BRATISLAVA – ESET, a global leader in cybersecurity, has been named a Strategic Leader in the Endpoint Prevention and Response (EPR) Comparative Report, one of the most comprehensive tests of endpoint detection and response (EDR) solutions and endpoint security products ever performed by AV-Comparatives. The ESET PROTECT Enterprise bundle, comprising the ESET PROTECT management console, ESET Endpoint Security 7.3, and ESET Enterprise Inspector 1.4 – ESET’s EDR solution – was tested in the report.

AV-Comparatives, a leading independent testing organization, well-known for offering innovative real-world environment testing, subjected the products of nine vendors to dozens of targeted attacks, each deployed by a variety of techniques and tactics.

In addition to traditional in-depth testing, AV-Comparatives has developed an Enterprise EPR CyberRisk Quadrant™ that factors in the effectiveness of each product at preventing breaches, the calculated savings resulting from this, the purchase costs of the product, and the product’s accuracy costs (incurred due to false positives). ESET and its solutions were named a Strategic Leader in the quadrant – the highest certification in the quadrant. Strategic Leaders are defined as products that have a very high return on investment and provide very low total cost of ownership due to exceptional technical   capabilities, combined with reasonable costs. Strategic Leaders develop groundbreaking ideas and implement these impressively in their products.

ESET achieved particularly high scores in the categories of active response, passive response, and combined prevention/response capabilities, scoring the highest percentages of the test with 98%, 100%, and 99%, respectively. In the combined prevention category, only four out of the nine vendors received such a result.

As stated in the report, ESET PROTECT Enterprise did exceptionally well at handling threats targeted towards the user, in particular before the threat progressed inside the user environment. The easy-to-use intuitive console was praised, as well as the contextual data provided in order for security analysts to prioritize, mitigate, and further investigate threats. In addition to threat data and insight, ESET’s solutions showed good mapping to the MITRE ATT&CK®, enabling analysts to escalate an incident when necessary and provide additional defensive measures when available.

Andreas Clementi, CEO and founder, AV-Comparatives, commented, “ESET not only achieved the highest combined prevention and response score in the test, but also demonstrated outstanding overall detection and reporting capabilities. The test results contributed to ESET’s lowest total cost of ownership for organizations among all assessed vendors and ensured ESET’s position as a Strategic Leader in this new test by AV-Comparatives.”

Juraj Malcho, Chief Technology Officer at ESET, noted, “We are extremely proud of these results and of being named a Strategic Leader by AV-Comparatives in such a rigorous and important new test. We are passionate about always improving on and innovating our cutting-edge solutions, and third-party testing is a critical step in ensuring we’re delivering on that promise. The high scores in this EPR test reflect both our dedication to our customers’ safety and our commitment to providing the highest standard of EDR and endpoint security solutions from both passive and active defense standpoints.”

To learn more about ESET’s award-winning solutions, click here.

微軟在今年最後一個Patch Tuesday（12/8）修補了58個安全漏洞，當中有9個屬於重大（Critical）等級，且並無任何零時差漏洞。

CVE-2020-17121存在於SharePoint 中，該漏洞允許經過身分認證的使用者，以SharePoint Web Application服務的帳號，於伺服器上執行任意的.NET程式；另外還有藏匿在Hyper-V的CVE-2020-17095漏洞，則讓駭客可藉由傳遞無效的vSMB封包資料來擴張權限，使其能在Hyper-V主機上執行任意程式，而且看起來於客座作業系統不必特別的權限，就能開採該漏洞。CVE-2020-17095是此次微軟所修補的漏洞中最嚴重的，其CVSS v3漏洞分數為8.5，ESET資安專家建議用戶應盡快更新。

原文出處：https://www.welivesecurity.com/2020/12/09/microsoft-patch-tuesday/

#若有任何資安需求，歡迎洽詢台灣二版資安專業團隊，服務電話：(02)7722-6899，或上官網查詢：https://version-2.com.tw/?skip=1

Bratislava – ESET, a global leader in cybersecurity, has joined fifty other signatory companies operating in the Slovak Republic in signing the Diversity Charter of the Slovak Republic. In a first, the signing ceremony took place online. The Diversity Charter is a voluntary initiative by companies and organizations to promote diversity in the workplace. It is supported by the European Commission via the EU Platform of Diversity Charters, which supports the dissemination and sharing of principles, good practice and experience on diversity management in EU countries.

