BRATISLAVA – ESET, a global leader in cybersecurity, has earned the AAA award, the highest possible prize, for its ESET Endpoint Security solution in SE Labs’ Q3 Enterprise Endpoint Protection awards. This is the second time that ESET has been recognized with SE Labs’ top award in 2020, after receiving the same rating in Q1.

SE Labs is an independently run testing company that aims to improve information technology security by assessing products and services designed to detect attacks, protect against intrusions or both. It tested nine endpoint security solutions between July and September 2020 to evaluate how effective the products were at detecting and protecting against threats in real time. ESET Endpoint Security received a total accuracy rating of 1,135, the second highest score of any security solution tested.

ESET Endpoint Security, which combines robust antivirus and network security software to protect businesses, was exposed to a mixture of targeted attacks and real-world public email and web-based threats in the testing process. The results demonstrate that the solution is effective at blocking malicious URLs, handling exploits, and correctly classifying legitimate applications and websites.

ESET was also recognized with the highest prize in SE Labs’ Q1 report earlier in the year, receiving the same AAA rating.

Jiri Kropáč, Head of Threat Detection Labs at ESET, commented: “ESET Endpoint Security provides customers with the best level of protection possible, and receiving this AAA rating from SE Labs is testament to that. We are constantly adapting and advancing our technology to provide a balance of cutting-edge detection and prevention and optimum performance, and this is reflected in the report’s recognition of the solution’s ability to block malicious URLs and classify applications. We are proud to be continually recognized for our offerings, and are dedicated to protecting our customers from cybersecurity threats.”

BRATISLAVA – After a year in which the COVID-19 pandemic upended the way we live, work and socialize, we are likely to see an increased threat from ransomware and fileless malware in 2021, according to the latest trends report from ESET. Cybersecurity Trends 2021: Staying secure in uncertain times explores the predictions of experts from the global cybersecurity firm, revealing the key challenges expected to impact consumers and businesses in 2021.

Trend #1: The future of work – embracing a new reality

The advent of the COVID-19 pandemic has ushered in mass implementation of remote working, which has seen a heavier reliance on technology than ever before. This shift away from the office has brought benefits for employees, but it has also left companies’ networks vulnerable to attack. 

Jake Moore, ESET Security Specialist, commented, “We have all learned that working remotely can benefit organizations; however, I don’t think that we will continue to work remotely five days a week. More employees around the world will naturally and effortlessly migrate to what works for them and their businesses. As more and more of our working and home lives become digitized, cybersecurity will remain the lynchpin of business safety. Cyberattacks are a persistent threat to organizations, and businesses must build resilient teams and IT systems to avoid the financial and reputational consequences of such an attack.”

Trend #2: Ransomware with a twist – pay up or your data gets leaked

With ransomware attackers seeking greater leverage to coerce victims into paying, as well as upping the ante in ransom demands, the stakes are increasing for victims. Exfiltration and extortion may not be new techniques, but they are certainly growing trends. 

Tony Anscombe, ESET Chief Security Evangelist, commented, “Companies are becoming smarter, deploying technologies that thwart attacks and creating resilient backup and restore processes, so the bad actors need a ‘Plan B’ to be able to monetize their effort and build resilience into the attack, rather than being reliant on a single form of threat.

“Thwarted attacks or diligent backup and restore processes may no longer be enough to fend off a committed cybercriminal who’s demanding a ransom payment. The success in monetizing due to a change of technique offers cybercriminals an increased chance of a return on investment. This is a trend that, unfortunately, I am sure we will witness more of in 2021.”

Trend #3: Beyond prevention – keeping up with the shifting sands of cyberthreats

In recent years, cybercriminal groups have turned to using increasingly complex techniques to deploy highly targeted attacks. Some time ago, the security community began to talk about “fileless malware” attacks, which piggyback on the operating system’s own tools and processes and leverage them for malicious purposes. These techniques have gained more traction recently, having been employed in various cyberespionage campaigns and by various malicious actors, mainly to hit high-profile targets such as government entities. 

Camilo Gutiérrez Amaya, ESET Senior Security Researcher, noted, “Fileless threats have been evolving rapidly, and it is expected that in 2021 these methods will be used in increasingly complex and larger-scale attacks. This situation highlights the need for security teams to develop processes leveraging tools and technologies that not only prevent malicious code from compromising computer systems, but that also have detection and response capabilities – even before these attacks fulfill their mission.” 

Trend #4: Bad vibes – security flaws in smart sex toys

With new models of smart toys for adults entering the market all the time, research has shown that we are a long way from being able to use smart sex toys without exposing ourselves to the risk of a cyberattack. Now these findings are more relevant than ever, as we are seeing a rapid rise in sex toy sales as a reflection of a global health crisis and the social distancing measures related to COVID-19.

