #Malware #Zscaler #Anatsa #TeaBot
-
Analysis Sees Limited End User Ability to Accurately Identify Phishing Attacks – Source: securityboulevard.com https://ciso2ciso.com/analysis-sees-limited-end-user-ability-to-accurately-identify-phishing-attacks-source-securityboulevard-com/ #SecurityBoulevard(Original) #rssfeedpostgeneratorecho #CyberSecurityNews #SecurityBoulevard #SocialFacebook #SocialLinkedIn #Cybersecurity #Spotlight #FEATURED #Phishing #SocialX #Zscaler #AI
-
Analysis Sees Limited End User Ability to Accurately Identify Phishing Attacks – Source: securityboulevard.com https://ciso2ciso.com/analysis-sees-limited-end-user-ability-to-accurately-identify-phishing-attacks-source-securityboulevard-com/ #SecurityBoulevard(Original) #rssfeedpostgeneratorecho #CyberSecurityNews #SecurityBoulevard #SocialFacebook #SocialLinkedIn #Cybersecurity #Spotlight #FEATURED #Phishing #SocialX #Zscaler #AI
-
Analysis Sees Limited End User Ability to Accurately Identify Phishing Attacks – Source: securityboulevard.com https://ciso2ciso.com/analysis-sees-limited-end-user-ability-to-accurately-identify-phishing-attacks-source-securityboulevard-com/ #SecurityBoulevard(Original) #rssfeedpostgeneratorecho #CyberSecurityNews #SecurityBoulevard #SocialFacebook #SocialLinkedIn #Cybersecurity #Spotlight #FEATURED #Phishing #SocialX #Zscaler #AI
-
Analysis Sees Limited End User Ability to Accurately Identify Phishing Attacks – Source: securityboulevard.com https://ciso2ciso.com/analysis-sees-limited-end-user-ability-to-accurately-identify-phishing-attacks-source-securityboulevard-com/ #SecurityBoulevard(Original) #rssfeedpostgeneratorecho #CyberSecurityNews #SecurityBoulevard #SocialFacebook #SocialLinkedIn #Cybersecurity #Spotlight #FEATURED #Phishing #SocialX #Zscaler #AI
-
🎯 NOW PUBLISHING: On-Location Coverage from #BlackHat USA 2025!
"Data Kidnapping: Because File Encryption Is So 2020" 🫢
We're back in the office and excited to start sharing all the conversations we captured on location in Las Vegas with our amazing sponsors and editorial coverage!
🔔 Follow ITSPmagazine, Sean Martin, CISSP, and Marco Ciappelli to get this content fresh as it drops!
We're excited to share this eye-opening Brand Story conversation thanks to our friends at Zscaler 🙏
#Ransomware has evolved. Attackers no longer need to encrypt your data—they're stealing it and threatening public exposure unless you pay.
At #BlackHat2025, Brett Stone-Gross from #Zscaler reveals how this shift changes everything about defense strategies.
The new reality organizations face:
• Stolen data moves slowly enough to avoid alerts—or quickly enough to overwhelm teams
• File transfer tools and other apps left exposed to the internet create easy entry points
• Advanced groups target single victims for multimillion-dollar payouts based on stolen data value
• The U.S. accounts for ~50% of ransomware incidents, making American companies prime targets
• Legacy systems in #healthcare, #manufacturing, and oil & gas amplify risksZscaler's #zerotrust approach tackles these challenges by:
• Eliminating internet-facing vulnerabilities—hiding applications from public view
• Advanced #threatprevention that blocks exploits before escalation
• Segmentation that prevents lateral movement from compromised accounts
• #DLP that detects and stops unauthorized data transfers
• Continuous monitoring that catches privilege escalation attemptsThe business impact?
Reduced attack surface, faster threat containment, lower risk of repeated incidents, and better security #ROI.When attackers can't see your applications, they can't exploit them.
➤ Learn more about Zscaler: https://itspm.ag/zscaler-327152
✦ Catch more stories from Zscaler: https://www.itspmagazine.com/directory/zscaler
🎪 Follow all of our #BHUSA 2025 coverage: https://www.itspmagazine.com/bhusa25
#Cybersecurity #Ransomware #ZeroTrust #DataProtection #BlackHatUSA #BHUSA25 #ThreatIntelligence #DLP #CloudSecurity #DataKidnapping #infosec #infosecurity
-
🎯 NOW PUBLISHING: On-Location Coverage from #BlackHat USA 2025!
