CyberWire Daily - From China with love (and Malware).
Episode Date: March 6, 2025US Justice Department charges employees of Chinese IT contractor i-Soon. Silk Typhoon targets the IT supply chain for initial access. Chrome extensions that change shape. Attackers target airflow misc...onfigurations. LibreOffice vulnerability opens the door to script-based attacks. NSO group leaders face charges in spyware case. Today, our own Dave Bittner is our guest as he appeared on the Adopting Zero Trust podcast at ThreatLocker’s Zero Trust World 2025 event with hosts Elliot Volkman and Neal Dennis and guest Dr. Chase Cunningham. And turning $1B into thin air. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today, our own Dave Bittner is in our guest spot as he appeared on the Adopting Zero Trust podcast at ThreatLocker’s Zero Trust World 2025 event with hosts Elliot Volkman and Neal Dennis and guest Dr. Chase Cunningham aka Dr. Zero Trust. Adopting Zero Trust is an ongoing conversation about the people and organizations adopting Zero Trust. You can catch the full episode here where Dave and Dr. Zero Trust weigh the difference between delivering refined news and raw perspective, hitting critical mass for AI, and the current political environment. Selected Reading US charges Chinese nationals in cyberattacks on Treasury, dissidents and more (The Record) Silk Typhoon targeting IT supply chain (Microsoft) Malicious Chrome extensions can spoof password managers in new attack (Bleeping Computer) Apache Airflow Misconfigurations Leak Login Credentials to Hackers (GB Hackers) LibreOffice Flaw Allows Attackers to Run Arbitrary Scripts via Macro URL (GB Hackers) Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks (SecurityWeek) Catalan court says NSO Group executives can be charged in spyware investigation (TechCrunch) Former top NSA cyber official: Probationary firings ‘devastating’ to cyber, national security (CyberScoop) Financial Organizations Urge CISA to Revise Proposed CIRCIA Implementation (SecurityWeek) North Koreans finish initial laundering stage after more than $1 billion stolen from Bybit (The Record) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the CyberWire Network, powered by N2K.
We've all been there.
You realize your business needs to hire someone yesterday.
How can you find amazing candidates fast?
Well, it's easy.
Just use indeed.
When it comes to hiring, Indeed is all you need.
Stop struggling to get your job post noticed.
Indeed's Sponsored Jobs helps you stand out and hire fast.
Your post jumps to the top of search results, so the right candidates see it first.
And it works.
Sponsored jobs on Indeed get 45% more applications than non-sponsored ones.
One of the things I love about Indeed is how fast it makes hiring.
And yes, we do actually use Indeed for hiring here at N2K Cyberwire.
Many of my colleagues here came to us through Indeed.
Plus, with sponsored jobs there are no subscriptions, no long-term contracts.
You only pay for results.
How fast is Indeed?
Oh, in the minute or so that I've been talking to you, 23 hires were made on Indeed, according
to Indeed data worldwide.
There's no need to wait any longer.
Speed up your hiring right now with Indeed.
And listeners to this show will get a $75 sponsored job credit to get
your jobs more visibility at indeed.com slash cyber wire. Just go to indeed.com slash cyber
wire right now and support our show by saying you heard about indeed on this podcast. Indeed.com
slash cyber wire. Terms and conditions apply. Hiring, indeed, is all you need.
U.S. Justice Department charges employees of Chinese IT contractor, Isoon.
Silk Typhoon targets the IT supply chain for initial access.
Chrome extensions that change shape.
Attackers target airflow misconfigurations.
LibreOffice Vulnerability opens the door to script-based attacks.
NSO group leaders face charges in the spyware case.
Today, our own Dave Bidner is our guest
as he appeared on the Adopting Zero Trust podcast
at Threatlocker Zero Trust World 2025 event
with hosts, Elliott Volkman and Neil Dennis
and guest, Dr. Chase Cunningham
and turning $1 billion into thin air.
Today is March 6, 2025.
I'm Maria Varmazes, subbing in for Dave Bittner, still out on vacation.
And this is your CyberWire Intel Briefing. Thanks for joining us on this lovely Thursday.
Let's get into it.
The U.S. Justice Department has charged 12 Chinese nationals for their alleged involvement
in hacking U.S. entities on behalf of the Chinese government.
