Skip to content

ESET announces its inaugural Heroes of Progress

BRATISLAVA, Sept. 21, 2022ESET, a global leader in cybersecurity, announces its 2022 Heroes of Progress. The shortlist includes nine unsung agents of change from across the world who have contributed to technological progress across a variety of industries.

The shortlist was curated following a rigorous process in which the heroes provided a comprehensive outline of their work and the impact that it has had. The entry process required applicants to include details of any technology they invented, adopted, or improved, including information on how this technology has advanced industries, communities, or society at large. An expert judging panel, headed up by ESET chief business officer Ignacio Sbampato, then reviewed over 50 shortlisted applications before deciding on the shortlist of nine individuals.

“ESET places immense importance on the development of science, and the technology, research, and corporate responsibility initiatives that our business pursues with our colleagues, customers, partners, and the communities in which we operate,” comments Sbampato. “We are proud to celebrate the amazing achievements of all the Heroes of Progress across the world and shine a light on the progressive minds helping to make our planet a better place.”

This year’s Heroes of Progress are:
1.  Ken Fujiwara from Japan. The co-founder of UMITRON is on a mission to advance sustainable aquaculture. Alongside his colleagues Masahiko Yamada and Takuma Okamoto, Ken developed the world’s first machine learning algorithm to determine fish appetite levels based on their behavioral responses. This algorithm is currently integrated with various UMITRON products to help farms achieve precision feeding.

2 & 3.  Ruth Hershler and Cecil Hershler from Canada. The wife-and-husband duo run Education without Borders, a non-profit organization supporting children in South Africa. The pair have utilized and further enhanced an existing “School in a Box” program that provides students from lower-income households with the technology they need to change their future, giving them access to more opportunities.

4. Ligia Kornowska from Poland. Kornowska is co-founder of Data Lake, an EU-funded start-up creating an international medical data donation system that provides large, high-quality datasets to researchers for the purposes of medical and scientific progress. For the past three years, the leading Polish medical journal Puls Medycyny has listed her amongst the “100 most influential people in Polish healthcare”. Ligia was also on the Forbes “25 under 25” list.

5. Giuseppe Mastroviti from Italy. Mastroviti developed a method to supply energy to electric vehicles through an inductive charging technology system installed alongside the road. The technology, currently in use at A35 Brebemi, charges the car battery when vehicles pass over the coils, communicating with the system through an electromagnetic field.

6. Dr. Michaela Musilova from Slovakia. Dr. Musilova is an astrobiologist and the director of the HI-SEAS analog space research station. She has been conducting space-related research with many institutions around the world, including NASA and international telescopes, such as the Canada-France-Hawaii Telescope. Musilova has also led over 30 simulated missions to the Moon and Mars as their commander, where she is developing new safety technologies for astronauts to be able to live and conduct research on the Moon and Mars.

7. Junto Ohki from Japan. Through ShuR, Ohki developed a video chat interpretation service (VRI) that the deaf community can use through a smartphone, tablet, or PC. He has also crowd-sourced an online sign language dictionary. His work has made a significant impact on the deaf and hard-of-hearing community.

8. Bass Salah from Australia. Through his company ResetData, Salah and his partner Marcel Zalloua have created a sustainable cloud service built on immersion cooling. They are building an edge mesh by sourcing underutilized buildings and occupying them with data centre infrastructure.

9. Gino Tubaro from Argentina. Tubaro is an innovator who specializes in creating prosthetic limbs with 3-D printers that are distributed free of charge through his organization Atomic Lab to more than 40 countries and schools. Gino’s organization has been recognized by Barack Obama. Along with his team, Tubaro has developed solar 3D printers that use plastic bottle material for printing 3D medical designs such as splints, clamps, and animal prosthetics among others.

“It was inspiring to see the sheer volume of entries we received,” comments Sbampato. “The quality of the nominations was incredible, meaning that our Heroes of Progress really are the best of the best, across the world. These are the individuals who have made a real impact through technology, advancing industries, communities, and society in innovative ways. Because of such heroes, progress is protected.”

To learn more about the heroes, please visit the ESET Heroes of Progress website.

To find out more about ESET’s take on progress, please read here.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.