Cecilia Pastorino, ESET Security Researcher, commented, “The era of smart sex toys is just beginning. The latest advances in the industry include models with VR (Virtual Reality) capabilities and AI-powered sex robots that include cameras, microphones and voice analysis capabilities based on artificial intelligence techniques. As has been proven time and time again, secure development and public awareness will be key to ensuring the protection of sensitive data, while we empower users to become smart consumers who are able to demand better practices from vendors in order to maintain control of their digital intimacy in the years to come.”

For more information on the trends set to impact the world in 2021, head to this link to read ESET’s Cybersecurity Trends 2021 in full.

BRATISLAVA, MONTREAL – ESET researchers discovered a previously undocumented backdoor and document stealer used for cyber-espionage. ESET has been able to attribute the program, dubbed Crutch by its developers, to the infamous Turla APT group. It was in use from 2015 until at least early 2020. ESET has seen Crutch on the network of a Ministry of Foreign Affairs in a country of the European Union, suggesting that this malware family is only used against very specific targets. These tools were designed to exfiltrate sensitive documents and other files to Dropbox accounts controlled by Turla operators.

“The main malicious activity is exfiltration of documents and other sensitive files. The sophistication of the attacks and technical details of the discovery further strengthen the perception that the Turla group has considerable resources to operate such a large and diverse arsenal,” says Matthieu Faou, an ESET researcher who investigates the Turla APT group. “Furthermore, Crutch is able to bypass some security layers by abusing legitimate infrastructure – here, Dropbox – in order to blend into normal network traffic while exfiltrating stolen documents and receiving commands from its operators.”

In order to have a rough idea of the working hours of the operators, ESET exported those hours at which they uploaded ZIP files to the Dropbox accounts they operate. For this, researchers collected 506 different timestamps ranging from October 2018 to July 2019, as this should show when the operators were working and not when the victims’ machines were active. The operators are likely to operate in the UTC+3 time zone.

Working hours of Crutch operators based on the uploads to Dropbox zone.

ESET Research was able to identify strong links between a Crutch dropper from 2016 and Gazer. The latter, also known as WhiteBear, is a second-stage backdoor used by Turla in 2016-2017.

Turla has been an active cyber-espionage group for more than 10 years. It has compromised many governments, especially diplomatic entities, all around the world, operating a large malware arsenal that ESET has documentedoverthelast few years.

For more technical details on how Turla Crutch attacks and collects sensitive information, read the blog post Turla Crutch: Keeping the ‘back door’ open on WeLiveSecurity. Make sure to follow ESET Research on Twitter for the latest news from ESET Research.

In the COVID-19 era, businesses in Singapore have steadily moved towards remote work arrangements. Similarly, schools have also had to navigate the new normal with the introduction of home-based learning (HBL). The government has announced that these new arrangements are here to stay even post-pandemic. As families spend more time on their devices at home, internet security has become very important to many people. What can you do to ensure that your family is using technology safely at home? Read on to learn 5 of the best ways you can protect your home from cybersecurity threats.

Manage your passwords

Do you use the same password across different online accounts? Or keep a list of all your passwords on a note in your phone? These are just some examples of bad password management habits that you should avoid.

For all your online accounts, use only strong passwords that are not easy to guess. A strong password consists of a combination of alphabets, numbers, and special characters; and should be 10-15 characters long.

Always use a different password for every account. If you are using the same password for all your accounts and someone hacks into one of them, then your other accounts might also get compromised. Using a unique password will ensure that a single cybersecurity threat won’t affect all of your online activities.

Remember to change your passwords regularly and not keep the same password for years. This will not only help to ensure internet security at home but also protect you against unauthorised users who might be lurking.

Avoid becoming overwhelmed by a large number of different passwords by using a password manager. It stores and protects your login credentials in an encrypted format, allowing you to use them directly in web forms.

ESET Smart Security Premium is an antivirus software that offers a password manager for all your devices. If you are running out of ideas for passwords, ESET Password Manager’s built-in password generator feature will provide suggestions for strong passwords automatically. It provides the ultimate internet security for Windows and internet security for Mac, ensuring that all your devices are protected.

Invest in up-to-date antivirus software

Singapore has seen a rise in phishing scams. For example, hackers can pose as bank employees and use emails to trick users into revealing their internet banking credentials. Hackers can also use very accurately designed notifications from big companies like Microsoft, Google or Facebook, citing “unusual sign-in activity detected from your account”. According to a Cyber Security Agency of Singapore (CSA) report, 47,500 phishing cases were reported in Singapore last year, which is 3 times more than the cases in 2018.

Maintaining an up-to-date antivirus is therefore crucial for ensuring internet security in your home. Good antivirus software will safeguard your devices from virus, malware, and ransomware, and those with antispyware detect and prevent unwanted spyware installations in your device and remove them if already installed.