Two of the individuals are officers with the PRC's Ministry of Public Security, and eight
are employees of Chinese IT security contractor, ISUN.
Two additional defendants are freelancers tied to the APT-27 threat actor, who assisted
ISUN in some operations.
The Justice Department says the Ministry of Public Security and the Ministry of State
Security hired ISUN to carry out espionage campaigns against organizations around the globe, including
the U.S. Defense Intelligence Agency, the U.S. Commerce Department, a major U.S. religious
organization, and news organizations based in the United States and Hong Kong.
ISUN also allegedly hacked the foreign ministries of India, Indonesia, South Korea, and Taiwan.
The FBI says ISUN's activities have been publicly tracked as Aquatic Panda, Red Alpha, Red
Hotel, Tarkel Typhoon, Red Skilla, Hacium, Chromium, and Tag-22.
Just as said in a press release, from approximately 2016 through 2023, ISUN and its personnel
engaged in the numerous and widespread hacking of email accounts,
cell phones, servers, and websites at the direction of and in close coordination with
the PRC's MSS or Ministry of State Security and MPS or Ministry of Public Security.
ISUN generated tens of millions of dollars in revenue and at times had over a hundred
employees.
ISUN's primary customers were PRC government agencies. It worked with at least 43 different MSS or MPS bureaus
and charged the MSS and MPS
between approximately $10,000 and $75,000
for each email inbox that it successfully hacked.
iSoon sustained a major breach in early 2024
that exposed its inner workings
and ties to the Chinese government,
as well
as its hacking tools and services.
Microsoft has published a report on the Chinese espionage actor Silk Typhoon, finding that
the group is now targeting common IT solutions like remote management tools and cloud applications
to gain initial access.
Microsoft states, while they haven't been observed directly targeting Microsoft cloud services,
they do exploit unpatched applications
that allow them to elevate their access
in targeted organizations
and then conduct further malicious activities.
After successfully compromising a victim,
Silk Typhoon uses the stolen keys and credentials
to infiltrate customer networks
where they can then abuse a variety of deployed applications,
including Microsoft services and others, to achieve their espionage objectives.
Leaping Computer notes that Silk Typhoon recently made headlines for hacking the U.S. Treasury's
Office of Foreign Assets Control in December 2024.
A newly identified polymorphic attack enables malicious Chrome extensions to impersonate
legitimate ones, such as password managers, cryptocurrency wallets, and banking applications,
thereby facilitating the theft of sensitive user information.
Researchers at Square X Labs demonstrated that these extensions can detect other installed
extensions using the Chrome.management API or by injecting resources into visited web pages.
Upon identifying a target, the malicious extension downloads
code to replicate the legitimate extensions interface,
deceiving users into entering confidential data.
Misconfigurations in Apache Airflow instances
have been found to expose sensitive credentials,
including login details, API keys, and cloud service tokens, due to insecure
coding practices and outdated deployments.
These vulnerabilities affect sectors such as finance, healthcare, and e-commerce, with
exposed credentials for services like AWS, Slack, PayPal, and internal databases.
The primary issues include hard-coded secrets and DAG scripts, unencrypted variables and
connection metadata, legacy
logging vulnerabilities, and exposed configuration files. To mitigate these risks, organizations
should upgrade to Airflow 2.0 or later, implement network segmentation, use dedicated secrets
management tools, and conduct thorough code reviews to eliminate hard-coded credentials.
A newly discovered vulnerability in LibreOffice allows attackers to execute
arbitrary scripts via maliciously crafted macro URLs,
posing a significant security risk.
The flaw exploits LibreOffice's handling of macro execution,
enabling remote attackers to bypass security warnings
and execute malicious code without user consent.
If successfully exploited, this vulnerability could allow system compromise,
data theft, or further malware deployment.
Security researchers recommend disabling macros, restricting untrusted document execution,
and ensuring LibreOffice is updated to the latest patched version. Organizations should
monitor for suspicious document activity and enforce strict macro security policies to
mitigate the risk of exploitation.
In a follow-up to a story from earlier this week, tens of thousands of VMware ESXi instances
remain vulnerable to a chain
of actively-exploited vulnerabilities
that were disclosed on Tuesday,
according to a report from Security Week.