"Data Kidnapping: Because File Encryption Is So 2020" 🫢
We're back in the office and excited to start sharing all the conversations we captured on location in Las Vegas with our amazing sponsors and editorial coverage!
🔔 Follow ITSPmagazine, Sean Martin, CISSP, and Marco Ciappelli to get this content fresh as it drops!
We're excited to share this eye-opening Brand Story conversation thanks to our friends at Zscaler 🙏
#Ransomware has evolved. Attackers no longer need to encrypt your data—they're stealing it and threatening public exposure unless you pay.
At #BlackHat2025, Brett Stone-Gross from #Zscaler reveals how this shift changes everything about defense strategies.
The new reality organizations face:
• Stolen data moves slowly enough to avoid alerts—or quickly enough to overwhelm teams
• File transfer tools and other apps left exposed to the internet create easy entry points
• Advanced groups target single victims for multimillion-dollar payouts based on stolen data value
• The U.S. accounts for ~50% of ransomware incidents, making American companies prime targets
• Legacy systems in #healthcare, #manufacturing, and oil & gas amplify risksZscaler's #zerotrust approach tackles these challenges by:
• Eliminating internet-facing vulnerabilities—hiding applications from public view
• Advanced #threatprevention that blocks exploits before escalation
• Segmentation that prevents lateral movement from compromised accounts
• #DLP that detects and stops unauthorized data transfers
• Continuous monitoring that catches privilege escalation attemptsThe business impact?
Reduced attack surface, faster threat containment, lower risk of repeated incidents, and better security #ROI.When attackers can't see your applications, they can't exploit them.
➤ Learn more about Zscaler: https://itspm.ag/zscaler-327152
✦ Catch more stories from Zscaler: https://www.itspmagazine.com/directory/zscaler
🎪 Follow all of our #BHUSA 2025 coverage: https://www.itspmagazine.com/bhusa25
#Cybersecurity #Ransomware #ZeroTrust #DataProtection #BlackHatUSA #BHUSA25 #ThreatIntelligence #DLP #CloudSecurity #DataKidnapping #infosec #infosecurity
-
🎯 NOW PUBLISHING: On-Location Coverage from #BlackHat USA 2025!
"Data Kidnapping: Because File Encryption Is So 2020" 🫢
We're back in the office and excited to start sharing all the conversations we captured on location in Las Vegas with our amazing sponsors and editorial coverage!
🔔 Follow ITSPmagazine, Sean Martin, CISSP, and Marco Ciappelli to get this content fresh as it drops!
We're excited to share this eye-opening Brand Story conversation thanks to our friends at Zscaler 🙏
#Ransomware has evolved. Attackers no longer need to encrypt your data—they're stealing it and threatening public exposure unless you pay.
At #BlackHat2025, Brett Stone-Gross from #Zscaler reveals how this shift changes everything about defense strategies.
The new reality organizations face:
• Stolen data moves slowly enough to avoid alerts—or quickly enough to overwhelm teams
• File transfer tools and other apps left exposed to the internet create easy entry points
• Advanced groups target single victims for multimillion-dollar payouts based on stolen data value
• The U.S. accounts for ~50% of ransomware incidents, making American companies prime targets
• Legacy systems in #healthcare, #manufacturing, and oil & gas amplify risksZscaler's #zerotrust approach tackles these challenges by:
• Eliminating internet-facing vulnerabilities—hiding applications from public view
• Advanced #threatprevention that blocks exploits before escalation
• Segmentation that prevents lateral movement from compromised accounts
• #DLP that detects and stops unauthorized data transfers
• Continuous monitoring that catches privilege escalation attemptsThe business impact?
Reduced attack surface, faster threat containment, lower risk of repeated incidents, and better security #ROI.When attackers can't see your applications, they can't exploit them.
➤ Learn more about Zscaler: https://itspm.ag/zscaler-327152
✦ Catch more stories from Zscaler: https://www.itspmagazine.com/directory/zscaler
🎪 Follow all of our #BHUSA 2025 coverage: https://www.itspmagazine.com/bhusa25
#Cybersecurity #Ransomware #ZeroTrust #DataProtection #BlackHatUSA #BHUSA25 #ThreatIntelligence #DLP #CloudSecurity #DataKidnapping #infosec #infosecurity
-
🎯 NOW PUBLISHING: On-Location Coverage from #BlackHat USA 2025!