Ensuring your software version is up-to-date is important, but we cannot forget that the software features must also keep up with your needs. As shopping and banking online becomes a big part of your lifestyle, it is essential to have banking and payment protection to keep all your online transactions secure. Choose an antivirus software that provides a secure browser that automatically protects you while internet banking and accessing web-based crypto-wallets. To understand which software suits your needs, compare the different ESET products.

Educate your family

It’s easy to get complacent about cybersecurity at home, but with the growing number of cyber threats in Singapore, the topic cannot be ignored. Take the time to educate your family about the kinds of threats they face and how they can protect themselves.

Scammers use emails, social networks, gaming sites, video streaming sites and more to install malware in your device when you unknowingly visit a compromised website. Your family might be unaware of the possible online threats while downloading content or software from the internet, or using their email.

Security software automatically detects any malware while downloading a file, or opening an email attachment or URL, thus preventing your internet security from being compromised. That alone, however, isn’t enough. With scams becoming increasingly sophisticated, everyone needs to easily recognise malware and phishing.

Opt for fuss-free protection

Nobody likes too many interruptions while using their device. The ideal antivirus software should offer non-disruptive, yet advanced protection (that means no annoying pop-ups).

Look for one that works quietly in the background and allows you to focus on your activities, such as gaming, where it’s important to eliminate any distractions that could affect your experience.

Secure your router

Your internet router plays a vital role in ensuring the best internet security for your home. While having the best internet security software is important, investing in the right router is equally important.

After buying and installing a new router, a common mistake people make is retaining the default router settings. It’s best to secure your router by changing both the password used to connect to the router and the password used to access its settings. Learn how to configure your router securely here.

Lastly, don’t forget to keep your router’s firmware updated with the latest security updates. To do so, sign up to your router manufacturer’s alert list to get timely reminders as soon as the latest updates are available. To get the best internet security, it’s wise to spend a bit more to get a router from a reputable brand that provides updates for the next 2-3 years, instead of buying a low-priced router that leaves you vulnerable in the future.

Most wanted botnets – Emotet, Trickbot and Qbot. What are this terrible trio up to, and how do you stay safe?

Emotet and holidays like Black Friday are good pals. That’s because Emotet’s seasonal specialty is filling your inbox with holiday “deals” that aim to compromise your machine, steal valuable data and account credentials and open it up to subsequent attacks from other malicious actors.

This year, we saw Emotet flooding inboxes with malicious emails in monthly campaigns running from August to October – campaigns that reached into the low tens of thousands of detections in ESET telemetry:

Figure 1: Monthly Emotet campaigns detected in ESET telemetry

Right around Halloween, and leading up to Black Friday, Emotet went quiet. It’s suspected by ESET researchers that Emotet’s operators are taking a little downtime before roaring the spam engine back to life for 2020’s Black Friday and the following pre-Christmas period.

While Emotet’s writers have, in the past, placed a rude comment or two about ESET in their malware binaries, ESET protection has not been outdone. Dealing with Emotet’s attacks can be as simple as being cautious, by not clicking on links in emails, avoiding the “Enable Content” button in documents that arrive as attachments of suspicious, yet legitimate-looking, emails and using security software like ESET Internet Security that protects you when you accidentally click.

The other specials Emotet likes to offer are its friends, Qbot and Trickbot. Emotet is known to serve up both Trickbot and Qbot malware to its victims. Both these malevolent families are more than happy to help themselves to victims’ sensitive information, credentials and other valuable data, and often finish their nasty business by installing ransomware such as Ryuk or Conti.

Let’s see how busy Trickbot and Qbot – Emotet’s friends – have been in the past few months:

While Trickbot’s detection numbers remain in the hundreds – likely due to the recent disruption efforts – Qbot has been quite busy, with detection numbers for the malware reaching the low thousands from August to October. In fact, following Halloween, Emotet detection numbers subsided, while Qbot detection numbers kept their former levels. That would suggest that Qbot is also using other distribution channels to get into potential victims’ inboxes.

How to stay safe from malicious bots Emotet and its buddies don’t just flood your inbox with dangerous malspam, but they also go after other devices in your network. Trickbot, for example, has been using hacked routers for a long time for command and control. Therefore, it is important to review the security settings of all your home devices.

1. You can find some practical tips on how to configure your home router securely here.
2.  If you use child trackers and watches, smart doorbells, smart security cameras or smart home hubs, you can read up on the privacy and security considerations surrounding their use here.
3. If you want to test your mettle against phishing emails or malspam, you can find a few options here.
4. Finally, don’t forget to protect all your devices with security solutions like ESET Mobile Security for Android, ESET Internet Security for Windows or ESET Cyber Security for macOS. These offer multilayered protection that can detect and block Emotet’s efforts, whether fingerprinting victims’ machines, spreading laterally in a network or downloading payloads such as Trickbot and Qbot.