A decade of success for ESET Japan partner Canon Marketing Japan Inc.

BRATISLAVA, September 20, 2022 — ESET, a global leader in cybersecurity, today announces that its Japanese partner – Canon Marketing Japan Inc. – has won the top-ranking award in the Nikkei Computer Customer Satisfaction Survey’s ‘Security Solution’ category for the tenth year in a row.

Nikkei Business Publications is one of the largest content providers in Japan. The prestigious 2022 survey polled IT decision-makers at publicly listed companies, private companies with sales of more than 20 billion yen, and government offices. Vendors were assessed across five criteria: performance & functionality, reliability, operability, cost and support.

Canon Marketing Japan Inc. won first place in the Security Product Category against seven other solutions. In the survey of 998 users, Canon Marketing Japan Inc. achieved an overall satisfaction score of 74.9, seven points above the average among all vendors. The solution received the highest score of any vendor for ‘Performance/Functionality’ and ‘Cost’, whilst scoring higher than average in all evaluation categories.

ESET’s award-winning portfolio of digital security solutions – a central part of Canon Marketing Japan Inc.’s portfolio – combines multilayered detection, machine learning, and cloud technologies that prevent, detect, and respond to malware. It provides cost-effective comprehensive protection for organizations of all sizes, as attested by the solution receiving the highest score of any vendor in the Nikkei Computer Customer Satisfaction Survey for cost.

“For more than 30 years, ESET has been developing industry-leading digital security software and services to help customers feel safe and secure in their digital environments,” commented Noboru Yamamoto, senior general manager of the Security Solution Planning Group at Canon Marketing Japan Inc.. Based on this experience, ESET has recently developed solutions that provide easy-to-deploy security management, helping customers to bring better protection and reducing their operational burden. We look forward to continuing to strengthen our partnership with ESET to deliver beneficial solutions for our customers,”

Between them, ESET and Canon Marketing Japan Inc. have protected millions of users within the region since becoming partners. “We have been a proud partner of Canon Marketing Japan Inc. for many years and are especially excited that it has won the Nikkei Computer Customer Satisfaction Survey once again,” added Hiroya Kuroda, country manager at ESET Japan. “This award represents the unfettered opinions of some of the most highly respected IT decision-makers in Japan. As such, it is a testament to the great work we do together to provide innovative security solutions and services to organizations throughout the region.”

You can learn more about ESET Endpoint Security solutions here.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.

ESET uncovers new Linux backdoor from SparklingGoblin APT group, targeting a Hong Kong university again

BRATISLAVA, MONTREAL — SEPT. 14, 2022 — ESET researchers have discovered a Linux variant of the SideWalk backdoor, one of the multiple custom implants used by the SparklingGoblin APT group. This variant was first deployed against a Hong Kong university in February 2021 — the same university that had already been targeted by SparklingGoblin during the student protests in May 2020. SparklingGoblin is an APT group with targets mostly in East and Southeast Asia, though ESET Research has seen SparklingGoblin targeting a broad range of organizations and verticals around the world, with a particular focus on the academic sector.

“The SideWalk backdoor is exclusive to SparklingGoblin. In addition to the multiple code similarities between the Linux variants of SideWalk and various SparklingGoblin tools, one of the SideWalk Linux samples uses a C&C address that was previously used by SparklingGoblin. Considering all of these factors, we attribute with high confidence SideWalk Linux to the SparklingGoblin APT group,” explains Vladislav Hrčka, an ESET researcher who made the discovery along with Thibault Passilly and Mathieu Tartare.

SparklingGoblin first compromised the particular Hong Kong university in May 2020, and we first detected the Linux variant of SideWalk in that university’s network in February 2021. The group continuously targeted this organization over a long period of time, successfully compromising multiple servers, including a print server, an email server, and a server used to manage student schedules and course registrations. This time, it is a Linux variant of the original backdoor. This Linux version exhibits several similarities with its Windows counterpart, along with some technical novelties.