"Data Kidnapping: Because File Encryption Is So 2020" 🫢
We're back in the office and excited to start sharing all the conversations we captured on location in Las Vegas with our amazing sponsors and editorial coverage!
🔔 Follow ITSPmagazine, Sean Martin, CISSP, and Marco Ciappelli to get this content fresh as it drops!
We're excited to share this eye-opening Brand Story conversation thanks to our friends at Zscaler 🙏
#Ransomware has evolved. Attackers no longer need to encrypt your data—they're stealing it and threatening public exposure unless you pay.
At #BlackHat2025, Brett Stone-Gross from #Zscaler reveals how this shift changes everything about defense strategies.
The new reality organizations face:
• Stolen data moves slowly enough to avoid alerts—or quickly enough to overwhelm teams
• File transfer tools and other apps left exposed to the internet create easy entry points
• Advanced groups target single victims for multimillion-dollar payouts based on stolen data value
• The U.S. accounts for ~50% of ransomware incidents, making American companies prime targets
• Legacy systems in #healthcare, #manufacturing, and oil & gas amplify risksZscaler's #zerotrust approach tackles these challenges by:
• Eliminating internet-facing vulnerabilities—hiding applications from public view
• Advanced #threatprevention that blocks exploits before escalation
• Segmentation that prevents lateral movement from compromised accounts
• #DLP that detects and stops unauthorized data transfers
• Continuous monitoring that catches privilege escalation attemptsThe business impact?
Reduced attack surface, faster threat containment, lower risk of repeated incidents, and better security #ROI.When attackers can't see your applications, they can't exploit them.
➤ Learn more about Zscaler: https://itspm.ag/zscaler-327152
✦ Catch more stories from Zscaler: https://www.itspmagazine.com/directory/zscaler
🎪 Follow all of our #BHUSA 2025 coverage: https://www.itspmagazine.com/bhusa25
#Cybersecurity #Ransomware #ZeroTrust #DataProtection #BlackHatUSA #BHUSA25 #ThreatIntelligence #DLP #CloudSecurity #DataKidnapping #infosec #infosecurity
-
🎯 NOW PUBLISHING: On-Location Coverage from #BlackHat USA 2025!
"Data Kidnapping: Because File Encryption Is So 2020" 🫢
We're back in the office and excited to start sharing all the conversations we captured on location in Las Vegas with our amazing sponsors and editorial coverage!
🔔 Follow ITSPmagazine, Sean Martin, CISSP, and Marco Ciappelli to get this content fresh as it drops!
We're excited to share this eye-opening Brand Story conversation thanks to our friends at Zscaler 🙏
#Ransomware has evolved. Attackers no longer need to encrypt your data—they're stealing it and threatening public exposure unless you pay.
At #BlackHat2025, Brett Stone-Gross from #Zscaler reveals how this shift changes everything about defense strategies.
The new reality organizations face:
• Stolen data moves slowly enough to avoid alerts—or quickly enough to overwhelm teams
• File transfer tools and other apps left exposed to the internet create easy entry points
• Advanced groups target single victims for multimillion-dollar payouts based on stolen data value
• The U.S. accounts for ~50% of ransomware incidents, making American companies prime targets
• Legacy systems in #healthcare, #manufacturing, and oil & gas amplify risksZscaler's #zerotrust approach tackles these challenges by:
• Eliminating internet-facing vulnerabilities—hiding applications from public view
• Advanced #threatprevention that blocks exploits before escalation
• Segmentation that prevents lateral movement from compromised accounts
• #DLP that detects and stops unauthorized data transfers
• Continuous monitoring that catches privilege escalation attemptsThe business impact?
Reduced attack surface, faster threat containment, lower risk of repeated incidents, and better security #ROI.When attackers can't see your applications, they can't exploit them.
➤ Learn more about Zscaler: https://itspm.ag/zscaler-327152
✦ Catch more stories from Zscaler: https://www.itspmagazine.com/directory/zscaler
🎪 Follow all of our #BHUSA 2025 coverage: https://www.itspmagazine.com/bhusa25
#Cybersecurity #Ransomware #ZeroTrust #DataProtection #BlackHatUSA #BHUSA25 #ThreatIntelligence #DLP #CloudSecurity #DataKidnapping #infosec #infosecurity
-
Hakerzy klonują strony rządowe za pomocą AI. Nowa metoda phishingu jest groźniejsza niż myślisz
Era fałszywych stron internetowych, które można było rozpoznać po błędach językowych i nieudolnej grafice, dobiega końca.
