2020 彙整 - Page 36 of 50

ESET NOD32 產品註冊伺服器將於2020-06-02進行定期維護

為了提供更穩定的服務，ESET NOD32 產品註冊伺服器 (https://www.eset.hk/download/register/) 將於2020-06-02進行定期維護。

不便之處，敬請原諒。

技術支援熱線: (852) 2893 8186
或電郵至: support@eset.hk

About Version 2

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

關於ESET
ESET成立於1992年，是一家面向企業與個人用戶的全球性的電腦安全軟件提供商，其獲獎產品 — NOD32防病毒軟件系統，能夠針對各種已知或未知病毒、間諜軟件（spyware）、rootkits和其他惡意軟件為電腦系統提供實時保護。ESET NOD32佔用系統資源最少，偵測速度最快，可以提供最有效的保護，並且比其他任何防病毒產品獲得了更多的Virus Bulletin 100獎項。ESET連續五年被評為“德勤高科技快速成長500 強”（Deloitte’s Technology Fast 500）公司，擁有廣泛的合作夥伴網絡，包括佳能、戴爾、微軟等國際知名公司，在布拉迪斯拉發（斯洛伐克）、布裏斯托爾（英國）、布宜諾斯艾利斯（阿根廷）、布拉格（捷克）、聖地亞哥（美國）等地均設有辦事處，代理機構覆蓋全球超過100個國家。

總統府釣魚信事件，情境換成假冒董事長、振興券，您的使用者能辨別嗎？

多個立委辦公室電子郵件信箱在總統就職日當晚，都收到一封偽冒總統府的信件，要求前往連結網頁填寫聯絡表單，但實際上這是一封騙取資料的釣魚郵件。根據刑事局的調查分析，釣魚郵件是由外部郵件主機寄發，將寄件者偽裝為總統府寄發的郵件，內容包含的惡意連結則是連到烏克蘭的雲端服務公司。若不慎點選連結，可能會被植入木馬程式、竊取資料！

偽冒總統府寄發的郵件

雖然上述案例是針對立委辦公室，一般民眾不會收到來自總統府的信件，但其實駭客一直運用相同的手法，透過高度偽裝的釣魚郵件，搭配社交工程對各種產業、各式企業發動攻擊。這類釣魚郵件大多偽冒精良且手法高招讓人難以肉眼分辨，巧妙運用與收件者切身關聯或有興趣的議題，引誘收件者執行指示動作，如點選惡意連結或惡意附件，再進一步竊取帳密或安裝木馬程式，做為下一次攻擊的可用工具。

假如，將這些偽冒精良的郵件情境換成假冒董事長寄發的信，或來自政府機關的振興券消息，您的使用者都能夠辨別嗎？

企業防禦這類郵件的不二法門，仍是設法提供使用者相較安全的郵件使用環境，避免他們接觸到這類郵件。例如運用中華數位科技 SPAM SQR進行惡意威脅郵件攔截。SPAM SQR 內建惡意檔案分析、威脅感知、智能詐騙等多種引擎與惡意網址資料庫，可整合防毒與動態沙箱等機制，以多層式過濾方式，針對內寄郵件內容及附件內容進行掃描，更全面防禦釣魚等惡意郵件。
另外，避免企業成為被駭客偽造冒名的工具，可運用 SPAM SQR 防偽認證模組，防止認證通過的帳號，利用他人名義發信，降低偽造企業人員發送黑函、釣魚、詐騙郵件的風險。

然而，使用者的安全意識仍舊是資安防護最重要的一道防線。因此，除了提供安全的郵件使用環境，輔以教育訓練與社交工程演練，加強企業防線。透過定期舉辦社交工程講習與社交工程演練，來提升使用者資安意識、分析演練成效，來找出企業中需要強化的環節，才能有效降低企業的安全風險！

更多防禦方式，請參考中華數位科技【釣魚郵件解決方案】

About Version 2

關於中華數位科技 Softnext Technologies Corp.
創立於2000年8月。
秉持著【We Secure Your Content】的服務理念，以提供企業資訊應用管理服務及打造資訊內容安全防護為宗旨。專精於提供網路應用服務技術，根據市場需求推出多款資訊內容安全的解決方案及應用服務，能夠協助企業透過符合資安管理規範並遵循法規的方式進行資訊內容安全管理，以維護員工的生產力、提升企業經營績效。

Softnext 2020

ESET researchers detect a new trick used by malware to slip into the official Android app store

Bratislava – May 22, 2020 – ESET researchers discovered an extremely stealthy – yet surprisingly simple – technique that allowed Android malware to stay under the radar. Analyzing the DEFENSOR ID app that was – at the time – available on the official Android app store, ESET researchers learned the app misused Accessibility Services but required no other suspicious permission nor had any other malicious functionality.

“The Accessibility Services feature is long known to be the Achilles’ heel of the Android operating system, and security solutions have been tuned to detect various combinations of misuse of this weak spot with other indicators of malicious behavior,” explains Lukáš Štefanko, the ESET malware researcher who conducted the analysis into DEFENSOR ID.

Faced with malware that displayed no additional functionality nor suspicious permissions on top of Accessibility Services, all known security mechanisms failed to trigger any alarm. As a result, DEFENSOR ID made it onto the Google Play store, stayed there for a few months and was never detected by any security vendor participating in the VirusTotal program.

