8.10.15

Fake Android apps bypass Google Play store security, installed 200,000+ times in a month


Posing as cheats for popular game, these fake apps pester users by displaying ads every 30-40 minutes.

ESET®, a global pioneer in IT security for more than two decades, publishes information on fake apps that were available at the official Google app store. Posing as popular game cheats, such as Cheats for Pou, Guide for SubWay and Cheats for SubWay, these fake apps were installed more than 200,000 times in a single month, according to ESET security researchers.

The app aggressively display adverts 30-40 minutes, disrupting normal use of users’ Android devices.
The fake apps, detected as Android/AdDisplay.Cheastom by ESET, deploy numerous techniques to evade detection by Google Bouncer - the technology Google uses to prevent malicious apps from entering the Google Play store.   In addition, the apps contain self-preservation code to make their removal more complicated.

These aggressive ad-displaying apps attempt to hide their functionality from security researchers by deploying techniques, which succeeded in being downloaded over 200,000 times in a single month,” said Lukáš Štefanko, Malware Researcher at ESET. The anti-Bouncer technique used by these apps obtains the IP address of a device and accesses its WHOIS record. If the information returned contains the string ‘Google’, then the app assumes it is running in Bouncer. Should the app detect an emulator or Google Bouncer environment, the ads are not displayed. Instead, the app will simply provide game cheats, as expected.
ESET notified Google and these unwanted applications have now been removed from the Google store.

Although it’s good that Google removed the apps from the Android Google Play store after we informed them of the issue, it is clear that more attempts will be made to bypass Bouncer and spread apps containing undesirable code,” continued Štefanko.


More information and advice for affected users available from ESET’s in-depth article on WeLiveSecurity.com.

7.10.15

Software AG presenteert webMethods Agile Process Platform



  • webMethods Agile Process Platform ondersteunt ‘citizen developers’ en ontwikkelaars van de IT-afdeling op één ontwikkelingsplatform

  • webMethods Agile Process Platform wordt voorgesteld op Innovation World 2015

  • algemeen beschikbaar in Q1 2016

Software AG presenteert het webMethods Agile Process Platform, een deel van het Digital Business Platform van Software AG. Het webMethods Agile Process Platform zorgt ervoor dat citizen developers - medewerkers die applicaties ontwikkelen maar niet tot het IT-team behoren - makkelijker kunnen samenwerken met de strategische IT-ontwikkelaars van een onderneming. Zo valt de nood aan diverse platformen voor applicatieontwikkeling weg. Twee compleet verschillende groepen medewerkers kunnen samenwerken op het webMethods Agile Process Platform: de citizen developers die gebruik maken van snelle, flexibele apps om kleine applicaties te bouwen voor dagelijks gebruik, en de IT-experts die voor de bouw van complexe corporate IT-systemen onmisbaar zijn.
In het licht van de toenemende digitalisering moeten organisaties hun IT-systemen kunnen aanpassen aan de snel veranderende omgeving waarin ze actief zijn. Meer nog, ze moeten in staat zijn om hun bedrijfsmodellen en -processen snel te herstructureren om succesvol te blijven. Dat vereist wendbare, gebruiksvriendelijke applicaties die snel en makkelijk te bouwen zijn. Vaak zijn ze ook maar bedoeld voor tijdelijk gebruik, bijvoorbeeld om een tijdelijk probleem met een workflow op te lossen.
Wanneer blijkt dat die tactische applicaties ook op lange termijn een strategisch voordeel bieden aan de business, is het nuttig ze te integreren in het bestaande IT-landschap. De IT-experts die met de bedrijfsprocessen en IT-integratie binnen het bedrijf vertrouwd zijn, brengen daarvoor de nodige expertise aan.
Dankzij het webMethods Agile Process Platform van Software AG houden klanten alle opties open. Het platform laat hen toe wendbare applicaties te bouwen op een aanpasbare en flexibele manier, die ze later kunnen inpassen in het strategische IT-portfolio en integreren in de bestaande IT-omgeving, zonder dat ze de toepassingen daarvoor moeten herschrijven.
Het webMethods Agile Process Platform combineert de mogelijkheid om applicaties te bouwen voor process management, workflow management en case management. Dat biedt klanten de keuze om dynamische, op cases gebaseerde proceslogica of vaste bedrijfsprocessen te voorzien, afhankelijk van wat het meest zinvol is. Het webMethods Agile Process Platform geeft business en IT de mogelijkheid om samen te werken aan een gemeenschappelijk objectief. In die benadering kunnen adhoc- en strategische applicatieontwikkeling plaatsvinden op één platform, wat een maximaal hergebruik van de toepassingen toelaat.
“Als een van de grootste onafhankelijke spelers voor infrastructuursoftware van de wereld zijn we vastbesloten om de muren tussen technologieën, tussen bedrijfsafdelingen, en tussen business en IT weg te halen, doorheen de hele waardeketen, van leverancier tot klant”, zegt Wolfram Jost, CTO bij Software AG. “In een digitale business vallen die muren weg wanneer bedrijven snel genoeg kunnen reageren op de veranderingen in hun omgeving. Het webMethods Agile Process Platform biedt de technologie en het concept om innovatie te realiseren zonder hindernissen.”
Het webMethods Agile Process Platform is een kerncomponent van het Digital Business Platform van Software AG. Het Digital Business Platform is een ontwikkelingsomgeving met veel kant-en-klare applicatieservices die de ontwikkeling ondersteunen van logica voor integratie, processen, beslissingen, events en progammering. Het Digital Business Platform is inzetbaar in de cloud, compatibel met mobiele toestellen en ondersteunt de ontwikkeling van microservices.
Voor een preview van Agile Process Platform, mail naar   AgileProcessTeam@softwareag.com