One particularity with SideWalk is the use of multiple threads to execute a single specific task. We noticed that in both variants there are exactly five threads executed simultaneously, with each of them having a specific task. Four commands are not implemented or are implemented differently in the Linux variant. “Considering the numerous code overlaps between the samples, we believe that we actually found a Linux variant of SideWalk, which we dubbed SideWalk Linux. The similarities include the same customized ChaCha20, software architecture, configuration, and dead-drop resolver implementation,” says Hrčka.

“The Windows variant of SideWalk goes to great lengths to conceal the objectives of its code. It trimmed out all data and code that was unnecessary for its execution and encrypted the rest. On the other hand, the Linux variants contain symbols and leave some unique authentication keys and other artifacts unencrypted, which makes the detection and analysis significantly easier,” concludes Hrčka.

For more technical information about SideWalk Linux, check out the blog post “You never walk alone: SideWalk backdoor gets a Linux variant” on WeLiveSecurity. Make sure to follow ESET Research on Twitter for the latest news from ESET Research.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.

ESET Research uncovers new cyberespionage group Worok targeting companies, governments mostly in Asia

  • ESET researchers have discovered a previously unknown cyberespionage group that they named Worok.
  • Worok has attacked various high-profile companies from the telecommunications, banking, maritime, energy, military, government, and public sectors. The targets are located mostly in Asia, but also in the Middle East and Africa.
  • Worok develops its own tools and leverages existing tools to compromise its targets. The group has used the infamous ProxyShell vulnerabilities to gain initial access in some cases. Its PowerShell backdoor PowHeartBeat has various capabilities, including command/process execution and uploading and downloading files.

BRATISLAVA, MONTREAL — SEPTEMBER 6, 2022 — ESET researchers recently discovered  targeted attacks that used undocumented tools against various high-profile companies and local governments mostly in Asia, but also in the Middle East and Africa. These attacks were conducted by a previously unknown cyberespionage group that ESET has named Worok. According to ESET telemetry, Worok has been active since at least 2020 and continues to be active today. Among the targets were companies from the telecommunications, banking, maritime, energy, military, government, and public sectors. Worok used the infamous ProxyShell vulnerabilities to gain initial access in some cases.

“We believe the malware operators are after information from their victims because they focus on high-profile entities in Asia and Africa, targeting various sectors, both private and public, but with a specific emphasis on government entities,” says ESET researcher Thibaut Passilly who discovered Worok.

Back in late 2020, Worok was targeting governments and companies in multiple countries, specifically:
•    A telecommunications company in East Asia
•    A bank in Central Asia
•    A maritime industry company in Southeast Asia
•    A government entity in the Middle East
•    A private company in southern Africa

There was a significant break in observed operations from May 2021 to January 2022, but Worok activity returned in February 2022, targeting:
•    An energy company in Central Asia
•    A public sector entity in Southeast Asia

Worok is a cyberespionage group that develops its own tools and leverages existing tools to compromise its targets. The group’s custom toolset includes two loaders, CLRLoad and PNGLoad, and a backdoor, PowHeartBeat.

CLRLoad is a first-stage loader that was used in 2021, but in 2022 was replaced, in most cases, by PowHeartBeat. PNGLoad is a second-stage loader that uses steganography to reconstruct malicious payloads hidden in PNG images.

PowHeartBeat is a full-featured backdoor written in PowerShell, obfuscated using various techniques such as  compression, encoding, and encryption. This backdoor has various capabilities, including command/process execution and file manipulation. For example, it is capable of uploading files to and downloading files from compromised machines; returning file information such as the path, length, creation time, access times, and content to the command and control server; and deleting, renaming, and moving files.

“While our visibility at this stage is limited, we hope that putting the spotlight on this group will encourage other researchers to share information about this group,” adds Passilly.

For more technical information about Worok, check out the blogpost “Worok: the big picture” on WeLiveSecurity. Make sure to follow ESET Research on Twitter for the latest news from ESET Research.

 

Visual heatmap of the targeted regions and verticals

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.

Digital security and the generations

The notion that only young people use the internet is long gone. The fact is that the online world has consumed all of us. We may not like it, but by all of us, we mean toddlers to seniors. And therefore, we should all consider ourselves the “digital generation.” But that does not mean we all perceive and use technology the same way. There are certainly tangible differences in how we interact with technology.