Według najnowszego raportu ekspertów z firmy Zscaler ThreatLabz, pojawiła się nowa, niebezpieczna forma phishingu: przestępcy zaczęli wykorzystywać generatywną sztuczną inteligencję do tworzenia idealnych, niemal niemożliwych do odróżnienia klonów oficjalnych witryn rządowych. To nowa, groźniejsza forma phishingu, która ma na celu kradzież naszych danych i pieniędzy.
Jak działa phishing 2.0? Brazylijski przykład
Pierwsze udokumentowane przypadki tej techniki zostały przeanalizowane przez badaczy z Zscaler ThreatLabz. W Brazylii hakerzy stworzyli za pomocą AI dwie łudząco podobne do oryginałów strony: portal urzędu ds. ruchu drogowego, służący do składania wniosków o prawo jazdy, oraz tablicę z ofertami pracy Ministerstwa Edukacji.
Mechanizm ataku był prosty, ale skuteczny. Ofiary, szukając w internecie oficjalnej strony, trafiały na fałszywy klon, który dzięki technikom pozycjonowania pojawiał się wysoko w wynikach wyszukiwania. Na stronie proszono ich o podanie wrażliwych danych, takich jak numer identyfikacyjny CPF (odpowiednik polskiego numeru PESEL). Następnie, pod pretekstem sfinalizowania wniosku (o prawo jazdy lub o pracę), ofiary były kierowane do dokonania natychmiastowej płatności przez lokalny system Pix – pieniądze trafiały prosto na konto oszustów.
AI i SEO – nowa broń hakerów
Badacze z ThreatLabz, analizując kod fałszywych witryn, znaleźli liczne dowody na wykorzystanie narzędzi AI, takich jak Deepsite AI. W kodzie znajdowały się charakterystyczne dla generatorów komentarze. Sztuczna inteligencja pozwoliła hakerom na błyskawiczne stworzenie idealnych kopii, bez konieczności posiadania zaawansowanych umiejętności programistycznych.
Aby zwabić ofiary, przestępcy wykorzystali dwie techniki:
- URL squatting: rejestrowali adresy internetowe bardzo podobne do oryginalnych, licząc na nieuwagę użytkownika (np. govbrs[.]com zamiast oficjalnego adresu).
- SEO poisoning: aktywnie pozycjonowali fałszywe strony w wyszukiwarkach, by pojawiały się na czołowych miejscach i wyglądały na legalne źródło.
Zagrożenie jest globalne – Polska na celowniku?
Choć opisane przypadki pochodzą z Brazylii, technika ta jest uniwersalna i stanowi globalne zagrożenie. Nie ma żadnych przeszkód, by w ten sam sposób sklonować strony polskich banków, urzędów skarbowych, portalu ZUS, Internetowego Konta Pacjenta czy popularnych sklepów internetowych.
Nowe narzędzia AI znacząco obniżyły próg wejścia dla cyberprzestępców, czyniąc zaawansowane ataki phishingowe łatwiejszymi do przeprowadzenia niż kiedykolwiek wcześniej.
Jak się chronić przed phishingiem nowej generacji?
- Zawsze sprawdzaj adres URL: to absolutna podstawa. Zanim cokolwiek wpiszesz, dokładnie sprawdź literę po literze adres w pasku przeglądarki. Szukaj subtelnych błędów.
- Nie ufaj ślepo wyszukiwarce: nawet jeśli link jest na pierwszym miejscu w Google, nie daje to 100% gwarancji bezpieczeństwa. SEO poisoning to realne zagrożenie.
- Szukaj kłódki (HTTPS): upewnij się, że połączenie jest szyfrowane, choć pamiętaj, że dziś nawet strony phishingowe często mają certyfikat SSL, więc ta jedna weryfikacja absolutnie nie wystarczy.
- Uważaj na nietypowe prośby o płatność: Bądź szczególnie ostrożny/a, jeśli oficjalna strona urzędu prosi cię o dokonanie płatności za pomocą systemów natychmiastowych (w Polsce np. BLIK), zwłaszcza jeśli wcześniej taka opłata nie była wymagana.