5.10.15

Six Steps to Make Your Cyber Workspace Safer

Your work is important to you and your employer … and cybercriminals as well. That is a good reason to stop and think before you connect.


It may have happened to you before. You were browsing through your work emails, coming across one with an unusual subject line. In the message, the sender is politely asking you to sign into your work account again because of some technical issues, attaching a specific link for this purpose. As it came from an address, which seems like it’s from inside the company, you click and try to sign-in.  

The process is obviously not working even after you have inserted the correct user name and password several times, so you just carry on with work, as if nothing has happened and ignore the incident. Only a few hours later you start suspecting that something is wrong, just as your computer starts acting.

Calling the company’s IT support, you find out that you have become a victim of a phishing attack  that was after your login data. Listening to your boss mentoring you on security, you realize how complicated the cyberspace has gotten and how vulnerable you as a user really are.
But fear not, there are good habits that can help protect you from treacherous emails, suspicious websites or even malicious apps and October as the European Cyber Security Month presents a perfect opportunity to brush up on these skills:

1. Pay more attention to the details
It goes without saying that you should be extra careful about everything you encounter in the digital world - the unusual work email, link your colleague sent you during lunch or anything that’s trending on your social network. In case you don’t know the sender or there is something dubious about the content, you best avoid it.

2. Suspect something is awry?
You realized that you just surfed through malicious website. Take a deep breath, think and if you aren’t sure what to do, ask some of your more experienced colleagues or reach out to IT support for help.

3. Don’t do things in a rush
If nobody is around, don’t rush to find the solution yourself. It is better to let the content idle, than risk making more missteps on the way.

4.       Lock your computer with a password
Think of security also in the physical sense. Need a break for coffee or have to leave your workspace? Keep the screen locked. It might sound annoying, but the same rule applies for all your mobile devices – work and private – especially if they store sensitive company data and you lend them to other people. If passwords aren’t your kind of thing a PIN lock, or even a pattern is way better than nothing.

5.       Stick-it notes with passwords. …not that you use them : )
Use a password manager by trustworthy vendor instead, as it encrypts your data and also keeps it protected with other security features.

6.       Protect your devices with a security solution
All your valiant cyber security efforts can come to nothing, if your computer or mobile device isn’t protected. So don’t hesitate and install security software from a renowned vendor or ask your IT department to do it for you.



5 things you might be doing wrong when asking your techie for help


Has your computer broken down or is it not working as it should? Who do you call? I bet you have a guy around who falls in the “techie” category. You know, who I mean, someone who lives, works or is just plain good with the computers and open to help you out.
But for some reason, your techie gets upset every time he is asked to fix some of your gear. Here is what you may have been doing wrong and some tips that can mend your relationship:

Is your device plugged in? Did you try to restart it?
I guarantee you these will be the first lines most techies will give you almost without thinking. So, best only call them after you’ve checked if your device has juice and a restart does not solve your problem.

Have the list of “errors” at hand
If your techie extends a promise to stop by your desk, he or she will have a few questions you better know the answer to. Be ready to describe what went wrong with your device. Also, it can be very useful if you jot down everything you’ve been doing before and after the error messaged popped-up. 
A screen shot of error log might be of help too, scoring you some more good points.
Note: Be ready to confess your sins, as most of the time it is the user – understand you – who caused the error in the first place! Trying to shift the blame on anybody else or even on the poor device itself, will only annoy your techie. So if there is a chance that you have downloaded a suspicious file, or you’ve done something that’s fishy, don’t be afraid to let it all out. Believe me, they have seen it all.