The younger a generation is, the sooner they were likely to have been introduced to technology. On the other hand, older generations may have become familiar to technology later in life, but combined with their life experiences, they might have approached their technology use more responsibly. The approaches different generations take is certainly different; some are earlier adopters of innovations, but one does not lag behind the other.

The Pew Research Center conducted research in 2021, where they measured generations’ use of the digital world. For example, 99% of Gen Z and Millennials claim they use the internet. Gen X has a slightly lower usage, which still comes to 96%, compared to the Baby Boomers, where only 75% claim they use the internet. The interesting finding of the study is that since the year 2000, the gap between the oldest and the youngest internet users has gotten smaller, from 56 to 44 percentage points.

The data doesn’t lie, and proves that in fact all generations are part of the digital world. The difference is their involvement, perception and use. Generations look at technology and innovation based on their own background and knowledge. And that differs among virtually all of them. Many of them came into a world that was already full of technology, and others had to adapt to it at a more mature age.

And the same goes for digital security. Contrary to popular belief, growing up with technology does not automatically make you more conscious of digital privacy and security. Industry leader NTT’s study shows that people over 30 are more likely to adopt better security practices than the younger generation, Generation Z. Gen Z, even though they grew up surrounded by technology and the risks it poses, are much more laid back and less responsible. They value flexibility and productivity over caution and responsibility. Furthermore, the study found that almost 40% of Millennials would opt to pay a ransom or already have paid one in the past.

To support that, let us present one more study. This time, LastPass studied people’s online behaviors regarding passwords. It revealed that from Baby Boomers to Gen Z, people approach their digital safety and security differently. They found that despite being exposed to technology at an early age, Gen Z is least concerned with their security. On the contrary, Millennials and Baby Boomers are most concerned about their online safety and take extra measures to ensure their digital security.

Not only are the various generations’ use of technology and approaches to digital security different, the threats awaiting them in the digital world also differ. Since they all act in a distinct fashion, they are vulnerable to different types of online safety threats. For example, for teenagers and young adults, currently Gen Z and Alpha, one of the biggest threats is cyberbullying. Older generations face financial abuse, identity theft and other security attacks. Their knowledge on the topic also varies, making them more or less vulnerable to digital threats.

Kids from the age of 3 use devices to watch videos, while our elders use them to stay connected to their families. And for everyone in between, whether it be a Millennial or a Baby Boomer, online behaviors are different, and it is evident that there are different digital security approaches. However, whether you are a security expert or a basic user, without the proper protection and education, you may fall prey to malicious actors on the internet at any time.

It becomes evident that there is no one approach to digital security that fits all. Whether it is one’s personal security, privacy and safety, or an approach taken by a business, the solution is not set. Personalized protection, however, is not always possible. Everyone’s needs are different, and to cater to all would be virtually impossible. Some people and businesses prefer to have somewhat greater or less control over their protection, while others prefer to not be disturbed by it at all. Perhaps the easiest solution in situations like that is to have protection that you don’t have to think about at all. A silent knight protecting your digital world at all times.

One way for customers to procure that is when their Telco or ISP takes direct care of their protection, so they don’t even have to think about it. A solution like this can be incorporated into an ISP or Telco product offering, for example, ESET NetProtect. This security approach can give customers peace of mind, knowing their provider is taking care of their digital security on their behalf.

ESET NetProtect is not only easy to integrate, but also a great addition to a sales plan. Its reputation builds on its easy integration into existing Telco or ISP service offerings, while delivering full-service protection against malware, loss of privacy and phishing on all personal devices. NetProtect makes safe and secure browsing a matter of course. This offering keeps devices safe and online browsing safe from suspicious domains and websites. It also has a filter that allows you to blacklist domains and content categories based on user preference.

And above all, this product runs on your device, without you having to worry about it. Its user-friendly management with a range of settings ensures your overall satisfaction.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.

KIDS BACK AT SCHOOL. CHECK. DEVICES PROTECTED. CHECK.

 For many, a new school year symbolizes a new beginning. For kids it’s as much a celebration as New Year’s Eve for adults. New beginnings, a clean slate and starting over. No wonder we want to prepare for it as best we can, to set ourselves, and our children, up for success.
The preparation should not only include the purchase of school supplies and books, today a very important part is, digital security and privacy. We may omit this at times, but unfortunately the back-to-school season offers a great opening for phishing, ransomware and other scams to deceive both us and our children.

