Skip to content

Emotet botnet hits quiet patch before Black Friday – the calm before the storm?

Most wanted botnets – Emotet, Trickbot and Qbot. What are this terrible trio up to, and how do you stay safe?

Emotet and holidays like Black Friday are good pals. That’s because Emotet’s seasonal specialty is filling your inbox with holiday “deals” that aim to compromise your machine, steal valuable data and account credentials and open it up to subsequent attacks from other malicious actors.

This year, we saw Emotet flooding inboxes with malicious emails in monthly campaigns running from August to October – campaigns that reached into the low tens of thousands of detections in ESET telemetry:

Figure 1: Monthly Emotet campaigns detected in ESET telemetry

Right around Halloween, and leading up to Black Friday, Emotet went quiet. It’s suspected by ESET researchers that Emotet’s operators are taking a little downtime before roaring the spam engine back to life for 2020’s Black Friday and the following pre-Christmas period.

While Emotet’s writers have, in the past, placed a rude comment or two about ESET in their malware binaries, ESET protection has not been outdone. Dealing with Emotet’s attacks can be as simple as being cautious, by not clicking on links in emails, avoiding the “Enable Content” button in documents that arrive as attachments of suspicious, yet legitimate-looking, emails and using security software like ESET Internet Security that protects you when you accidentally click.

The other specials Emotet likes to offer are its friends, Qbot and Trickbot. Emotet is known to serve up both Trickbot and Qbot malware to its victims. Both these malevolent families are more than happy to help themselves to victims’ sensitive information, credentials and other valuable data, and often finish their nasty business by installing ransomware such as Ryuk or Conti.

Let’s see how busy Trickbot and Qbot – Emotet’s friends – have been in the past few months:

While Trickbot’s detection numbers remain in the hundreds – likely due to the recent disruption efforts – Qbot has been quite busy, with detection numbers for the malware reaching the low thousands from August to October. In fact, following Halloween, Emotet detection numbers subsided, while Qbot detection numbers kept their former levels. That would suggest that Qbot is also using other distribution channels to get into potential victims’ inboxes.

How to stay safe from malicious bots Emotet and its buddies don’t just flood your inbox with dangerous malspam, but they also go after other devices in your network. Trickbot, for example, has been using hacked routers for a long time for command and control. Therefore, it is important to review the security settings of all your home devices.

  1. You can find some practical tips on how to configure your home router securely here.
  2.  If you use child trackers and watches, smart doorbells, smart security cameras or smart home hubs, you can read up on the privacy and security considerations surrounding their use here.
  3. If you want to test your mettle against phishing emails or malspam, you can find a few options here.
  4. Finally, don’t forget to protect all your devices with security solutions like ESET Mobile Security for Android, ESET Internet Security for Windows or ESET Cyber Security for macOS. These offer multilayered protection that can detect and block Emotet’s efforts, whether fingerprinting victims’ machines, spreading laterally in a network or downloading payloads such as Trickbot and Qbot.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.

Deal or no deal – what to watch out for this Black Friday and Cyber Monday

In a year like no other, it is likely that 2020’s Black Friday and Cyber Monday deals will be more frenzied than ever. With many industries, particularly retail, crippled by pandemic lockdowns and distancing restrictions, the upcoming weekend presents an opportunity to recoup some losses. The pandemic has accelerated the already growing increase in online shopping, with e-commerce sales expected to reach $4.2 trillion by the end of 2020 (Statista).

Although many physical stores will be closed or keeping the usual crowds of shoppers to a minimum – the online space will be just as jam-packed as ever with offers and sales. This makes it the perfect breeding ground for cyber-attacks and scams, from phishing emails to suspicious social media ads. For many, mobile devices have become the primary method for online shopping, so it is vital that consumers are protected across all technologies.

