ESET Internet Security valt in de prijzen bij AV Comparatives en Virus Bulletin

 ESET, wereldleider in cybersecurity, werd prijzen toegekend door AV Comparatives en Virus Bulletin, voor het Windows product ESET Internet Security.

AV Comparatives, een onafhankelijke organisatie met wereldwijde herkenning voor testen en certificering, kende ESET Internet Security de eerste plaats toe in zijn rapport Performance Test – Impact of Consumer Security Software on System Performance. ESET behaalde 99,7 punten uit een maximum van 100 punten, een nog betere score vergeleken bij de 98,5 punten die behaald waren in het 2018 rapport.  Het vlaggenschipproduct voor consumenten behaalde de vermelding “Zeer snel” in alle testen, met inbegrip van kopiëren van bestanden, manipulatie van archieven, installatie van apps, lancering, navigatie in websites en downloaden van content.

De test evalueert de impact van antivirussoftware op de prestaties van het systeem, omdat programma’s zoals antivirussoftware voor real-time bescherming een zekere percentage van de systeemcapaciteiten gebruiken terwijl ze op de achtergrond actief zijn. Van de 16 geteste leveranciers, behaalde ESET de eerste plaats.

Daarnaast behaalde ESET Internet Security de VB100 certificering in het rapport VB 100 Certification Report April 2019 van Virus Bulletin.  De certificering wordt toegekend aan software die voldoet aan een minimumnorm voor het detecteren van malware terwijl weinig of geen legitieme programma’s geblokkeerd worden. ESET behaalde een score van 100%, wat resulteert in een nieuwe VB100 certificering , de 119^de Virus Bulletin prijs.

Jiří Kropáč, verantwoordelijk voor de detectie van bedreigingen bij ESET, legt uit: “De erkenning van ESET als leider inzake consumentenbescherming bewijst onze toewijding om zowel consumenten als bedrijven de absolute top te bieden in IT security. Terwijl malware zich steeds verder ontwikkelt en een serieuse bedreiging is voor gebruikers en hun persoonlijke data, zijn we fier een betrouwbare oplossing aan te bieden zodat consumenten van de hele wereld veilig en beschermd zijn.”

Meer vernemen over het aanbod van ESET? Breng een bezoek aan ESET Internet Security.

ESET Internet Security récompensé par AV Comparatives et Virus Bulletin

ESET, leader global en cybersécurité, a été primé par AV Comparatives et Virus Bulletin pour son produit ESET Internet Security pour Windows.

AV Comparatives, une organisation indépendante de réputation mondiale dans le domaine de tests et de certification, a classé  ESET Internet Security en premier dans son rapport Performance Test – Impact of Consumer Security Software on System Performance (Test de performance – L’impact du logiciel de sécurité pour consommateur sur les performances système). ESET a obtenu 99,7 sur 100, une amélioration par comparaison aux 98,5 obtenus dans le rapport 2018. Le produit phare d’ESET a obtenu la mention ‘Très rapide’ dans tous les tests, y compris la copie de fichiers, la manipulation d’archives, l’installation d’applications, le lancement, la navigation sur les sites Web et le téléchargement de contenu.

Le test standard de l’industrie évalue l’impact des logiciels antivirus sur les performances du système, car des programmes de type antivirus de protection utilisent un certain pourcentage des ressources du système lorsqu’ils tournent en arrière-plan. Parmi les 16 fournisseurs évalués, ESET a obtenu la première place.

Par ailleurs, ESET Internet Security a été récompensé par la certification VB100, dans le rapport de Virus Bulletin d’avril 2019 - VB 100 Certification Report April 2019. La certification est octroyée aux logiciels qui réussissent une détection standard minimum de malware tout en bloquant peu ou pas de programmes légitimes. ESET a obtenu un résultat de 100%, ce qui correspond à une certification VB100 supplémentaire, portant le total à 119^e prix Virus Bulletin.