The vulnerabilities can allow an attacker
to perform a VM escape
and gain access to the ESXi hypervisor.
Security researcher Kevin Beaumont explains
that attackers can use that to access every other VM
and be on the management network of the VMware cluster.
Beaumont added that once you have this level of access,
traditionally you'll see groups like ransomware actors
steal files and wipe things.
While the vulnerabilities are being exposed
by unnamed threat actors,
details of the exploit aren't yet publicly available. Organizations should prioritize
patching before an exploit is released.
A Cuddleon court has indicted three NSO Group executives for their alleged involvement in
espionage against the lawyer representing Calan independence leaders. This decision overturns a prior ruling that limited accountability to the company and
its European subsidiaries.
The court's action is part of a broader investigation into the use of NSO's Pegasus spyware against
Catalan separatists, a scandal known as Catalan Gate, which reportedly targeted at least 65
individuals, including politicians, activists,
and their families.
The human rights organization Iridia, representing the lawyer in question, hailed the indictments
as a pivotal step towards addressing unlawful surveillance.
The court has also sought cooperation from Luxembourg authorities to advance the investigation.
Rob Joyce, who is the former director of Cybersecurity at the National Security Agency and
a White House advisor for the first Trump administration, testified before the House
Select Committee, expressing grave concerns over the Trump administration's initiative
to mass-fire probationary federal employees.
Joyce emphasized that such actions could severely undermine U.S. cybersecurity and national
security efforts, particularly encountering Chinese cyber threats. He highlighted that probationary employees
often constitute a pipeline of top technical talent essential for
identifying and mitigating cyber threats. The administration's aggressive stance
on reducing the federal workforce, including attempts to dismiss nearly all
probationary employees, has faced legal challenges, with a federal judge
temporarily blocking the order due to the overreach by the Office of Personnel Management.
Several prominent financial organizations have formally requested that the Cybersecurity
and Infrastructure Security Agency, or CISA, revise its proposed implementation of the
Cyber Incident Reporting for Critical Infrastructure Act of 2022, otherwise known as CERCIA.
Enacted in March 2022, CERCIA mandates that critical infrastructure entities report significant
cybersecurity incidents within 72 hours and ransomware payments within 24 hours.
CISA's current proposal, set to take effect in October 2025, is estimated to impact approximately
316,000 entities. The financial groups argue
that the proposed rules deviate from CSERCIA's original intent by imposing undue burdens
on organizations, potentially diverting resources from effective incident response and recovery
efforts. They advocate for a collaborative approach to develop a rule that allows victimized
companies to prioritize addressing cyberatt attacks over fulfilling reporting obligations.
Coming up after the break, Dave Bittner himself joins hosts Elliott Volkman and Neil Dennis on the Adopting Zero Trust podcast from Threat Lockers Zero
Trust World 2025 alongside special guest Dr. Chase Cunningham.
And don't miss how one hacker group turned $1 billion into thin air. And now, a message from Black Cloak.
Did you know the easiest way for cybercriminals to bypass your company's defenses is by targeting
your executives and their families at home?
Black Cloak's award-winning digital executive protection platform secures their
personal devices, home networks, and connected lives. Because when executives are compromised
at home, your company is at risk. In fact, over one-third of new members discover they've
already been breached. Protect your executives and their families 24-7, 365, with Black Cloak.
Learn more at blackcloak.io.
Cyber threats are more sophisticated than ever.
Passwords, they're outdated and can be cracked in a minute.
Cyber criminals are intercepting SMS codes
and bypassing authentication apps.
While businesses invest in network security, they often overlook the front door, the login.
Ubico believes the future is passwordless.
Ubiquis offer unparalleled protection against phishing for individuals, SMBs, and enterprises.
They deliver a fast, frictionless experience that users love.
Ubico is offering N2K followers
a limited buy one, get one offer.
Visit ubico.com slash N2K to unlock this deal.
That's Y-U-B-I-C-O.
Say no to modern cyber threats.
Upgrade your security today.
today. Our very own Dave Bittner joined hosts Elliot Volkman and Neil Dennis on the Adopting Zero
Trust podcast at Threatlocker Zero Trust World 2025.
And together they explored the balance between delivering refined news versus raw perspective,
the tipping point for AI adoption and how
the current political landscape is shaping cybersecurity.