Here are ESET’s top five tips for what to watch out for and to stay safe this Black Friday and Cyber Monday:

  1. Stick to what you know – If you see an offer in a promotional email or an online ad that seems too good to be true, then it probably is! Finding an item immediately from an unrecognized vendor with the best price can be a red flag. If you’re unsure about a website, then don’t click on the link – head separately to the website of the organization the sender is claiming to represent to find out if the offer is legitimate.
  2.  Look-alikes and fake websites – Look for the padlock and, on a desktop device, the https:// at the beginning of the website address. These indicate that communication between you and the site is encrypted and any data you send can’t be seen by anyone intercepting the traffic.
  3.  Dodgy incoming information – Suspicious texts with malicious links, elaborate phishing emails and fraudulent banking notifications are all techniques used by online scammers. In addition, be wary of threatening messages that try to get you to hand over sensitive information, such as bank details.
  4.  Passwords and PINs – It can feel a bit like beating a dead horse, but strong, unique passwords are the foundation of a positive online shopping experience. Avoid creating accounts with retailers unless absolutely necessary, and make sure to use a secure payment method, like Apple Pay, Android Pay or PayPal, to avoid linking your primary bank account. You can also take this one step further and enable two-factor authentication where possible, adding an extra layer of security to your transactions.
  5.  Software safety first – Keep your devices and operating systems uptodate, and have security software installed and fully operational on all devices. Software updates fix known vulnerabilities, so be sure to install them when prompted. Security software products, such as ESET Internet Security or ESET Mobile Security, include extra features, like Banking & Payment Protection, to keep you safe while shopping online, which can take the stress out of your shopping spree.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.

Greycortex is a top-rated company among the 50 most successful tech companies in the Deloitte Technology fast 50 CE

Brno, November 19, 2020

GREYCORTEX has won second place in the Rising Stars category in the prestigious ratings organized by Deloitte, where many Czech tech companies strove to be nominated as the fastest-growing tech company in the Deloitte Technology Fast 50 CE. The Tech Stars, Rising Stars, and Impact Stars categories present both the maturest and newest fast-growing companies in the Central European region as well as those companies that have had a revolutionary social or environmental impact on the market.

Petr Chaloupka, CEO at GREYCORTEX, said: “I am very pleased to have achieved international success in the 21st year of the Deloitte Technology Fast 50 CE competition and to have won second place in the Rising Stars category. In this category, seven out of 10 places were occupied by Czech companies, showing that the Czech Republic is still a cradle of technological innovation and that we have a good standing in this international competition. I wish to congratulate all the other companies and wish them success in further building their internationally competitive status”.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About GREYCORTEX
GREYCORTEX uses advanced artificial intelligence, machine learning, and data mining methods to help organizations make their IT operations secure and reliable.

MENDEL, GREYCORTEX’s network traffic analysis solution, helps corporations, governments, and the critical infrastructure sector protect their futures by detecting cyber threats to sensitive data, networks, trade secrets, and reputations, which other network security products miss.

MENDEL is based on 10 years of extensive academic research and is designed using the same technology which was successful in four US-based NIST Challenges.

About Deloitte Technology Fast 50 CE
Deloitte Technology Fast 50 CE is a program that identifies and rewards the 50 fastest-growing tech companies in the Central Europe region based on revenue growth over a four-year period.

IDC MarketScape names ESET as a Major Player for second year in a row

BRATISLAVA – For the second year in a row, ESET, a global leader in cybersecurity, has been recognized as a Major Player in mobile threat management in the IDC MarketScape: Worldwide Mobile Threat Management Software 2020 Vendor Assessment (Doc #US46092220, September 2020).*

The assessment evaluates the enterprise market for mobile threat management software products, helping organizations to identify vendors with strong offerings and well-integrated business strategies.

According to the report, “ESET is strong in the areas of threat research, especially around Android malware identification and behavior detection.” As IDC further notes, “Organizations looking to consolidate security products and operations around a unified endpoint security model should also consider ESET for its broader portfolio of endpoint and security management tools on top of MTM.”

In 2020, mobile security has become a greater priority than ever before, as huge numbers of organizations have deployed large-scale remote working, while threat actors have increased their attempts exponentially. As they are separated from the office, more employees are using their mobile devices as a regular part of everyday work, and it is vital that these devices are protected. Businesses should ensure that all endpoints are secured with software such as ESET Endpoint Security for Android, which protects against a wide range of threats with its multilayered defense.

This is more than relevant today, as for many, a significant challenge in contending with mobile threats is managing all of the devices within an organization. As each employee may have multiple mobile devices, overseeing the software on each and every device can be a time-consuming task. However, offerings such as ESET Security Management Center** – which is automatically included in all ESET endpoint protection licenses – can streamline the process, providing a single pane of glass from which to manage all machines on a network.