For many, a new school year symbolizes a new beginning. For kids it’s as much a celebration as New Year’s Eve for adults. New beginnings, a clean slate and starting over. No wonder we want to prepare for it as best we can, to set ourselves, and our children, up for success.
The preparation should not only include the purchase of  school supplies and books, today a very important part is, digital security and privacy. We may omit this at times, but unfortunately the back-to-school season offers a great opening for phishing, ransomware and other scams to deceive both us and our children.

Set yourself up for success

There are several threats to look out for, for example the aforementioned phishing scams or ransomware attacks. Make sure you watch out for the most common back to school scams, such as scholarship scams, tech support scams and other. However, using these tips you can prevent them from happening and have a cybersafe start of the new school year.

What to do?

  • Do not click unknown links or open suspicious emails
  • Avoid sharing personal information
  • Keep your operating system (OS) up to date
  • Never use unknown portable devices: USB sticks, other people’s smartphones
  • Watch out for bad grammar/generic openings
  • Use a strong password and don´t leave your device unlocked or unattended
  • Back up your data regularly
  • Ask your school or university about their privacy and security policy
  • If you are a parent, invest in efficient Parental Control

Secure your mobile device

Whether you are a parent, a teacher or a child, your phone is a powerful tool. It is certainly a great tool to keep in contact, stay on top of assignments and other school activities. But it is also a tool for malicious actors to invade your privacy and security. Keeping it safe is therefore one of the key things in ensuring a smooth and safe back to school transition.  

A great way to start is with ESET Mobile Security on your Android mobile devices. It is a solution that ensures security against a multitude of mobile threats while securing users’ data.  

ESET Mobile Security aims to provide a safe environment by leveraging its Anti-Phishing feature. The feature integrates with the most common web browsers (Chrome and many others) available on Android devices to provide protection to any and all online activities you want to carry out.  

We recommend you keep Anti-Phishing enabled at all times. All malicious websites, listed in the ESET malware and phishing database, will be blocked and a warning notification will be displayed informing you of the attempted attack. 

Other features of ESET Mobile Security include:  

  • Anti-Smishing – protects you from SMS and App notifications containing malicious links
  • Antivirus – protection against malware: intercepts threats and cleans them from your device   
  • Payment protection – lets you shop and bank safely online   
  • App lock – requires extra authentication to access sensitive apps; protects content when you’re sharing a device   
  • Anti-Theft – a powerful feature to help protect your phone and find it if it goes missing  
  • Network inspector – scans your network and all connected devices to identify security gaps   
  • Call filter – blocks calls from specified numbers, contacts and unknown numbers   
  • Adware detector – identifies and removes apps that display ads unexpectedly 
  • Real-time scanning – scans all files and apps for malware   
  • Scheduled scans – checks your device every time you charge it, or whenever you want   
  • Security audit – checks an app’s permissions   
  • Security report – provides an overview of how secure your device is   
  • USB on-the-go scanner – checks any connected USB device for threats   
  • Up to 5 devices – pay once, protect 5 devices associated with the same Google account  

ESET Mobile Security makes your Android phones and devices easy to find and harder to steal, and it helps to protect your valuable data. 

If you want to protect your phone with ESET Mobile Security, you’re in luck! From August 25 to September 7, the premium version of ESET Mobile Security will be 50% off. No need for a promotional code; the discount will automatically be added to your checkout! It couldn’t be easier.    

The most powerful tool

Your most powerful tool when trying to keep your children safe in the digital world is educating yourself, talking to them about healthy use of digital and the threats they may encounter. Have regular conversations with your children about privacy, security and proper online behavior. Make sure they feel safe to talk to you about anything that might make them feel uncomfortable in the digital world.

To better educate yourself and your children, visit saferkidsonline.eset.com.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.