“For ESET, as a technology company, a central tenet of diversity and CSR activities is strengthening the representation of women and girls in IT, not only for the company itself, but for the entire sector as a whole. By signing the Diversity Charter of the Slovak Republic, we want to demonstrate that ESET takes inclusion and diversity seriously and that it is a matter of principle for us,” said Lucia Marková, ESET’s CSR Manager, at the signing of the Diversity Charter.

Membership in this initiative is open to all companies and organizations that are aware of the importance of equal treatment, inclusion and diversity in the workplace. The signatories agree with the content of the Diversity Charter of the Slovak Republic and subscribe to the following principles:

• Voluntarily integrate into the life of the company a set of principles and procedures that take into account diversity and an inclusive approach in the workplace.
• Build a relationship toward employees based on these principles and raise awareness of diversity issues at the management level.
• Inspire other companies operating in Slovakia and spread awareness of the benefits arising from the implementation of a policy of diversity.

“We work hard at creating a respectful environment in which all our employees feel welcome, without distinction. We promote diversity in the workplace very naturally; on our part, we mainly focus on a receptive and individual approach, not on statistics. We also pay serious attention to the approach we’ve taken to promote mental health at work, a very current topic that underlies the success of any and all employees,” concludes Daniela Škripková, Chief HR Officer at ESET.

BRATISLAVA, MONTREAL – ESET Research discovered another supply-chain attack in Asia, this time on the website of the Vietnam Government Certification Authority (VGCA). The attackers modified two of the software installers available for download on this website by adding a backdoor in order to compromise users of the legitimate application. Supply-chain attacks appear to be a quite common compromise vector for cyberespionage groups. Cybercrime operation SignSight leverages malware known as PhantomNet or Smanager.

“In Vietnam, digital signatures are very common, as digitally signed documents have the same level of enforceability as wet signatures. In addition to issuing certificates, the VGCA develops and distributes a digital signature toolkit. It is used by the Vietnamese government, and probably by private companies, to sign digital documents. The compromise of a certification authority website is a good opportunity for APT groups, since visitors are likely to have a high level of trust in a state organization responsible for digital signatures,” explains Matthieu Faou, one of ESET’s researchers investigating the SignSight operation.

The PhantomNet backdoor is quite simple and is able to collect victim information (computer name, hostname, username, OS version, user privileges [admin or not], and the public IP address) as well as install, remove and update malicious plugins. These additional and more complex plugins are probably only deployed on a few selected machines. By also installing the legitimate program, the attackers make sure that this compromise won’t be easily noticed by end users.

ESET researchers uncovered this new supply-chain attack in early December 2020 and notified the compromised organization and the VNCERT. We believe that the website ceased delivering compromised software installers at the end of August 2020. The Vietnam Government Certification Authority confirmed that they were aware of the attack before our notification and that they notified the users who downloaded the trojanized software.

ESET has seen victims in the Philippines in addition to Vietnam.

For more technical details about operation SignSight, read the blog post “Operation SignSight: Supply- chain attack against a certification authority in Southeast Asia” on WeLiveSecurity. Make sure to follow ESET Research on Twitter for the latest news from ESET Research.

BRATISLAVA – ESET, a global leader in cybersecurity, announced today it is continuing to partner with Google to protect Google Chrome users. ESET’s award-winning technology is used by Google to scan, identify and remove unwanted software encountered by users of Chrome for Windows. The extension of the cooperation on Chrome Cleanup, part of Chrome’s Safe Browsing feature, continues the close collaboration between the world’s most popular browser and the leading EU-based IT security vendor’s technology.

As applied in Chrome Cleanup, ESET’s technology is used by Google to alert users about unwanted or potentially harmful software attempting to get on users’ devices through stealth, for example, by being bundled into the download of legitimate software or content. Google Chrome, using ESET’s security technology, then provides users with the option to remove the unwanted software. Chrome Cleanup operates in the background, without visibility or interruptions to the user. It deletes the unwanted software and notifies the user once the cleanup has been successfully completed.

The two companies enjoy a broad relationship that also includes a collaborative role in which ESET works closely with Google to ensure the safety of the Google Play Store as a partner in the App Defense Alliance. ESET also provides data for users of Chronicle, Google Cloud’s security analytics platform, to surface verdicts on malicious files.

“We are proud to partner with Google in helping Chrome users enjoy safer technology,” said Juraj Malcho, ESET Chief Technology Officer. “The ongoing collaboration with Google and Chrome Cleanup demonstrates the importance that both companies place on keeping users safe and secure. With Chrome being the browser of choice for most Windows users, ESET’s technology and engineers are providing frontline protection.”

For additional information about Google Chrome Cleanup, please click here