Zuzana Legáthová, Analyst Relations Manager at ESET, commented: “As one of the IT industry’s most important vendor assessment tools, IDC MarketScape’s continued recognition of ESET as a Major Player is a great testament to the strength of ESET’s mobile security offerings. ESET’s improved performance compared to last year’s assessment is a confirmation of our ever-growing capabilities in the increasingly important space of mobile threat management software. Businesses across the globe can depend on ESET’s expertise to keep their devices safe and secure, and being named as a Major Player in Mobile Threat Management by IDC Marketscape is an important validation of this.”

* The first recognition was given in IDC MarketScape: Worldwide Mobile Threat Management Software 2018–2019 Vendor Assessment, Doc #US44521018, December 2018.

** will be renamed to ESET PROTECT

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.

About IDC MarketScape
IDC MarketScape vendor analysis model is designed to provide an overview of the competitive fitness of ICT (information and communications technology) suppliers in a given market. The research methodology utilizes a rigorous scoring methodology based on both qualitative and quantitative criteria that results in a single graphical illustration of each vendor’s position within a given market. IDC MarketScape provides a clear framework in which the product and service offerings, capabilities and strategies, and current and future market success factors of IT and telecommunications vendors can be meaningfully compared. The framework also provides technology buyers with a 360-degree assessment of the strengths and weaknesses of current and prospective vendors.

ESET named a Top Player in Radicati’s ‘Endpoint Security’ Market Quadrant for third year running as Endpoint Security Market continues to boom

BRATISLAVA – ESET, a global cyber security leader, has been recognized as a ‘Top Player’ for the third year in a row in Radicati’s 2020 Endpoint Security Market Quadrant. The report examines 17 leading endpoint security vendors in the market, assessing their functionality and strategic vision, within which ESET was placed in the top quadrant for the third year in a row.

The Radicati Market Quadrant is a metric used to paint a picture of a specific technology market, with this edition covering Endpoint Security – comprising of appliances, software, cloud services, and hybrid solutions that help to secure and manage endpoints for business organizations of all sizes. As pointed out in the report, organizations no longer view endpoint security as an isolated discipline affecting only the endpoint, but as an integral part of organization-wide defense. Endpoint security shares threat intelligence feeds and policy controls with all other major security components, including firewalls, secure web gateways, secure email gateways, data loss prevention (DLP), and more.

This Quadrant continues to grow in importance with the endpoint security market experiencing growth at an exponential rate, as organizations of all sizes deploy increasingly sophisticated and feature-rich solutions to help protect against threats and malicious attacks. In fact, the Endpoint Security market is expected to surpass $8.2 billion in 2020 and grow to over $15.6 billion by 2024.

Radicati positions vendors in a quadrant according to two criteria: functionality and strategic vision. Radicati also evaluates according to key capabilities including malware detection, web and email security, encryption, mobile device protection, data loss prevention and Endpoint Detection and Response (EDR) and Managed Detection and Response (MDR).

In Radicati’s 2020 Endpoint Security Market Quadrant, ‘Top Players’ are described as the current market leaders with products that offer both breadth and depth of functionality, as well as possessing a solid vision for the future. ‘Top Players’ shape the market with their technology and strategic vision. ESET’s positioning as a ‘Top Player’ for the third year in a row demonstrates the company’s pioneering and innovative nature as the Radicati report states that once a company reaches this stage, they must fight complacency and continue to innovate.

ESET’s Endpoint Security solutions were highlighted as offering high performance and high detection rates, low footprint with low system resource usage and for their ease of deployment and use. They were also commended for their suitability to offer protection for companies with heterogeneous environments.

Juraj Malcho, ESET’s Chief Technology Officer, said “We are incredibly proud to be ranked as a Top Player in Radicati’s 2020 Endpoint Security Market Quadrant. Being acknowledged as a Top Player for the third year in a row is demonstrative of ESET’s ability to stay innovative and provide the best possible technology solutions for our customers. As the endpoint security market continues to grow, we are committed to developing reliable and easily deployable security for organizations of all shapes and sizes.”

To read more about the 2020 Radicati Market Quadrant: Endpoint Security, please click here, and to read more about ESET’s Endpoint Security solutions, please click here.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.