ESET Research jointly presents Industroyer2 at Black Hat USA with Ukrainian government representative

  • ESET researchers Robert Lipovský and Anton Cherepanov recently presented their research on Industroyer2 at the Black Hat USA 2022 conference.
  • Joining the presentation was Deputy Director of Ukraine’s State Service of Special Communications and Information Protection Victor Zhora.
  • This is the first time that a Ukrainian governmental representative has taken part in such a high-profile cybersecurity conference.
  • ESET researchers pledged to continue working with CERT-UA to support its cyberdefenses.


BRATISLAVA, LAS VEGAS — ESET researchers Robert Lipovský and Anton Cherepanov recently presented  breakthrough research into Industroyer2 during a Black Hat conference in Las Vegas, along with Victor Zhora, the Deputy Director of Ukraine’s State Service of Special Communications and Information Protection (SSSCIP). This is the first time that a Ukrainian governmental cybersecurity expert has participated in one of the most prestigious cybersecurity research conferences in the world.

The “surprising” appearance of  Zhora during ESET’s presentation was an additional opportunity for research, expert, and media audiences alike to gain in-depth information on Ukraine’s capability to resist the cyber warfare waged by the Russian aggressor.

“The Industroyer2 attack was thwarted thanks to the swift response of Ukrainian defenders and CERT-UA. We provided the Ukrainian side with crucial analysis of this threat, which could have become the most substantial cyberattack since the beginning of the invasion had it succeeded. Our researchers are ready to continue to work with CERT-UA to support its cyber defenses,” says  Lipovský, ESET’s Principal Malware Researcher, who presented the Industroyer2 research at Black Hat with Cherepanov.

Earlier this year, ESET researchers responded to a cyber-incident affecting an energy provider in Ukraine. ESET worked closely with the Computer Emergency Response Team of Ukraine (CERT-UA) in order to remediate and protect this critical infrastructure network.

The collaboration resulted in the discovery of a new variant of Industroyer malware that ESET Research together with CERT-UA named Industroyer2. Industroyer is an infamous piece of malware that was used in 2016 by the Sandworm APT group to cut power in Ukraine. In this case, the Sandworm attackers made an attempt to deploy the Industroyer2 malware against high-voltage electrical substations in Ukraine. In addition to Industroyer2, Sandworm used several destructive malware families. These consisted of disk wipers for the Windows, Linux, and Solaris operating systems.

“Since the end of World War II, humankind has never faced such grave challenges as today, when Russia invaded Ukraine. However, the parallel war in cyberspace is an absolutely new challenge. The knowledge we have gained by this research should be part of a universal common knowledge that helps defend the civilized world from such threats. I’d like to express my gratitude to all our partners who keep supporting us in this unprecedented war and in our struggle for life,” added Zhora.

The State Service of Special Communications and Information Protection of Ukraine is a specialized executive authority whose key functions include provisioning secure government communications, the government courier service, information protection, and cyber defense.

For more technical information about Industroyer2, check out the blogpost Industroyer2: Industroyer reloaded, and for more about the Black Hat presentation, check out Black Hat 2022 – Cyberdefense in a global threats era on WeLiveSecurity. Make sure to follow ESET Research on Twitter for the latest news from ESET Research.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.

ESET Research discovers new threat to Mac users: CloudMensis spies on them in targeted operation

  • ESET researchers discovered a previously unknown macOS backdoor that spies on users of compromised Macs.
  • ESET has named the malware CloudMensis because it uses cloud storage services to communicate with the operators and uses the names of months as directory names.
  • This macOS malware uses cloud storage as its Command and Control channel, supporting three different providers: pCloud, Yandex Disk, and Dropbox.
  • CloudMensis can issue 39 commands, including exfiltrating documents, keystrokes, and screen captures, from compromised Macs.
  • Metadata from the cloud storage services used reveal that the first Mac compromised by this recent campaign was on February 4, 2022.
  • The very limited distribution of CloudMensis suggests that it is used as part of a targeted operation.

BRATISLAVA, MONTREAL — JULY 19, 2022 —  ESET researchers discovered a previously unknown macOS backdoor that spies on users of compromised Macs and exclusively uses public cloud storage services to communicate back and forth with its operators. Named CloudMensis by ESET, its capabilities clearly show that the intent of the operators is to gather information from the victims’ Macs by exfiltrating documents and keystrokes, listing email messages and attachments, listing files from removable storage, and screen captures.