Jiří Kropáč, responsable de la détection des menaces chez ESET, explique : « La reconnaissance d’ESET comme leader en matière de protection du consommateur prouve notre engagement à fournir, tant au consommateur qu’aux entreprises, ce qu’il y a de meilleur en matière de sécurisation IT. Alors que le malware progresse et devient une menace toujours plus pertinente pour les utilisateurs et leurs données personnelles, nous sommes fiers de proposer une solution fiable qui permet aux consommateurs du monde entier d’être sécurisés et protégés. »

Pour en savoir plus sur l’offre d’ESET, visitez la page ESET Internet Security.

À propos d’ESET

Fondée en 1992, la société ESET est spécialisée dans la conception et le développement de logiciels de sécurité pour les entreprises et le grand public (avec respectivement les rangs de 4ème et 5ème mondial). Pionnier en matière de détection proactive des menaces véhiculées par l’Internet, ESET est aujourd’hui le leader dans ce domaine. Il est désigné comme l’unique Challenger dans le Magic Quadrant 2018 de Gartner, catégorie Endpoint Protection Platforms. À ce jour, l’antivirus ESET Nod32 détient le record mondial de récompenses décernées par le laboratoire indépendant Virus Bulletin depuis 1998. Les solutions ESET protègent aujourd’hui plus de 600 millions de postes dans le monde.

Survey: What should companies do to restore trust post-breach?

The ESET survey of thousands of people in Asia-Pacific (APAC) provides valuable insight into their perceptions of cyber-threats and various common aspects of online security

By Tomáš Foltýn

A full 58 percent of respondents in a recent survey in the Asia-Pacific region experienced a data breach in the past 12 months.

This is just one finding from the ESET APAC Consumer Survey 2018, which was carried out in Hong Kong, India, Indonesia, Malaysia, Singapore, Taiwan and Thailand between October and December 2018. In each country, it gathered input from 2,000 respondents.

Among other things, the survey sought to get a sense of people’s sentiments towards organizations that had suffered damaging security incidents, albeit not necessarily with direct implications for the respondents themselves.

After public trust in a company has been dented as a result of a breach or hack, the best way, according to many respondents, to begin undoing the reputational damage is simple: apologize and come clean on what happened and how it was resolved. This approach was favored by nearly one in every three (32%) people, whereas another 25% said that the key thing the company should do in such a scenario is provide proof that the right precautions are in place to prevent such incidents in the future.

Turning to another issue, the survey found that only three in every ten parents deploy parental controls on their children’s smart devices. That’s despite the fact that such tools can be helpful in ensuring that children only engage with platforms and content that is suitable and safe for their age.

Children, and not only they, may be exposed to a range of threats on social media, most often by sharing too many details of their lives. And this is precisely what many respondents appear to be doing, as nearly one third of them admitted to having shared the kind of information with strangers over social media that might help them commit identity theft or launch social engineering campaigns.

But so as not to end on a downer, almost 80% percent of all respondents indicated that they’re willing to learn and develop a better understanding of cyber-threats.

To be sure, these are just a few morsels of information that can be extrapolated from the survey. To learn more about the respondents’ views on these and other issues you may want to refer to the report itself. It covers a smorgasbord of topics, including password security, accessing the internet on smartphones, safe online shopping, and the implications of our use of social media for privacy and security. The report also provides a bunch of easy-to-apply tips and tricks for your online safety.

https://www.welivesecurity.com/2019/05/16/survey-eset-company-restore-trust-breach/?utm_source=feedburner&utm_medium=email&utm_campaign=Feed%3A+eset%2Fblog+%28ESET+Blog%3A+We+Live+Security%29

Verizon’s data breach report: What the numbers say

What are some of the most interesting takeaways from Verizon’s latest annual security report?

By Tony Anscombe  

Data breach, yawn. Those two little words that occur so frequently in the media and will have you switching off. Last week, Verizon released their 2019 Data Breach Investigations Report (DBIR) which provides valuable insight spanning across 86 countries and 41,686 incidents.