The 5 Key Values of Portnox CLEAR

The problem with most traditional on-premise network access control solutions is their complexity across many fronts, including initial setup, configuration, scalability, and on-going maintenance and upgrades. As a truly cloud-delivered NAC service, Portnox CLEAR delivers SIMPLICITY across all of these critical areas.

VALUE 1: Setup Simplicity

Unlike traditional on-premise solutions that require hardware appliances, software, and other on-premise elements, with Portnox CLEAR, you simply create your dedicated instance in Microsoft Azure using your company email or via SSO (such as Azure AD or GSuite) in a matter of just minutes!

With your dedicated instance of CLEAR created, you simply check the appropriate box(s) to create your RADIUS instance. Dedicated F5 load balancers are spun up as well as auto-scale, so you never have to be concerned with service performance or scalability – it will automatically expand as needed to meet demand.

Portnox CLEAR’s simplicity extends with out-of-box integration and one-click set-up for several common directory services, including:

  • On-premise AD
  • Azure AD
  • G-Suite
  • Okta Universal Directory

SIEM integration is as simple as providing the IP/port, protocol type (TCP, UDP, HTTPS), and data format (JSON/CEF).

VALUE 2: Configuration Simplicity

The complexity of traditional on-premise NAC does not stop at the initial set-up of the local appliance(s), load balancing, RADIUS, and other on-premise components. As shown in the sample policy screenshots below, the complexity of traditional NAC extends to policy configuration that is often layered with multiple and nested interdependencies.

From inception, the focus with CLEAR has been to simplify policy configuration, allowing CLEAR to be fully deployed and operational in a measure of hours/days vs. traditional NAC, which typically can take weeks, or in many cases, months to roll out. Intuitive, easy-to-configure access control, risk, and remediation policies are at the foundation of Portnox CLEAR as reflected in the sample screenshots below.

Risk Policies

Easily configure risk-based access controls for all devices or different groups of devices (i.e. accounting, engineering, etc.), by simply assigning a risk value to each group’s relevant compliance checks.

A simple slide bar easily turns risk values into action (allow, alert, block). It’s that SIMPLE! Unlike traditional NAC that monitors a device risk ONLY when it is on or connected to the network, Portnox CLEAR will monitor risk all the time regardless of if the device is on or off-network.

Remediation Policies

While it is important to continuously be aware of the current risk posture of a device and to be able to use that awareness as part of access control. The ability to proactively take action on the endpoint to help assure a minimum level of compliance is always maintained can be equally important. As with all other policy configurations, setting group-specific remediation policies in CLEAR is as simple as a few clicks.

Unlike traditional NAC that will take remediation actions ONLY if the device is on the network, Portnox CLEAR proactively enforces remediation actions all the time regardless if the device is on or off-network.

VALUE 3: On-Demand Auto-Scale

Delivered as a cloud service, Portnox CLEAR eliminates the need for the capacity planning of on-premise software or appliances. Eliminates the need to expand capacity or upgrade appliances to meet future growth needs. Portnox CLEAR services will automatically expand on-demand to meet any demand spikes and future growth.

Our Azure services are scaling up (and down) automatically based on usage and load. We can automatically control the VM size and the scale-up / down rules.

For the RADIUS component, we use Azure Kubernetes to manage the instances and allow scaling based on demand. We use F5 load balancer to channel the traffic to the right instances and make sure the scaling is transparent to the end-user.

VALUE 4: Ease of Integration

Portnox CLEAR continues to expand native integrations and simplified out-of-band integration through and included restAPI.

Current integrations include:
  • Active Directory
  • Azure AD
  • GSuite
  • MS Intune
  • OKTA
  • Palo Alto
  • SIEM (any/all leading vendors)
Portnox CLEAR also integrates with all leading anti-virus providers to validate and remediate (update) as part of CLEAR compliance and remediation capabilities. Portnox CLEAR also includes a REST-full API over HTTPS that can be used in any programming language that supports REST calls or invoked directly through any HTTPS client such as cURL.

VALUE 5: Zero-Touch Maintenance

As a true SaaS solution, Portnox CLEAR is truly zero-touch!

