Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Tuesday, 26 September, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Zscaler ThreatLabZ reveals malicious content delivered over SSL/TLS has more than doubled in six months

by The Gurus
August 3, 2017
in Editor's News
Share on FacebookShare on Twitter

Zscaler, Inc., the leading cloud security company, today announced the findings of a study from Zscaler™ ThreatLabZ showing that malicious threats using SSL encryption are on the rise in 2017. According to the study, an average of 60 percent of the transactions in the Zscaler cloud, the largest security cloud, have been delivered over SSL/TLS. Researchers also found that the Zscaler cloud saw an average of 8.4 million* SSL/TLS-based security blocks per day this year.
 
“Hackers are increasingly using SSL to conceal device infections, shroud data exfiltration and hide botnet command and control communications. In fact, our study found that the amount of phishing attempts per day delivered over SSL/TLS has increased 400 percent from 2016,” said Deepen Desai, senior director, security research and operations. “SSL inspection is a necessity in ensuring the security of network traffic in the enterprise. Zscaler sits between users and the internet, inspecting every byte of traffic, including encrypted traffic, so we can catch hidden threats before they get into the network.”
 
ThreatLabZ researchers also identified new malicious payload distributions, based off unique payloads hitting the Zscaler Cloud Sandbox, leveraging SSL/TLS for command and control (C&C) activity. Banking Trojans comprised 60 percent of the payloads, including families like Dridex, Zbot, Vawtrak and Trickbot, while 25 percent were comprised of multiple ransomware families. Less popular payloads included Infostealer Trojan families and other miscellaneous families.
 
Additional findings include:

  • The amount of malicious content being delivered over SSL/TLS has more than doubled in the last six months.
  • The Zscaler cloud blocked an average of 12,000 phishing attempts per day delivered over SSL/TLS—an increase of 400 percent from 2016.
  • New, increasingly sophisticated malware strains use SSL to encrypt their C&C mechanisms.
  • Zscaler saw an average of 300 hits per day for web exploits that included SSL as part of the infection chain.
  • The most prevalent malware family leveraging SSL-based callbacks was Dridex/Emotet, which contributed 34 percent of the total unique, new payloads in 2017.
  • New malicious payloads leveraging SSL/TLS for C&C activity:
    • 60 percent were comprised of multiple Banking Trojan families (Zbot, Vawtrak, Trickbot, etc.)
    • 25 percent were comprised of ransomware families
    • 12 percent were comprised of Infostealer Trojan families (Fareit, Papras, etc.)
    • 3 percent were from other miscellaneous families

 
*Number based on sample of Zscaler customers using the SSL inspection feature.
To access an infographic with all the findings, click here.
 
Additional resources:

  • Zscaler SSL Inspection
  • Webcast: Are Your Appliance-Based Security Solutions Ready for 2018-bit SSL Certificates?
FacebookTweetLinkedIn
Tags: CybersecurityTechnology
ShareTweet
Previous Post

‘Invisible Man' malware runs keylogger on your Android banking apps

Next Post

Premier League club’s commitment to GDPR

Recent News

Adarma Names James Todd as Chief Technology Officer, Reinforcing Dedication to Security Operations Excellence

Adarma Names James Todd as Chief Technology Officer, Reinforcing Dedication to Security Operations Excellence

September 25, 2023
Nurturing Our Cyber Talent

Nurturing Our Cyber Talent

September 25, 2023
The Journey to Secure Access Service Edge (SASE)

The Journey to Secure Access Service Edge (SASE)

September 22, 2023
WatchGuard

WatchGuard acquires CyGlass for AI-powered network anomaly detection

September 21, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information