Zscaler – BD | Application and Network Security Blog

While I can think of a hundred other things to do with my phone, crypto mining has never been one of them. Which is why I was surprised to see in June of this year, Apple banned crypto mining apps from the App Store. Who knew crypto mining on iOS was even a thing?

There has been a lot said regarding the security of the iOS platform, especially when compared to Android. While iOS does an amazing job sandboxing applications and preventing your iPhone from becoming the next biggest botnet, I was surprised to see some crypto mining from inside my house…and not the cool kind of crypto mining that puts coin in my pocket. This was malware running on a system inside my house.

Continue reading Crypto Mining and iOS, but not the way you would expect

Raise your hand if you’re using any or all of these technologies:

NGFW
IPS/IDS
URL Filter
Antivirus
DLP
Sandbox
VPN
DDoS Mitigation

Pretty much all of us, right? Now raise your hand if you are decrypting SSL/TLS outbound.

While HTTP/2 doesn’t require SSL/TLS, it will use it by default if it is available. Oh by the way, all modern browsers have supported HTTP/2 since January of 2016. Factor in the efforts of Let’s Encrypt, the adoption of SSL/TLS has skyrocketed in the past few years and will continue to grow. Hell, even this shitty blog is using TLS 🙂 If you aren’t decrypting SSL/TLS you have to ask yourself, what good is my NGFW, IPS, Antivirus, etc if I am completely blind to it? The answer is simple, it isn’t good, in fact it’s terrible. You are bound by the constraints of legacy security, source/destination and ports. It’s like locking a screen door. It will keep the flies out but it won’t stop any real threats.

Continue reading Executing Security at Scale