The executive summary of the DBIR articulates the issue perfectly in stating that “No organization is too large or too small to fall victim to a data breach. No industry vertical is immune to attack. Regardless of the type or amount of your organization’s data, there is someone out there who is trying to steal it”.

Numbers speak volumes, so here are the highlights of the report:

·         69% of attacks are perpetrated by outsiders

·         39% of all attacks are perpetrated by organized criminal groups

·         23% of bad actors are identified as nation-state or state affiliated

·         43% of breaches involved small businesses victims

·         52% of breaches involved hacking

·         33% included social attacks

·         28% involved malware

Are there any numbers here that shock you? Probably not at first glance. So, let’s consider the 2^nd tier of numbers: the DBIR finds that 34% of attacks involved an internal actor. That’s right, the person standing next to you at the coffee machine could be stealing company data or working with someone externally to steal company data.

On the inside

Two weeks ago, I attended the opening reception of a venture capital office in Silicon Valley. The fund focuses on cybersecurity companies, so, as you would expect, the interest of the attendees had a bias. One attendee was talking about an internal system using, in their words, “artificial intelligence” that the company had developed to profile employees on the probability that they could act negatively towards the company, for example steal data when leaving, or be part of a data breach or other activities that could be detrimental to the business.

Not all businesses have the resources, inclination or skill sets to profile employees in this way, or at least not yet. I am certain that within 10 years this will be a standard feature of a human resources system. The idea that employers may analyze every interaction that their employees have in the workplace will no doubt make many of us a little uncomfortable. It all feels too much like George Orwell’s book ‘1984’.

The interesting element is that a company has resorted to protecting itself from the human element, an issue that can evade cybersecurity solutions. I say ‘can’ as anti-phishing, data leakage prevention and such like do help protect from human mistakes causing incidents.

Meanwhile, financial gain is the most prevalent driver behind a data breach at 71%, according to the DBIR, as espionage came in second with 25%. This highlights that cybercrime is a business and can be very lucrative for those involved. If a data breach includes personal, credit card and CVC data, then the bad actors have a relatively simple opportunity to monetize their efforts.

What other stats say

Last week, ESET Asia Pacific (APAC) also released statistics, taken from 7 countries in the region with 2,000 respondents in each. There are some interesting similarities with 27% declaring a data breach was due to malware, compared with the DBIR’s 28%. Here are the takeaway numbers from the survey:

·         58% of respondents in APAC experienced a data breach in the past 12 months

·         27% suffered a “virus attack”

·         20% suffered a social media breach

·         19% had their personal data stolen and used

The survey also asked what actions a company should take once they are aware of a data breach:

·         32% said that the companies should apologize and inform customers what happened and how the problem was resolved

·         25% said that the companies should provide proof that the right systems were in put in place

Personally, I think companies should provide proof that the right systems were in place at the time of the breach and this was beyond their control. But then I have been the victim of a data breach in the last 12 months, and there is a blog post on its way later this month with more details.

Let’s conclude with a number of proactive steps that companies can take to tackle the issue of data breaches, including:

·         Limit access to company data to only those who need it

·         Patch and update software as soon as possible

·         Secure systems with two-factor-authentication (2FA)

·         Encrypt data in transit and at rest

·         Keep a watch on the threat from inside

·         Educate employees on the risk and how to be vigilant

·         Implement effective security solutions

https://www.welivesecurity.com/2019/05/13/verizon-dbir-what-numbers-say/?utm_source=feedburner&utm_medium=email&utm_campaign=Feed%3A+eset%2Fblog+%28ESET+Blog%3A+We+Live+Security%29

New Release of InterSystems HealthShare® Offers Provider Directory

InterSystems, a global leader in information technology platforms for health, business, and government applications, has released the 2019.1 version of the InterSystems HealthShare® suite of connected health solutions. HealthShare unites providers, patients, and payers with a unified care record and delivers foundational technology for connected health solutions. The newest member of the suite, HealthShare Provider Directory, offers a single source of truth for provider demographic and professional relationship information. With enhancements made to the clinical viewer, analytics, and interoperability, the latest version of HealthShare offers more functionality, scalability, communication, and extended decision support than ever before.