Here's a bit of their conversation.
Hello and welcome to Adopt Zero Trust, live from Zero Trust World or ZDW.
I'm Elin Mulquinn, your producer and media host.
I might actually say more than five words this time.
We have our wonderful Neil Dennis.
I hope you know who Dr. Chase Cunningham
or Doctors Air Trusters.
And then Dave, you're new to this.
But if you're listening to us and you're not seeing us,
I suspect you're going to know his voice more than anything.
He is the, I don't know, I would argue probably
the source of all popular cybersecurity news
that most of us listen to.
Dave, who are you though?
Who is it?
He's the guy Graham clearly wants to grow up to be.
Oh wow, your words not mine, but okay.
Graham will be here I think later today.
So I am the host of the Cyber Wire podcast,
which is a popular daily cyber security news brief
enjoyed by many.
So thank you for having me.
Just a few, right?
Just a few, just a few. Yeah, it's nice to be able to help try to make the world a little safer, day by many. So thank you for having me. Just a few, right? Just a few, just a few.
Yeah, it's nice to be able to help try to make the world
a little safer, day by day.
I love it.
That all said, I want to start with some basics.
Wood, I would love to do this, get your perspective
on the world of cyber security that we're in now.
What is your maybe lukewarm take on the year ahead
for cyber security, having seen everything
and anything in between.
Well, I think the hottest take right now
is just trying to navigate the chaos that's going on
in Washington, DC, and which is directly related
to cyber security.
So the unpredictability of that,
things that are happening that we have not seen before
in ways that we have not seen before,
I think, as a friend of mine used to say,
do you hear that clicking sound?
I'd say, what are you talking about?
He'd say, we're headed up the first lift hill.
Hold on to the bar, here we go.
So to me, that's the big disruptor this year
and I would love to see it end sooner than later
but I don't have high hopes that that's gonna happen.
That sounds reasonable.
Chase, I feel like you might have some opinions here.
Yeah, well, I mean, I wrote a piece about the cat
that was just appointed to be the director
of National Cyber that knows as much about cyber
as I do about underwater basket weaving.
So I think we're continuing to propagate
a lot of the shenanigans in that space,
which is not gonna help.
I think the way we're rushing into things,
and I'm all for fixing the fraud, waste, and abuse,
because I've been in the government
and I've seen this stuff.
But the leadership style here needs to be fixed,
especially in cyber.
That's fair.
Can't argue with that.
Neil, what are you gonna throw at us?
I'm with Chase, obviously.
I'm working day-to-day job.
There were some things working on
that kind of got put on hiatus,
like most government contracting stuff will do
but it hasn't already been signed before SHIFT-TURK. But I will say the current future of CISO, which was a
pet project six years ago, is no longer seeming to be a pet project anymore. So the outcome of what
happens with that particular effort will obviously have massive repercussions for where we go from standards
and policy and procedure for the next three, five, ten years even. We were just getting
used to CISA. We were just getting things that actually worked with CISA. So it'll be
fun to see where that goes in my opinion.
I'm going to throw out one more lob that I feel like Chase is going to sink his teeth
maybe into a little bit. Then we'll see if he has some context
he want to add, but repercussions.
So let's say the world of compliance and frameworks
is tied to government, to HADA,
the nice maybe a little bit,
well HIPAA, CMMC, FedRAMP, those arrive, we don't know,
but in past conversations we've talked about repercussions
and usually they come in fines
and that's like the cost of doing business.
Do you feel like there could be any shifts in those wings?
From being engaged in some of the working groups
that are doing things up on the hill
and in those closed door sessions,
I say that there's a sea change that's lining up,
which is going to potentially change the way
that people view violations and negligence, which is something
I've been trying to champion for a long time. So the cost of doing business might include some
shiny bracelets here pretty soon, which is the way it ought to be. So more than fines, perhaps
actually seeing criminal charges for negligence. Very much like you have in the airline industry
and in every other regulated industry where if you do knowingly negligent stuff, especially for years on end, you don't get to go, oh
sorry, let me cut you a check.
You get to go to federal prison for a little while.
That could move the needle.
There's nothing like prison that will change people's approach to a problem.
Yeah.