Remember, small-talk doesn’t fix your computer
Do not ask too many questions. After all, the techie is trying to fix the mess you have made and it often isn’t as straightforward as you may think. If you still think you can Google your way out of the problem go right ahead, but don’t bother calling for help next time.
Beware: small-talk can sometimes lead to a dead-end. In fact, if you can find any activity other than looking over the techie’s shoulder, while he is sorting your life for you, go for it. It’s better for everybody involved − you, your techie and your device as well.

Your guesses aren’t helping…
Trying to talk to problem away isn’t going to help either. After all, your techie is most probably a true IT professional (this is why you haven’t solved the problem) who knows a thing or two about computing and similar things. So keep your interaction to a minimum − only answer the questions he/she asks and keep your theories of what might have gone wrong to yourself. If you are lucky and receive a piece of valuable advice, follow it without reservation. This can be anything from using better passwords to getting a bona-fide security solutions. We’ve asked our techies, so you don’t have to. These simple suggestions can save you time, money and keep you out of trouble.


Patience, patience, patience
“It is only a minor thing. Probably not even worth your time, but could you come over and take a look anyway?” Techies hear that a lot. Contrary to popular belief most of the time, trying to find the right patch for the army of (virtual) bugs you have happened to unleash, isn’t that simple. So brace yourself, to fix an unknown machine can easily take half a day, and even eat into the lunch. So be patient and let the techie do his job for as long as it takes. Who knows when will be the next time he will grace you with his presence.

Most important: Celebrate Techies Day
So why are we dishing out all this advice? Because October 3rd is a day dedicated to techies and also happens to be the European Cyber Security Month!
So to sum up, appreciate more techies’ help, follow their advice, and act smart in cyber world. Oh one more thing − take them out for lunch.

Happy Techies Day!


Onafhankelijk onderzoeksbureau onderscheidt Software AG als leider voor In-Memory Data Grids


  • Terracotta In-Memory Data Fabric van Software AG krijgt hoogste score in 7 categorieën
  • Terracotta “heeft unieke architectuur in vergelijking met andere leveranciers”
  • Software AG: Terracotta is naadloos geïntegreerd met het eerste Digital Business Platform ter wereld en verschaft zo een ongeziene snelheid aan applicaties

Software AG (Frankfurt TecDAX: SOW) kondigt aan dat de toonaangevende analist Forrester Research Inc. het bedrijf positioneert als leider in de Forrester WaveTM: In-Memory Data Grids, Q3 2015* met het Terracotta In-Memory Data Fabric platform. In het rapport schrijft auteur Mike Gualtieri dat leiders “een alomvattende set features bieden, om een zo breed mogelijk spectrum van use cases te kunnen bedienen”.

Volgens het rapport heeft Terracotta “een unieke architectuur in vergelijking met de andere leveranciers, omdat het zich baseert op een zogenaamde striping architectuur om hoge beschikbaarheid te realiseren, in plaats van op een peer-to-peer architectuur.” Software AG is ervan overtuigd dat die aanpak tot een hoge beschikbaarheid leidt en dat het de snelste manier biedt om big data te verzamelen, er analytics op los te laten en er de nodige correlaties en informatie uit af te leiden.

Het Terracotta In-Memory Data Fabric platform biedt chip-gebaseerde random access memory (RAM) aan gedistribueerd over verschillende nodes, om zo de performantie te versnellen en een grote schaalbaarheid van datatoegang en rekenkracht te realiseren met een extreem korte, voorspelbare latency.
Daarnaast helpt Terracotta ontwikkelaars met in-memory storage voor bestaande en toekomstige data workloads. Door data in-memory aan te houden, kunnen bestaande applicaties veel sneller werken, waardoor ze meer klanten kunnen bedienen, terwijl de traditionele kosten voor databaseopslag en licentiekosten afnemen.

“Dat Forrester ons dankzij het In-Memory Data Fabric platform omschrijft als ‘een leider’ onderlijnt het belang van een oplossing als Terracotta voor het leveren van kritische in-memory data grids”, zegt Dr. Wolfram Jost, Chief Technology Officer en lid van de raad van bestuur van Software AG. “Klanten verwachten dat websites en apps onmiddellijk reageren en dat ze almaar meer functionaliteit bieden. Dat zorgt voor een enorme druk op de legacy van een bedrijf, op de backend en de diverse componenten van de architectuur. Met zijn high-performance en schaalbaarheid is Terracotta perfect uitgerust om de druk van de groeiende groep gebruikers te verlichten. Het platform biedt hen onmiddellijke toegang tot websites en apps en bezorgt hen een onmiddellijke respons.”

Het volledige rapport is beschikbaar op www.softwareag.com/recognition.

* The Forrester WaveTM:  In-Memory Data Grids, Q3 2015 – there is no better way to achieve blazing fast performance at scale by Mike Gualtieri with Holger Kisker, Ph.D., Mark Granna, Sophia Christakis, Ian McPherson [September XX, 2015].


