- The Zscaler Experience
Your world, secured
Experience the transformative power of zero trust.
Zscaler: A Leader in the 2023 Gartner® Magic Quadrant™ for Security Service Edge (SSE)
Get the full report
![gartner magic quadrant]( "gartner magic quadrant")
Zero Trust Fundamentals
-
What is Zero Trust?
-
What is Security Service Edge (SSE)?
-
What is Secure Access Service Edge (SASE)?
-
What is Zero Trust Network Access (ZTNA)?
-
What is Secure Web Gateway (SWG)?
-
What is Cloud Access Security Broker (CASB)?
-
What is a Cloud Native Application Protection Platform (CNAPP)?
-
Zero Trust Resources
-
- Products & Solutions
![test]( "test")
Secure Your Users
Provide users with seamless, secure, reliable access to applications and data.
![test]( "test")
Secure Your Workloads
Build and run secure cloud apps, enable zero trust cloud connectivity, and protect workloads from data center to cloud.
![test]( "test")
Secure Your IoT and OT
Provide zero trust connectivity for IoT and OT devices and secure remote access to OT systems.
Products
Transform your organization with 100% cloud native services
Solution Areas
Propel your business with zero trust solutions that secure and connect your resources
-
Stop Cyberattacks
-
Protect Data
-
Zero Trust App Access
-
VPN Alternative
-
Accelerate M&A Integration
-
Optimize Digital Experiences
-
Zero Trust SD-WAN
-
Build and Run Secure Cloud Apps
-
Zero Trust Cloud Connectivity
-
Zero Trust for IoT/OT
-
Zero Trust for Private 5G
-
Find a product or solution
-
Find a product or solution
-
- Platform
Zero Trust Exchange Platform
Learn how Zscaler delivers zero trust with a cloud native platform built on the world’s largest security cloud.
![test]( "test")
Transform with Zero Trust Architecture
Propel your transformation journey
Secure Your Business Goals
Achieve your business and IT initiatives
- Resources
- Company
Security Insights
LightsOut for the Energy Sector
This week, Zscaler ThreatLabZ has published research focused on the LightOut exploit kit being used in a "watering hole" attack again the energy sector. You can read additional analysis on the well-respected security research blog, ThreatPost.
In late February, Zscaler ThreatLabZ security research discovered a “watering-hole” attack targeting the energy sector. “Watering-hole” attacks compromise legitimate Web sites where its intended victims are expected to visit. In this instance, the compromised Web site was a law firm that works with energy companies. The compromised Web site was serving the “LightsOut” exploit, which installs a Remote Access Trojan (RAT). This attack is similar to an attack against the energy sector last fall and is potentially related.
Attacks like these show the sophistication of motivated attackers. In the past, infected documents and malicious URLs delivered via email were the primary vector for targeted attacks; however, by infecting a legitimate Web site, such as this law firm, attackers can more effectively compromise their targets through a trusted channel. Additionally, that these attacks are against the energy sector should be a concern since recent FERC and NERC reports about physical infrastructure have indicated that substation compromise could bring down the entire power grid nationwide. Are energy companies doing enough to protect its IT infrastructure?
Get the latest Zscaler blog updates in your inbox
Subscription confirmed. More of the latest from Zscaler, coming your way soon!
By submitting the form, you are agreeing to our privacy policy.