“This has been a valuable lesson for us. Based on what we’ve learned about DEFENSOR ID, we’ve fine-tuned our detection technologies to also cover malware with such a uniquely low detection cross-section,” says Štefanko.

Apart from being extremely stealthy, DEFENSOR ID is capable of inflicting serious harm on its victims. It belongs to the banking trojans malware category and is exceptionally insidious: once installed, it needs its victim to take only one action to fully unleash its power.

“Once the user activates Accessibility Services, DEFENSOR ID can pave the way for the attacker to clean out the victim’s bank account or cryptocurrency wallet and take over their email or social media accounts, among other malicious actions,” comments Štefanko.

Following ESET’s notice, Google removed DEFENSOR ID from the official Android app store.

“We decided to publish the results of our investigation into this malware to help defenders cope with ultra-low cross-section Android malware. The creators of such malware are definitely going to face hardened protections around both Google Play and the users’ devices,” concludes ESET’s Štefanko.

For more details, read “Insidious Android malware gives up all malicious features but one to gain stealth” on WeLiveSecurity.com. Make sure to follow the ESET Research account on Twitter for the latest news from ESET Research.

The DEFENSOR ID app on Google Play – Portuguese version (Google Translate: “Your new Defensor app available for: / Physical People / Legal entities / From now on you will have more protection when using your applications, encryption for end-to-end users”)

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.

ESET 2020 Malware

Winnti Group targets video game developers again, ESET researchers uncover

BRATISLAVA, MONTREAL – ESET researchers have discovered a new modular backdoor used by the Winnti Group against several video game companies that develop MMO (massively multiplayer online) games. The malware, named PipeMon by ESET, targeted companies in South Korea and Taiwan. The video games developed by these companies are distributed all around the world, are available on popular gaming platforms, and have thousands of simultaneous players.

In at least one case, the attackers compromised the company’s build orchestration server, allowing them to take control of the victim’s automated build systems. This could have allowed the attackers to trojanize video game executables. “However, we do not have evidence this has occurred,” says Mathieu Tartare, Malware researcher at ESET. In another case, the operators compromised the company’s game servers. With this attack, it would be possible to manipulate in-game currencies for financial gain. ESET contacted the affected companies and provided the necessary information and assistance to remediate the compromise.

“Multiple indicators led us to attribute this campaign to the Winnti Group. Some of the command and control domains used by PipeMon were used by Winnti malware in previous campaigns. Furthermore, in 2019 other Winnti malware was found at some of the same companies that were later discovered to be compromised with PipeMon in 2020,” says Mathieu Tartare, ESET researcher monitoring the Winnti Group. There are other notable similarities that researchers explore in the blogpost.

The new modular backdoor PipeMon is signed with a code-signing certificate likely stolen during a previous campaign and shares similarities with the PortReuse backdoor. “This new implant shows that the attackers are actively developing new tools using multiple open source projects and don’t rely solely on their flagship backdoors, ShadowPad and the Winnti malware,” adds Tartare. ESET was able to trace two different variants of PipeMon.

For more technical details about the latest Winnti backdoor, read the blogpost No ‘Game over’ for the Winnti Group on WeLiveSecurity. Make sure to follow ESET research on Twitter for the latest news from ESET Research.

The Winnti Group, active since at least 2012, is responsible for high-profile supply-chain attacks against the video game and software industries, leading to the distribution of trojanized software (such as CCleaner, ASUS LiveUpdate and multiple video games) that is used to compromise more victims. Recently, ESET researchers also discovered a campaign of the Winnti Group targeting several Hong Kong universities with ShadowPad and the Winnti malware. More details about the group’s arsenal are explored in a white paper published in October 2019.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

ESET 2020 Winnti Group

ESET included as Enterprise Architecture EDR solution in Now Tech report

BRATISLAVA – Global cybersecurity leader ESET has been included among 29 vendors in Forrester’s Now Tech: Enterprise Detection and Response Q1 2020 report. The report provides an overview of the technology players in the EDR market and offers insights into understanding their capabilities. Security and risk professionals can use the report to determine the value they can expect from an enterprise detection and response provider and to select one based on size and functionality. Especially in these challenging times, detection & response capabilities are necessary to ensure business continuity.

ESET has been included in the report as an Enterprise Architecture EDR solution, as classified by the architectural decisions behind the product that are designed to provide sub-second behavioral detection and response on the endpoint itself, improving endpoint protection capabilities and offline protection.

Key takeaways from the report include:

A key benefit of EDR products is the ability to hunt for indications that an adversary has eluded your security controls and is lying in the weeds of your infrastructure.
Each provider in this market has a unique industry focus, geographic footprint, and a set of core competencies, leading to different engagement models that suit a variety of customer needs.

Juraj Malcho, chief technology officer at ESET, commented, “We are proud to be included in the Forrester Now Tech report, and to be recognized among players in the EDR market as, in our opinion, protecting our users and their businesses against the latest advanced persistent threats is central to our mission as a business. Ensuring your business is equipped with capable and cutting-edge detection and response tools is an absolute necessity during these unpredicted times, and we hope that security and risk professionals will be able to make the best decision for their business with ESET’s innovative EDR offerings.”

To read more about Forrester Now Tech, please click here, and to read more about ESET’s enterprise solutions, please click here.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

ESET 2020

About Version 2

About Version 2

About Version 2 Digital

About Version 2 Digital

About Version 2 Digital

About Version 2 Digital

Hello!