In a year like no other, it is likely that 2020’s Black Friday and Cyber Monday deals will be more frenzied than ever. With many industries, particularly retail, crippled by pandemic lockdowns and distancing restrictions, the upcoming weekend presents an opportunity to recoup some losses. The pandemic has accelerated the already growing increase in online shopping, with e-commerce sales expected to reach $4.2 trillion by the end of 2020 (Statista).

Although many physical stores will be closed or keeping the usual crowds of shoppers to a minimum – the online space will be just as jam-packed as ever with offers and sales. This makes it the perfect breeding ground for cyber-attacks and scams, from phishing emails to suspicious social media ads. For many, mobile devices have become the primary method for online shopping, so it is vital that consumers are protected across all technologies.

Here are ESET’s top five tips for what to watch out for and to stay safe this Black Friday and Cyber Monday:

1. Stick to what you know – If you see an offer in a promotional email or an online ad that seems too good to be true, then it probably is! Finding an item immediately from an unrecognized vendor with the best price can be a red flag. If you’re unsure about a website, then don’t click on the link – head separately to the website of the organization the sender is claiming to represent to find out if the offer is legitimate.
2.  Look-alikes and fake websites – Look for the padlock and, on a desktop device, the https:// at the beginning of the website address. These indicate that communication between you and the site is encrypted and any data you send can’t be seen by anyone intercepting the traffic.
3.  Dodgy incoming information – Suspicious texts with malicious links, elaborate phishing emails and fraudulent banking notifications are all techniques used by online scammers. In addition, be wary of threatening messages that try to get you to hand over sensitive information, such as bank details.
4.  Passwords and PINs – It can feel a bit like beating a dead horse, but strong, unique passwords are the foundation of a positive online shopping experience. Avoid creating accounts with retailers unless absolutely necessary, and make sure to use a secure payment method, like Apple Pay, Android Pay or PayPal, to avoid linking your primary bank account. You can also take this one step further and enable two-factor authentication where possible, adding an extra layer of security to your transactions.
5.  Software safety first – Keep your devices and operating systems uptodate, and have security software installed and fully operational on all devices. Software updates fix known vulnerabilities, so be sure to install them when prompted. Security software products, such as ESET Internet Security or ESET Mobile Security, include extra features, like Banking & Payment Protection, to keep you safe while shopping online, which can take the stress out of your shopping spree.

BRATISLAVA – For the second year in a row, ESET, a global leader in cybersecurity, has been recognized as a Major Player in mobile threat management in the IDC MarketScape: Worldwide Mobile Threat Management Software 2020 Vendor Assessment (Doc #US46092220, September 2020).*

The assessment evaluates the enterprise market for mobile threat management software products, helping organizations to identify vendors with strong offerings and well-integrated business strategies.

According to the report, “ESET is strong in the areas of threat research, especially around Android malware identification and behavior detection.” As IDC further notes, “Organizations looking to consolidate security products and operations around a unified endpoint security model should also consider ESET for its broader portfolio of endpoint and security management tools on top of MTM.”

In 2020, mobile security has become a greater priority than ever before, as huge numbers of organizations have deployed large-scale remote working, while threat actors have increased their attempts exponentially. As they are separated from the office, more employees are using their mobile devices as a regular part of everyday work, and it is vital that these devices are protected. Businesses should ensure that all endpoints are secured with software such as ESET Endpoint Security for Android, which protects against a wide range of threats with its multilayered defense.

This is more than relevant today, as for many, a significant challenge in contending with mobile threats is managing all of the devices within an organization. As each employee may have multiple mobile devices, overseeing the software on each and every device can be a time-consuming task. However, offerings such as ESET Security Management Center** – which is automatically included in all ESET endpoint protection licenses – can streamline the process, providing a single pane of glass from which to manage all machines on a network.

Zuzana Legáthová, Analyst Relations Manager at ESET, commented: “As one of the IT industry’s most important vendor assessment tools, IDC MarketScape’s continued recognition of ESET as a Major Player is a great testament to the strength of ESET’s mobile security offerings. ESET’s improved performance compared to last year’s assessment is a confirmation of our ever-growing capabilities in the increasingly important space of mobile threat management software. Businesses across the globe can depend on ESET’s expertise to keep their devices safe and secure, and being named as a Major Player in Mobile Threat Management by IDC Marketscape is an important validation of this.”

* The first recognition was given in IDC MarketScape: Worldwide Mobile Threat Management Software 2018–2019 Vendor Assessment, Doc #US44521018, December 2018.

** will be renamed to ESET PROTECT