CloudMensis is a threat to Mac users, but its very limited distribution suggests that it is used as part of a targeted operation. From what ESET Research has seen, operators of this malware family deploy CloudMensis to specific targets that are of interest to them. The use of vulnerabilities to work around macOS mitigations shows that the malware operators are actively trying to maximize the success of their spying operations. At the same time, no undisclosed vulnerabilities (zero days) were found to be used by this group during our research. Thus, running an up-to-date Mac is recommended to avoid, at least, the mitigation bypasses.

“We still do not know how CloudMensis is initially distributed and who the targets are. The general quality of the code and lack of obfuscation shows the authors may not be very familiar with Mac development and are not so advanced. Nonetheless, a lot of resources were put into making CloudMensis a powerful spying tool and a menace to potential targets,” explains ESET researcher Marc-Etienne Léveillé, who analyzed CloudMensis.

Once CloudMensis gains code execution and administrative privileges, it runs a first-stage malware that retrieves a more featureful second stage from a cloud storage service.

This second stage is a much larger component, packed with a number of features to collect information from the compromised Mac. The intention of the attackers here is clearly to exfiltrate documents, screenshots, email attachments, and other sensitive data. Altogether, there are 39 commands currently available.

CloudMensis uses cloud storage both for receiving commands from its operators and for exfiltrating files. It supports three different providers: pCloud, Yandex Disk, and Dropbox. The configuration included in the analyzed sample contains authentication tokens for pCloud and Yandex Disk.

Metadata from the cloud storage services used reveal interesting details about the operation, for example that it started to transmit commands to the bots as of February 4, 2022.

Apple has recently acknowledged the presence of spyware targeting users of its products and is previewing Lockdown Mode on iOS, iPadOS, and macOS, which disables features frequently exploited to gain code execution and deploy malware.

For more technical information about CloudMensis, check out the blogpost “I see what you did there: a look at the CloudMensis macOS spyware” on WeLiveSecurity. Make sure to follow ESET Research on Twitter for the latest news from ESET Research.

Outline of how CloudMensis uses cloud storage services

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.

ESET Leader in G2 summer report for ESET PROTECT Advanced

Bratislava, June 23rd, 2022ESET, a global leader in digital security, has been awarded Leader status in G2’s report for summer 2022. The ESET PROTECT Advanced solution has consistently been highly ranked by G2 users and achieved substantial satisfaction and market presence scores in their Grid® Reports, which represent the democratic voice of real software users, offering benchmarks for product comparison and market trend analysis.

In the summer edition of the G2 Grid® Reports, ESET was a Leader in several of the reports, including for Antivirus Software, Endpoint Management Software, Endpoint Protection Suites, and Mobile Data Security Software. And in terms of the Mid-Market reports aimed at companies with up to 1,000 employees, ESET was a Leader in Mid-Market Endpoint Protection Suites, Mid-Market Antivirus Software, and Mid-Market Endpoint Management Software.

“We are delighted to be ranked as Leaders in the G2 reports. Our objective is to provide the digital security that keeps an organization’s systems working smoothly and securely, and being recognized for our efforts is always an honor,” comments Michal Jankech, VP for the SMB and MSP segment at ESET. “No modern business, large or small, can survive without an effective response in the face of an IT breach. We believe, that by employing ESET´s strong prevention, detection and response technologies delivered in the form our modular ESET PROTECT platform, businesses can benefit from the most densely multilayered and effective protection in the industry.”

For more than 30 years, ESET has continued to invest heavily in multiple layers of proprietary technology that prevent breaches of its customers’ endpoints and systems, by both known and never-before-seen threats. The ESET PROTECT platform has been designed with ESET’s customers in mind, with the main objective being in assisting IT admins to better manage the security risks in their environments.

As a privately owned, tech-focused company, ESET has always taken a science-based, security-first approach, with early adoption of machine learning and cloud computing power to develop its global threat intelligence systems. The company has continuously been named a top player and a leader in the industry for its business solutions.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.

