Related Stories

  • The future of IT security may be in the cloud
    While the cost savings around moving IT security to the cloud are obvious, a security-as-a-service strategy will also improve the quality of your investment, according to Zscaler CEO and founder Jay Chaudhry. The transition of security from the appliance to the cloud, he said, is already well underway.
  • Out-of-date browser plug-ins are attractive targets for cybercriminals
    Out-of-date browser plug-ins are prime targets for cyberattacks against enterprise browsers, according to Zscaler’s State of the Web report for the second quarter of 2011.
  • Exploit kit infection shutters Postal Service website
    Cloud security provider Zscaler recently discovered an infected a US Postal Service website that is apparently the victim of an exploit kit. The infection has caused the USPS to take down the site since April 4.

Top 5 Stories


Hackers continue to exploit outdated browser plug-ins

07 March 2012

Outdated browser plug-ins continue to be a leading attack vector, according to a recent Zscaler ThreatLabZ report.

Zscaler ThreatLabZ, the research arm of cloud security firm Zscaler, observed that Adobe Shockwave was the most outdated browser plug-in during the third quarter of 2011, with 94% of those installed being outdated.

According to its most recent '2011 State of the Web' report, there was a dramatic shift in the fourth quarter. Shockwave is down to 52% outdated of all installed, and Adobe Reader now tops the list at 61%. Hackers are aware that large amounts of users continue to run outdated plug-ins and use these as an easy attack vector, the report warned.

Botnets comprised the majority of threats seen in December, at 80% of Zscaler blocks. Malicious URLs followed far behind at 14%, while a mere 3% of threats blocked were identified by anti-virus/signature detection.

The report found that enterprises are moving to the more secure Internet Explorer 8. The use of IE 8 has more than doubled in the enterprise over 2011, from 26% of overall IE traffic in January to 55% in December. The report noted that while enterprises are moving to newer and more secure web browsers, IE 9 adoption remains very low.

Overall, IE use in the enterprise followed a slow decline, down to 53% in the fourth quarter from 58% in the third quarter. Meanwhile, Chrome usage saw a big jump from 0.17% of all web browser use in the third quarter to 5% in the fourth quarter, while Safari saw a decline from 7% in third quarter to 4% in the fourth quarter. Firefox usage remained constant at 10%.

In addition, Zscaler ThreatLabZ observed an 85% increase in mobile traffic during the fourth quarter. iPhone and Android devices dominated mobile traffic, accounting for about 87% of such, while Blackberry use fell sharply from 27% to 13% over the quarter.

This article is featured in:
Application Security  •  Internet and Network Security  •  Malware and Hardware Security


Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×