Yeah, I do want to pull back from like your history a little bit and maybe get some perspective
from your side.
I'll probably just skip through some of the fluffier stuff,
but you probably are privy to a lot of information
that the world wants to know.
You have to get a certain amount of information
before it is ready to be released.
I'm just curious, how do you even begin to manage
what you are comfortable sharing with the world
or how you vet and go through
that information.
Because obviously we get a little bit of
closed-door information that's not quite baked in.
Right, right.
Well, I'd say first of all, we think it's really important
to have a process and to be careful.
We're very deliberate about not dealing in rumors
or speculation or gossip or any of that kind of stuff.
There's plenty of that out there,
but we feel like that's not what people come to us for.
It is not unusual for us to hold a story
until we can get verification from an additional,
legit news source that something is actually happening.
I think if you build trust with your audience and you're straight with them and you admit when you've made a mistake,
then everything will work out fine.
But it's a responsibility that we take very seriously and I feel fortunate
we have a really good team to back me up.
So I'm glad it's not just me out there doing it.
Right.
You got to start somewhere.
You have to have a filter.
You have to have someone who provides perspective,
and then you have to be able to provide your own
on top of that and make an educated assessment
of around what's going on.
But you have to get to the floor,
to the bottom floor of what's there.
And there's so much now.
There's just so much and it's at such speed
that being able to filter down is so valuable.
I feel that there will be an unrealized benefit to this
because people are going to do bad things that can.
And that's just the nature of it.
It's Cain and Abel.
Yeah.
I mean, it was less than a quantum denominator.
Quantum is, yeah.
Quantum.
Is that, is that,
somebody just put a check on their bingo content for...
Let me do that. Because you say, you use bingo card. Right, exactly. Because you used the word quantum, yeah.
The biggest thing about quantum that I think a lot of folks don't really get, because I
was talking with some folks on the MIT side is, it's not even the quantum computing that's
the actual problem, it's the cooling.
They can't run the machines long enough, keep them cool enough to actually work, long enough
to be valuable.
Oh, interesting.
Yeah, so they have to get them almost degrees Kelvin cold, which is, it cool enough to actually work, long enough to be valuable. Oh, interesting. So they have to get them almost to degrees Kelvin cold,
which is, it's easy to heat stuff up,
cooling it down is a whole other issue.
Which is why there are people sinking data centers
in the ocean to try and cool them off as fast as possible.
So until we crack better ways of cooling,
I don't think quantum is a realistic issue
that we face anytime soon.
And from everyone I've talked to that are technologists
that actually understand that stuff,
they say we're 10 to 20 years out.
Now I think there will be quantum computations
that are going to come and as we get more cloud
and more distributed type of infrastructure,
it'll solve itself.
But quantum computing is current iteration, yeah.
It's like the joke about nuclear fusion,
that it's always 20 years away no matter when you ask.
Yeah, I do think close.
Right, right.
The moment the first public version of Chad GBT
went live, 2.0, whatever it was,
it was already published inside Tor
for various threat actors to take advantage of that LLM.
Everybody's trying to figure out ways
to make it spit out ransomware on this side.
Just log into Tor and some other places.
Use your neighbor's Wi-Fi.
Yeah, but to your point though, force multipliers,
things that lower the barrier to entry on anything,
technology-wise, are always going to be used nefariously
and sometimes for fun as well.
Well, we've gone through every buzzword that's currently brewing.
Yeah, I was trying to think of which one we missed.
I think we can deviate away from that.
I do want to lob one question to your way, David,
and I'll wrap things up.
You obviously cover and aggregate every news piece
that are out there from the sense security perspective,
but is there a story that you feel like you would love to tell
and just it's not part of the equation for you?
Is there, Neil and I, we don't really cover incidents
and breaches, everyone else already goes that.
What's hiding in the back of your mind
that a story that you've been wanting to tell
is just not there yet?
Well, I'll comment it from a different direction,
which is kind of a, there's a historical story that I've,
it fits and starts, I've tried to chase a couple times
over the years and I haven't gotten anywhere.
And since I first started chasing this story,
we started a daily space podcast.
So now we have a team who's focused on space news.
So the story I was trying to track down was years ago
during the Apollo program,
how was it that people didn't basically mess
with each other's signals, all that stuff?