  • No on-going software updates/patching
  • No management of scheduled downtime
  • No hardware or software end-of-life issues

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Portnox
Portnox provides simple-to-deploy, operate and maintain network access control, security and visibility solutions. Portnox software can be deployed on-premises, as a cloud-delivered service, or in hybrid mode. It is agentless and vendor-agnostic, allowing organizations to maximize their existing network and cybersecurity investments. Hundreds of enterprises around the world rely on Portnox for network visibility, cybersecurity policy enforcement and regulatory compliance. The company has been recognized for its innovations by Info Security Products Guide, Cyber Security Excellence Awards, IoT Innovator Awards, Computing Security Awards, Best of Interop ITX and Cyber Defense Magazine. Portnox has offices in the U.S., Europe and Asia. For information visit http://www.portnox.com, and follow us on Twitter and LinkedIn.。

ESET Mobile Security recognized with top score in AV-TEST ‘best antivirus for Android’

BRATISLAVA – ESET, a global leader in cybersecurity, has again been commended with the highest score in the latest AV-TEST for best antivirus software for Android. After launching version 6.0 of ESET Mobile Security (EMS) in September with the new Payment Protection feature, ESET earned top scores for the second time in a row with a total of 18 points.

AV-TEST, a leading independent testing organization, uses one of the largest collections of digital malware samples in the world to create a real-world environment for highly accurate in-house testing.

After achieving the top score in the July 2020 AV-TEST, ESET was evaluated alongside 14 other mobile security products, using their default settings and the most current version of all products. The testing focused on malware detection and usability, including performance and false positives. ESET Mobile Security achieved the highest score of 99.8% in “Protection against the latest Android malware attacks in real time” and a perfect 100% in “Detection of widespread Android malware discovered in the last 4 weeks.” The ESET Mobile Security app for Android was also highlighted for not impacting battery life or slowing down the device.

Version 6.0 of the premium Mobile Security solution introduces a new layer of security for EMS users. The Payment Protection feature safeguards users while utilizing financially related applications, for example, for banking or trading. This feature automatically categorizes all installed applications from the Google Play store that fall into the Finance category and scans them for potential threats. The user is also able to add other installed apps to the list that may fall outside of the Finance category.

Commenting on the results, Branislav Orlík, product manager at ESET, said, “We are extremely proud of ESET’s consistent recognition from AV-TEST for our mobile security product offering. Our dedication to providing customers with the very best in IT security solutions is reflected in these scores, as it is vital that users’ personal and professional data is protected to the highest standard. We are thrilled to have achieved the highest score once again and are committed to always innovating and updating our product offerings.”

Click here to find out more information about ESET Mobile Security.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.

CyberLink Joins MediaTek’s AIoT Ecosystem

FaceMe® Enables Customers to Integrate Biometric Technology with MediaTek i350 AI Chipset Platform for AIoT devices

TAIPEI, TAIWAN – October 15, 2020 – CyberLink Corp. (5203.TW), a pioneer of AI and facial recognition technologies, announced a strategic technology partnership with MediaTek (2454.TW), a global fabless semiconductor company. CyberLink’s FaceMe® AI biometric authentication engine will now support MediaTek’s i350 Edge AI platform. The partnership enables biometric technologies installation on a wide range of smart appliances, smart homes, public interface kiosks and retail point-of-sale systems for advanced security and authentication features.

As a leading global brand with expertise in smart handheld devices, smart homes, wireless technologies and other connected solutions, MediaTek launched the i350 edge AI platform designed for mainstream AIoT applications that require vision and voice edge processing. The edge AI platform was built using an ultra-efficient 14nm process and incorporates a dedicated APU (AI processor) and DSP (digital signal processor) to enable computer vision and speech applications with greater performance and power efficiency across AIoT applications. More information about MediaTek i350, please visit https://www.mediatek.com/products/AIoT/i350-mt8365.

To support the MediaTek i350 edge AI platform, CyberLink’s FaceMe® facial recognition engine provides functionality for facial detection, recognition and feature extraction, capable of conducting identity verification in merely 0.12 second. Due to MediaTek’s NeuroPilot platform, the computing speed of FaceMe®, powered by deep learning algorithms, can be considerably increased. By utilizing the processing power of NeuroPilot, i350 provides up to three times performance gain for facial recognition and face attribute extraction. Biometric identification can be used for deployments across a myriad of industries and use cases, including security, access control, public safety, smart retail, point-of-sale, ordering machines, digital signage and home protection.