- Korzystaj z oficjalnych aplikacji: jeśli to możliwe, do logowania w banku czy urzędzie używaj oficjalnej aplikacji mobilnej, zamiast wchodzić na stronę przez jakiekolwiek linki z wyszukiwarki czy wiadomości.
- Generalnie ignoruj linki w wiadomościach (SMS, komunikatory, etc.), żadna instytucja nie wysyła linków do kliknięcia, co najwyżej gdy sytuacja tego wymaga otrzymasz informację o konieczności zalogowania się do danej usługi, ale ten proces masz przeprowadzić samodzielnie.
Polska na celowniku hakerów. Rząd przeznacza rekordowe 3,1 mld zł na cyberbezpieczeństwo
#AI #bezpieczeństwoWSieci #cyberbezpieczeństwo #Google #hakerzy #news #oszustwo #phishing #poradnik #sztucznaInteligencja #Zscaler
-
Zscaler SAML SP Authentication Bypass via Certificate Cloning & Signature Spoofing (CVE-2025-54982): https://blog.amberwolf.com/blog/2025/august/advisory---zscaler-saml-authentication-bypass/ #saml #zscaler
-
Zscaler Inc. shares jumped 8% after the U.S. cloud security firm reported first-quarter earnings and billings that beat expectations, driven by surging demand for AI security solutions.
#YonhapInfomax #Zscaler #AIDemand #CloudSecurity #Earnings #Billings #Economics #FinancialMarkets #Banking #Securities #Bonds #StockMarket
https://en.infomaxai.com/news/articleView.html?idxno=65689 -
Zscaler to Acquire MDR Specialist Red Canary https://www.securityweek.com/zscaler-to-acquire-mdr-specialist-red-canary/ #Management&Strategy #SecurityOperations #IncidentResponse #RedCanary #Zscaler #MDR #SOC
-
Zscaler to Acquire MDR Specialist Red Canary https://www.securityweek.com/zscaler-to-acquire-mdr-specialist-red-canary/ #Management&Strategy #SecurityOperations #IncidentResponse #RedCanary #Zscaler #MDR #SOC
-
DanaBot botnet disrupted, QakBot leader indicted https://www.helpnetsecurity.com/2025/05/23/operation-endgame-danabot-botnet-disrupted-qakbot-leader-indicted/ #lawenforcement #Shadowserver #CrowdStrike #Proofpoint #Don'tmiss #Hotstuff #Eurojust #Europol #Zscaler #Fox-IT #court #USDoJ #News #ESET
-
Oops: DanaBot Malware Devs Infected Their Own PCs https://krebsonsecurity.com/2025/05/oops-danabot-malware-devs-infected-their-own-pcs/ #DefenseCriminalInvestigativeService #ArtemAleksandrovichKalinkin #U.S.DepartmentofJustice #Russia'sWaronUkraine #Ne'er-Do-WellNews #AleksandrStepanov #ALittleSunshine #LummaStealer #Flashpoint #proofpoint #microsoft #teamcyrmu #Intel471 #Maffiozi #DanaBot #JimmBee #Zscaler #google #Paypal #Lumen #DCIS #ESET #Onix #fbi
-
Oops: DanaBot Malware Devs Infected Their Own PCs https://krebsonsecurity.com/2025/05/oops-danabot-malware-devs-infected-their-own-pcs/ #DefenseCriminalInvestigativeService #ArtemAleksandrovichKalinkin #U.S.DepartmentofJustice #Russia'sWaronUkraine #Ne'er-Do-WellNews #AleksandrStepanov #ALittleSunshine #LummaStealer #Flashpoint #proofpoint #microsoft #teamcyrmu #Intel471 #Maffiozi #DanaBot #JimmBee #Zscaler #google #Paypal #Lumen #DCIS #ESET #Onix #fbi
-
Oops: DanaBot Malware Devs Infected Their Own PCs https://krebsonsecurity.com/2025/05/oops-danabot-malware-devs-infected-their-own-pcs/ #DefenseCriminalInvestigativeService #ArtemAleksandrovichKalinkin #U.S.DepartmentofJustice #Russia'sWaronUkraine #Ne'er-Do-WellNews #AleksandrStepanov #ALittleSunshine #LummaStealer #Flashpoint #proofpoint #microsoft #teamcyrmu #Intel471 #Maffiozi #DanaBot #JimmBee #Zscaler #google #Paypal #Lumen #DCIS #ESET #Onix #fbi