ESET Threat Report details targeted attacks connected to the Russian invasion of Ukraine and how the war changed the threat landscape

  • The number of RDP attacks dropped for the first time since the beginning of 2020 (-43%), with attack attempts against SQL (-64%) and SMB (-26%) following.
  • Prior to the invasion of Ukraine, Russia and some countries of the Commonwealth of Independent States (CIS) were typically excluded from ransomware target lists, possibly due to the criminals residing in those countries or fearing retribution; in T1 2022, Russia faced the largest share of detections (12%) in the Ransomware category.
  • The war brought on an influx of phishing and scam campaigns taking advantage of people trying to support Ukraine; these were detected almost immediately after the start of the invasion.
  • In March and April 2022, Emotet operators shifted into a higher gear, launching massive spam campaigns using weaponized Microsoft Word documents, leading to the 113-fold increase of Emotet detections in T1 2022.
  • Emotet’s campaigns were reflected in the Email threats category, which grew by 37% in T1 2022.

BRATISLAVA — June 2, 2022 — ESET released today its T1 2022 Threat Report, summarizing key statistics from ESET detection systems and highlighting notable examples of ESET’s cybersecurity research. The latest issue of the ESET Threat Report recounts the various cyberattacks connected to the ongoing war in Ukraine that ESET researchers analyzed or helped to mitigate. This includes the resurrection of the infamous Industroyer malware, attempting to target high-voltage electrical substations.

ESET telemetry also recorded other changes in the cyberthreat realm that might have a connection to the situation in Ukraine. Roman Kováč, Chief Research Officer at ESET, clarifies why this report is so focused on cyberthreats related to this war: “Several conflicts are raging in different parts of the world, but for us, this one is different. Right across Slovakia’s eastern borders, where ESET has its HQ and several offices, Ukrainians are fighting for their lives and sovereignty.”

Shortly before the Russian invasion, ESET telemetry recorded a sharp drop in Remote Desktop Protocol (RDP) attacks. The decline in these attacks comes after two years of constant growth – and as explained in the Exploits section of the latest ESET Threat Report, this turn of events might be related to the war in Ukraine. But even with this fall, almost 60% of incoming RDP attacks seen in T1 2022 originated in Russia.

Another side effect of the war: While in the past, ransomware threats tended to avoid targets located in Russia, during this period, according to ESET telemetry, Russia was the most targeted country. ESET researchers even detected lock-screen variants using the Ukrainian national salute “Slava Ukraini!” (Glory to Ukraine!). Since the Russian invasion of Ukraine, there has been an increase in the number of amateurish ransomware and wipers. Their authors often pledge support for one of the fighting sides and position the attacks as personal vendettas.

Unsurprisingly, the war has also been noticeably exploited by spam and phishing threats. Immediately after the invasion on February 24, scammers started to take advantage of people trying to support Ukraine, using fictitious charities and fundraisers as lures. On that day, ESET telemetry detected a large spike in spam detections.

ESET telemetry has also seen many other threats unrelated to the Russia/Ukraine war. “We can confirm that Emotet – the infamous malware, spread primarily through spam email – is back after last year’s takedown attempts, and has shot back up in our telemetry,” explains Kováč. Emotet operators spewed spam campaign after spam campaign in T1, with Emotet detections growing by more than a hundredfold. However, as the Threat Report notes, the campaigns relying on malicious macros might well have been the last, given Microsoft’s recent move to disable macros from the internet by default in Office programs. Following the change, Emotet operators started testing other compromise vectors on much smaller samples of victims.

The ESET T1 2022 Threat Report also reviews the most important research findings, with ESET Research uncovering: the abuse of kernel driver vulnerabilities; high‑impact UEFI vulnerabilities; cryptocurrency malware targeting Android and iOS devices; a yet-unattributed campaign deploying the DazzleSpy macOS malware; and the campaigns of Mustang Panda, Donot Team, Winnti Group, and the TA410 APT group.

The report also contains an overview of the numerous talks given by ESET researchers in T1 2022, and introduces talks planned for the RSA and REcon conferences in June 2022, showcasing ESET Research’s discovery of Wslink and ESPecter. These appearances will be followed by a talk at the Virus Bulletin Conference in September 2022.

For more information, check out ESET T1 2022 Threat Report on WeLiveSecurity. Make sure to follow ESET Research on Twitter for the latest news from ESET Research.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.