Because it was analog in the clear,
was this just a gentleman's agreement
that we said to the Russians, the Russians said to us,
we're gonna leave each other alone
while we're sending things to the moon, right?
So like, what intrigues me about it is like somehow,
even with the historians,
that particular security question hasn't come up
that I can tell or I haven't found it yet.
Maybe there's probably a book out there somewhere,
but wasn't just a gentleman's agreement
that we're pushing the boundaries here
and I'm not going to jam your space capsule
even though I can.
For the full conversation, be sure to visit our show notes
for links to the Adopting Zero Trust podcast,
and you can also check out the video of their discussion
to dive deeper into their insights on implementing Zero Trust strategies.
Hey everybody, Dave here.
Have you ever wondered where your personal information is lurking online?
Like many of you, I was concerned about my data being sold by data brokers.
So I decided to try DeleteMe.
I have to say, DeleteMe is a game changer.
Within days of signing up, they started removing my personal information from hundreds of data brokers.
I finally have peace of mind knowing my data privacy is protected.
DeleteMe's team does all the work for you with detailed reports so you know exactly what's been done.
Take control of your data and keep your private life private by signing up for DeleteMe.
Now at a special discount for our listeners
today get 20% off your delete me plan when you go to join delete me dot com slash n2k
and use promo code n2k at checkout the only way to get 20% off is to go to join delete
me dot com slash n2k and enter code n2k at checkout. That's join delete me.com slash n2k code n2k.
North Korea's Lazarus Group has swiped over a billion dollars from crypto exchange Bybit, and they're already
busy laundering the stolen funds. Using decentralized finance or defi tools to cover their tracks,
they've pulled off a lightning fast, highly organized operation that's leaving investigators
scratching their heads. The FBI has confirmed Lazarus as the mastermind, and experts say
that the group's infrastructure has likely expanded with underground networks, especially in China, helping them wash the funds.
They've already laundered around $400 million, and their sheer speed and volume are creating
headaches for anyone that's trying to stop them.
Bybit has launched a bounty for those who can help trace the stolen crypto, but with
77% of the funds still traceable,
it's a race against time.
This hack is officially the largest in crypto history,
blowing past even the notorious Ronin Network
and Poly Network thefts.
It is a truly staggering breach,
one that'll have the crypto world on high alert
for quite some time. And that is The Cyber Wire.
For links to all of today's stories, check out our daily briefing at thecyberwire.com.
We'd love to know what you
think of this podcast. Your feedback ensures we deliver the insights that keep you a step
ahead in the rapidly changing world of cybersecurity. If you like the show, please share a rating
and review in your podcast app. Please also fill out the survey in the show notes or send
an email to cyberwire at n2k.com.
We're privileged that N2K CyberWire is part of the daily routine of the most influential
leaders and operators in the public and private sector from the Fortune 500 to many of the world's
preeminent intelligence and law enforcement agencies. N2K makes it easy for companies to
optimize your biggest investment, your people. We make you smarter about your teams while making
your teams smarter. Learn how at ntuk.com. NTUK's senior producer is Alice Carruth. Our
cyberwire producer is Liz Stokes. We're mixed by Trey Hester with original
music and sound design by Elliot Peltsman. Our executive producer is
Jennifer Iben. Peter Kilpe is our publisher. And I am your host Maria
Varmazes in for Dave Bittner. Thanks for listening. We'll see you tomorrow. And now, a message from our sponsor Zscaler, the leader in cloud security.
Enterprises have spent billions of dollars on firewalls and VPNs, yet breaches continue
to rise by an 18% year-over-year increase in ransomware attacks and a $75 million record payout in
2024, these traditional security tools expand your attack surface with public-facing IPs
that are exploited by bad actors more easily than ever with AI tools.
It's time to rethink your security.
Zscaler Zero Trust plus AI stops attackers by hiding your attack surface, making apps
and IPs invisible, eliminating lateral movement, connecting users only to specific apps, not
the entire network, continuously verifying every request based on identity and context,
simplifying security management with AI-powered automation, and detecting threats using AI to analyze
over 500 billion daily transactions.
Hackers can't attack what they can't see.
Protect your organization with Zscaler Zero Trust and AI.
Learn more at zscaler.com slash security.