ESET récompensé par AV-Comparatives pour sa fonctionnalité de contrôle parental


AV-Comparatives, une organisation indépendante de tests, a publié cette semaine les résultats de son Parental Control Review, analyse en profondeur dans laquelle sont évaluées les principales fonctionnalités et les capacités des solutions pour protéger les enfants contre les contenus non désirés sur leurs ordinateurs sous Windows.

Dans cinq rapports séparés sur les produits, ESET Smart Security a obtenu la récompense Approved Parental Award Control Product pour sa liste de fonctionnalités. L’évaluation couvre les principales fonctionnalités comprises dans chaque produit comme le filtrage de contenu, le contrôle des limites en temps, le contrôle d’applis et la convivialité.

AV-Comparatives a également testé la composante de filtrage web en utilisant des systèmes automatiques afin de vérifier l’efficacité du produit en matière de blocage de sites web de différentes catégories, comme la pornographie, la drogue et les jeux.

“Bien que les fonctionnalités de contrôle parental d’ESET Smart Security soient limitées, elles fonctionnent parfaitement. Nous les avons trouvées simples à configurer, avec d’excellentes aides à l’installation. La liste de catégories est étendue mais pas excessive tandis que les groupes d’âge prédéfinis sont utiles pour faire une sélection correspondant à un enfant d’un âge précis. Lors du test de filtrage web, cela s’est aussi avéré très efficace pour bloquer les sites non désirés, ” déclare Andreas Clementi, CEO d’AV-Comparatives

La fonctionnalité de contrôle parental est inclue dans toutes les versions du tiers supérieur de produits ESET pour consommateur, depuis ESET Smart Security 5. Les produits du segment consommateur d’ESET sont compatibles Windows 10 depuis la version 7.

Pour plus d’informations et les dernières nouvelles concernant ESET Smart Security visitez notre site.


Le rapport complet Parental Control Review d’ESET Smart Security est disponible : on AV-Comparatives website.

ESET Joins European Cyber Security Month to Raise Awareness


ESET is once again helping to raise awareness about cyber threats during the annual European Cyber Security Month (ECSM). In a world where a great part of the 500 million European citizens is working or spending their free time online, the significance of these risks should not be downplayed.

ESET experts will contribute with cyber security topics during October across several forums around Europe, such as ESET Security Days in Amsterdam, a dedicated webinar by ESET UK‘s Mark James during the Security Serious Week in the UK, presentations at Virus Bulletin conference in Prague, and last but not least IP Expo London, and IT-Security Expo in Germany.

As the general public is not taking part in most of these events, ESET will also reach out to them through articles on WeLiveSecurity.com focused on a variety of topics, including:
·         Tips and tricks for improved security for employees .
·         How employers can keep proprietary data and themselves safe.
·         Advice for software and app developers on how to apply “secure by design” approach.
·         Most popular cloud services, their advantages but also limitations.

ESET, the global pioneer in IT security for more than two decades, is pursuing its vision to enable users everywhere to enjoy the full potential of themselves and their technology in a secure digital world. Joining up with the ECSM initiative, it seeks to get closer to fulfilling this vision.

"Raising IT-Security awareness in our communities has been an important task that we have been working hard for many years at ESET. Therefore we are happy to join this action in order to improve our efforts to make a connected society more secure," says Raphael Labaca Castro, Editor-in-Chief of ESET news-site WeLiveSecurity.com, who attended the launch event in Brussels earlier this week.


European Cyber Security Month is an EU-wide campaign that promotes cyber security among citizens and advocates for change in the perception of cyber-threats by promoting data and information security, education, sharing of good practices and competitions.

ESET Cyber Security and ESET Cyber Security Pro Now Compatible With El Capitan




ESET®, a global pioneer in IT security for over two decades, today announces the release of an update for ESET Cyber Security and Cyber Security Pro, making the internet security suite for Macs fully compatible with the newest OS X, El Capitan.

ESET Cyber Security protects Mac users against emerging cyber threats while keeping low system footprint and allowing them to enjoy the unhindered performance of their machine. The award-winning security suite comes with multiple layers of protection – including proactive antivirus and Anti-Phishing module to prevent cross-platform social engineering attacks.

“ESET Cyber Security Pro is a fully featured security program with a very clearly laid-out user interface. It identified 100% of our Mac malware samples,” stated AV-Comparatives testing organization in its Mac Security Test & Review.

Even though the amount of Mac-specific malware remains much lower compared to other platforms, in recent years, ESET Malware Research Lab has detected and identified over ten new malware families specifically targeting the platform. Recently, Google Project Zero revealed three security vulnerabilities in OS X.Learn more about ESET Virtualization Security and visit www.eset.com