2017 Mid-year Threat Report
from ThreatLabZ

In this report, Zscaler’s research team highlights patterns, trends and outliers that emerge from the 35 billion transactions the Zscaler cloud processes each day.

Evolution of Exploit Kits in the Past Year

Exploit kit campaigns continue to target popular and legitimate web sites through malvertising, creating a serious threat to the enterprise. These campaigns rapidly transform so that as one exploit kit dies off, another that evades protections and continues the delivery of ransomware payloads quickly replaces it. In this report, Zscaler ThreatLabZ will review the latest in exploit kit activity and what has been learned by tracking these campaigns throughout the year.

A Peek into IoT Enterprise Traffic

IoT has transformed how, where and when we do business, and, as a result, it has exposed the enterprise to increased security threats. Read this report to learn how the growing number of unmonitored consumer IoT devices effect security policies in the workplace, the malware Zscaler has identified that exploit these devices, and how to help your users limit their likelihood of attack.

Mobile Threat Landscape

The predominant tactic to spread malware on mobile devices is duping a victim to click on something – an infected website URL or an infected file attached to an email. During the past year, Zscaler has identified the most effective lure for malware authors: popular games and apps. These authors disguise their malware as a hotly anticipated app, and victims unknowingly download the malware, believing they are downloading a legitimate app. In this report, the ThreatLabZ team will share research on mobile malware trends, and their effect on the enterprise IT policies and controls.

Rise of SSL Based Threats

SSL encryption is increasingly being used to hide exploit kits, malware and other risks. However, in many cases, organizations whose security equipment supports SSL inspection to detect such threats disable the feature due to unacceptable levels of latency experienced on the corporate network.  Learn why it is critical to make SSL inspection a part of your security practice and how to do so without compromising network performance and user experience.

Download Report