BRATISLAVA – ESET, a global cyber security leader, has been recognized as a ‘Top Player’ for the third year in a row in Radicati’s 2020 Endpoint Security Market Quadrant. The report examines 17 leading endpoint security vendors in the market, assessing their functionality and strategic vision, within which ESET was placed in the top quadrant for the third year in a row.

The Radicati Market Quadrant is a metric used to paint a picture of a specific technology market, with this edition covering Endpoint Security – comprising of appliances, software, cloud services, and hybrid solutions that help to secure and manage endpoints for business organizations of all sizes. As pointed out in the report, organizations no longer view endpoint security as an isolated discipline affecting only the endpoint, but as an integral part of organization-wide defense. Endpoint security shares threat intelligence feeds and policy controls with all other major security components, including firewalls, secure web gateways, secure email gateways, data loss prevention (DLP), and more.

This Quadrant continues to grow in importance with the endpoint security market experiencing growth at an exponential rate, as organizations of all sizes deploy increasingly sophisticated and feature-rich solutions to help protect against threats and malicious attacks. In fact, the Endpoint Security market is expected to surpass $8.2 billion in 2020 and grow to over $15.6 billion by 2024.

Radicati positions vendors in a quadrant according to two criteria: functionality and strategic vision. Radicati also evaluates according to key capabilities including malware detection, web and email security, encryption, mobile device protection, data loss prevention and Endpoint Detection and Response (EDR) and Managed Detection and Response (MDR).

In Radicati’s 2020 Endpoint Security Market Quadrant, ‘Top Players’ are described as the current market leaders with products that offer both breadth and depth of functionality, as well as possessing a solid vision for the future. ‘Top Players’ shape the market with their technology and strategic vision. ESET’s positioning as a ‘Top Player’ for the third year in a row demonstrates the company’s pioneering and innovative nature as the Radicati report states that once a company reaches this stage, they must fight complacency and continue to innovate.

ESET’s Endpoint Security solutions were highlighted as offering high performance and high detection rates, low footprint with low system resource usage and for their ease of deployment and use. They were also commended for their suitability to offer protection for companies with heterogeneous environments.

Juraj Malcho, ESET’s Chief Technology Officer, said “We are incredibly proud to be ranked as a Top Player in Radicati’s 2020 Endpoint Security Market Quadrant. Being acknowledged as a Top Player for the third year in a row is demonstrative of ESET’s ability to stay innovative and provide the best possible technology solutions for our customers. As the endpoint security market continues to grow, we are committed to developing reliable and easily deployable security for organizations of all shapes and sizes.”

To read more about the 2020 Radicati Market Quadrant: Endpoint Security, please click here, and to read more about ESET’s Endpoint Security solutions, please click here.

BRATISLAVA – ESET, a global leader in cybersecurity, has again been commended with the highest score in the latest AV-TEST for best antivirus software for Android. After launching version 6.0 of ESET Mobile Security (EMS) in September with the new Payment Protection feature, ESET earned top scores for the second time in a row with a total of 18 points.

AV-TEST, a leading independent testing organization, uses one of the largest collections of digital malware samples in the world to create a real-world environment for highly accurate in-house testing.

After achieving the top score in the July 2020 AV-TEST, ESET was evaluated alongside 14 other mobile security products, using their default settings and the most current version of all products. The testing focused on malware detection and usability, including performance and false positives. ESET Mobile Security achieved the highest score of 99.8% in “Protection against the latest Android malware attacks in real time” and a perfect 100% in “Detection of widespread Android malware discovered in the last 4 weeks.” The ESET Mobile Security app for Android was also highlighted for not impacting battery life or slowing down the device.

Version 6.0 of the premium Mobile Security solution introduces a new layer of security for EMS users. The Payment Protection feature safeguards users while utilizing financially related applications, for example, for banking or trading. This feature automatically categorizes all installed applications from the Google Play store that fall into the Finance category and scans them for potential threats. The user is also able to add other installed apps to the list that may fall outside of the Finance category.

Commenting on the results, Branislav Orlík, product manager at ESET, said, “We are extremely proud of ESET’s consistent recognition from AV-TEST for our mobile security product offering. Our dedication to providing customers with the very best in IT security solutions is reflected in these scores, as it is vital that users’ personal and professional data is protected to the highest standard. We are thrilled to have achieved the highest score once again and are committed to always innovating and updating our product offerings.”

Click here to find out more information about ESET Mobile Security.

BRATISLAVA – ESET researchers recently discovered attempts to deploy Lazarus malware via a supply-chain attack (on less secure parts of the supply network) in South Korea. In order to deliver its malware, the attackers used an unusual supply-chain mechanism, abusing legitimate South Korean security software and digital certificates stolen from two different companies. The attack was made easier for Lazarus since South Korean internet users are often asked to install additional security software when visiting government or internet banking websites.

“To understand this novel supply-chain attack, you should be aware that WIZVERA VeraPort, referred to as an integration installation program, is a South Korean application that helps manage such additional security software. When WIZVERA VeraPort is installed, users receive and install all necessary software required by a specific website. Minimal user interaction is required to start such software installation,” explains Anton Cherepanov, ESET researcher who led the investigation into the attack. “Usually this software is used by government and banking websites in South Korea. For some of these websites it’s mandatory to have WIZVERA VeraPort installed,” adds Cherepanov.

Additionally, the attackers used illegally obtained code-signing certificates in order to sign the malware samples. Interestingly, one of these certificates was issued to the U.S. branch of a South Korean security company. “The attackers camouflaged the Lazarus malware samples as legitimate software. These samples have similar file names, icons and resources as legitimate South Korean software,” says Peter Kálnai, ESET researcher who analyzed the Lazarus attack with Cherepanov. “It’s the combination of compromised websites with WIZVERA VeraPort support and specific VeraPort configuration options that allows attackers to perform this attack,” adds Kálnai.

ESET Research has strong indications to attribute the attack to Lazarus, as it is a continuation of what KrCERT has called Operation BookCodes, attributed to Lazarus by some in the cybersecurity research community. The other reasons are typical toolset characteristics; detection (many tools are already flagged as NukeSped by ESET); the fact that the attack took place in South Korea, where Lazarus is known to operate; the unusual and custom nature of the intrusion and encryption methods used; and the setup of network infrastructure.

It must be noted that the Lazarus toolset is extremely broad, and ESET believes there are numerous subgroups. Unlike toolsets used by some other cybercriminal groups, none of the source code of any Lazarus tools has ever been disclosed in a public leak.

For more technical details about the latest Lazarus supply-chain attack, read the blogpost “Lazarus supply-chain attack in South Korea” on WeLiveSecurity. Make sure to follow ESET Research on Twitter for the latest news from ESET Research.