-
Oops: DanaBot Malware Devs Infected Their Own PCs https://krebsonsecurity.com/2025/05/oops-danabot-malware-devs-infected-their-own-pcs/ #DefenseCriminalInvestigativeService #ArtemAleksandrovichKalinkin #U.S.DepartmentofJustice #Russia'sWaronUkraine #Ne'er-Do-WellNews #AleksandrStepanov #ALittleSunshine #LummaStealer #Flashpoint #proofpoint #microsoft #teamcyrmu #Intel471 #Maffiozi #DanaBot #JimmBee #Zscaler #google #Paypal #Lumen #DCIS #ESET #Onix #fbi
-
Oops: DanaBot Malware Devs Infected Their Own PCs
https://krebsonsecurity.com/2025/05/oops-danabot-malware-devs-infected-their-own-pcs/
#DefenseCriminalInvestigativeService #ArtemAleksandrovichKalinkin #U.S.DepartmentofJustice #Russia'sWaronUkraine #Ne'er-Do-WellNews #AleksandrStepanov #ALittleSunshine #LummaStealer #Flashpoint #proofpoint #microsoft #teamcyrmu #Intel471 #Maffiozi #DanaBot #JimmBee #Zscaler #google #Paypal #Lumen #DCIS #ESET #Onix #fbi
-
Oops: DanaBot Malware Devs Infected Their Own PCs
https://krebsonsecurity.com/2025/05/oops-danabot-malware-devs-infected-their-own-pcs/
#DefenseCriminalInvestigativeService #ArtemAleksandrovichKalinkin #U.S.DepartmentofJustice #Russia'sWaronUkraine #Ne'er-Do-WellNews #AleksandrStepanov #ALittleSunshine #LummaStealer #Flashpoint #proofpoint #microsoft #teamcyrmu #Intel471 #Maffiozi #DanaBot #JimmBee #Zscaler #google #Paypal #Lumen #DCIS #ESET #Onix #fbi
-
Oops: DanaBot Malware Devs Infected Their Own PCs
https://krebsonsecurity.com/2025/05/oops-danabot-malware-devs-infected-their-own-pcs/
#DefenseCriminalInvestigativeService #ArtemAleksandrovichKalinkin #U.S.DepartmentofJustice #Russia'sWaronUkraine #Ne'er-Do-WellNews #AleksandrStepanov #ALittleSunshine #LummaStealer #Flashpoint #proofpoint #microsoft #teamcyrmu #Intel471 #Maffiozi #DanaBot #JimmBee #Zscaler #google #Paypal #Lumen #DCIS #ESET #Onix #fbi
-
Oops: DanaBot Malware Devs Infected Their Own PCs
https://krebsonsecurity.com/2025/05/oops-danabot-malware-devs-infected-their-own-pcs/
#DefenseCriminalInvestigativeService #ArtemAleksandrovichKalinkin #U.S.DepartmentofJustice #Russia'sWaronUkraine #Ne'er-Do-WellNews #AleksandrStepanov #ALittleSunshine #LummaStealer #Flashpoint #proofpoint #microsoft #teamcyrmu #Intel471 #Maffiozi #DanaBot #JimmBee #Zscaler #google #Paypal #Lumen #DCIS #ESET #Onix #fbi
-
Oops: DanaBot Malware Devs Infected Their Own PCs
https://krebsonsecurity.com/2025/05/oops-danabot-malware-devs-infected-their-own-pcs/
#DefenseCriminalInvestigativeService #ArtemAleksandrovichKalinkin #U.S.DepartmentofJustice #Russia'sWaronUkraine #Ne'er-Do-WellNews #AleksandrStepanov #ALittleSunshine #LummaStealer #Flashpoint #proofpoint #microsoft #teamcyrmu #Intel471 #Maffiozi #DanaBot #JimmBee #Zscaler #google #Paypal #Lumen #DCIS #ESET #Onix #fbi
-
How cybercriminals exploit psychological triggers in social engineering attacks https://www.helpnetsecurity.com/2025/05/06/social-engineering-human-behavior/ #socialengineering #RealityDefender #cybersecurity #cybercrime #Proofpoint #SecureYeti #Don'tmiss #Zscaler #Fortra #Avast #News #tips