“The addition of biometric identification to AIoT creates an incredible opportunity to improve security and access control with edge devices,” said Dr. Jau Huang, CEO of CyberLink. “It’s our honor to join MediaTek’s AIoT ecosystem. Through the integration of FaceMe® and i350, system integrators will now have access to the most efficient yet low-power consumption applications with identity verification, providing a new class of industry infrastructure to move the biometric technology forward.”

Based on machine learning and deep neural networks, CyberLink FaceMe® has an accuracy rate of 99.7%. It ranks amongst the most precise and fastest facial recognition engines in the United States’ National Institute of Standards and Technology Face Recognition Vendor Test (FRVT). Built for Windows, Linux, Android and iOS, FaceMe® is ideal for cross-platform solutions. It is optimized to run on high-end workstations with CPU or GPU to low-power chipsets typically used in IoT devices—capable of being deployed virtually anywhere.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About CyberLink
Founded in 1996, CyberLink Corp. (5203.TW) is the world leader in multimedia software and AI facial recognition technology. CyberLink addresses the demands of consumer, commercial and education markets through a wide range of solutions, covering digital content creation, multimedia playback, video conferencing, live casting, mobile applications and AI facial recognition.  CyberLink has shipped several hundred million copies of its multimedia software and apps, including the award-winning PowerDirector, PhotoDirector, and PowerDVD.  With years of research in the fields of artificial intelligence and facial recognition, CyberLink has developed the FaceMe® Facial Recognition Engine. Powered by deep learning algorithms, FaceMe® delivers the reliable, high-precision, and real-time facial recognition that is critical to AIoT applications such as smart retail, smart security, and surveillance, smart city and smart home. For more information about CyberLink, please visit the official website at www.cyberlink.com

About Talma
With more than 29 years offering complete solutions, in Talma we provide safe, fast and efficient airport services. We operate in 19 airports in Colombia.

Lazarus misuses legitimate security software in a supply-chain attack in South Korea, ESET Research discovers

BRATISLAVA – ESET researchers recently discovered attempts to deploy Lazarus malware via a supply-chain attack (on less secure parts of the supply network) in South Korea. In order to deliver its malware, the attackers used an unusual supply-chain mechanism, abusing legitimate South Korean security software and digital certificates stolen from two different companies. The attack was made easier for Lazarus since South Korean internet users are often asked to install additional security software when visiting government or internet banking websites.

“To understand this novel supply-chain attack, you should be aware that WIZVERA VeraPort, referred to as an integration installation program, is a South Korean application that helps manage such additional security software. When WIZVERA VeraPort is installed, users receive and install all necessary software required by a specific website. Minimal user interaction is required to start such software installation,” explains Anton Cherepanov, ESET researcher who led the investigation into the attack. “Usually this software is used by government and banking websites in South Korea. For some of these websites it’s mandatory to have WIZVERA VeraPort installed,” adds Cherepanov.

Additionally, the attackers used illegally obtained code-signing certificates in order to sign the malware samples. Interestingly, one of these certificates was issued to the U.S. branch of a South Korean security company. “The attackers camouflaged the Lazarus malware samples as legitimate software. These samples have similar file names, icons and resources as legitimate South Korean software,” says Peter Kálnai, ESET researcher who analyzed the Lazarus attack with Cherepanov. “It’s the combination of compromised websites with WIZVERA VeraPort support and specific VeraPort configuration options that allows attackers to perform this attack,” adds Kálnai.

ESET Research has strong indications to attribute the attack to Lazarus, as it is a continuation of what KrCERT has called Operation BookCodes, attributed to Lazarus by some in the cybersecurity research community. The other reasons are typical toolset characteristics; detection (many tools are already flagged as NukeSped by ESET); the fact that the attack took place in South Korea, where Lazarus is known to operate; the unusual and custom nature of the intrusion and encryption methods used; and the setup of network infrastructure.

It must be noted that the Lazarus toolset is extremely broad, and ESET believes there are numerous subgroups. Unlike toolsets used by some other cybercriminal groups, none of the source code of any Lazarus tools has ever been disclosed in a public leak.

For more technical details about the latest Lazarus supply-chain attack, read the blogpost “Lazarus supply-chain attack in South Korea” on WeLiveSecurity. Make sure to follow ESET Research on Twitter for the latest news from ESET Research.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.