Inaccurate provider information has consequences – for patients, payers, and the providers themselves. Wrong telephone numbers and location information limits access to care. Inadvertently choosing an out-of-network provider can result in catastrophic healthcare bills. Health plans have been fined hundreds of thousands of dollars for publishing inaccurate directories. And, inaccurate information propagated across multiple clinical and administrative systems at a hospital or integrated delivery network can negatively impact efficiency and cash flow. A 2017-2018 CMS review of Medicare Advantage Organization provider directories found that nearly 49 percent of them contained inaccurate information.

To respond to this, InterSystems created the HealthShare Provider Directory module, a master data management solution that automates the process of collecting, consolidating, and publishing accurate provider information. It enables users to more easily comply with regulations, enhance customer service, and improve the efficiency of any business process that requires up-to-date and accurate provider information.

As part of the HealthShare 2019.1 release, InterSystems also renamed its flagship HealthShare product module, HealthShare Information Exchange, to HealthShare Unified Care Record to better reflect the robust functionality of the technology.

“Interoperability and information exchange are hot topics now, but technology can do better than simply moving data around. If these government initiatives are going to be the foundation for innovation in healthcare, organizations need to aggregate information and build upon a true unified care record – then put the data to use to improve the patient care experience, drive down costs, and improve the health of populations,” said Don Woodlock, vice president of InterSystems HealthShare.  “At InterSystems, we are committed to providing solutions that drive care coordination with enhanced intelligence to meet caregiver and patient needs.”

The latest HealthShare release also includes enhancements to its clinical viewer, expanded HL7® FHIR® capabilities, and out-of-the-box analytics functionality. InterSystems HealthShare 2019.1 is now available. To learn more, visit https://www.intersystems.com/products/healthshare/.

Des pirates informatiques volent 41 millions de dollars US de Bitcoin

 Tomáš Foltýn

Les voleurs ont pris le temps de peaufiner leur coup, avant de s’enfuir avec plus de 7000 Bitcoin d’un seul coup.

Binance, l’un des plus grands bureaux de change de cryptomonnaies au monde, a révélé qu’il a été victime d’une faille de sécurité majeure dans laquelle des pirates se sont emparés de quelque 41 millions de dollars US en Bitcoin.

Plusieurs méthodes, y compris les attaques d’hameçonnage et le déploiement de logiciels malveillants, ont été utilisées pour le vol, qui a été révélé mardi. Selon un avis de Changpeng Zhao, le fondateur et PDG du site d’échange, les criminels ont eu accès à un grand nombre de clés d’API utilisateur et de codes d’authentification à deux facteurs avant de compléter leur campagne avec le vol de 7074 Bitcoin dans le portefeuille Bitcoin de la société en une seule transaction.

« Les pirates ont eu la patience d’attendre et d’exécuter des actions bien orchestrées à travers de multiples comptes apparemment indépendants au moment le plus opportun. La transaction est structurée d’une manière qui a passé avec succès nos contrôles de sécurité existants, » explique M. Zhao.

Il a noté qu’un plus grand nombre de comptes d’utilisateurs ont pu être accédés par des pirates informatiques, car il est possible qu’il y ait « d’autres comptes affectés qui n’ont pas encore été identifiés. »

« Il est regrettable que nous n’ayons pas pu bloquer ce retrait avant qu’il ne soit exécuté. Une fois exécuté, le retrait a déclenché diverses alarmes dans notre système. Nous avons alors arrêté tous les retraits immédiatement, » ajoute ce dernier.

Le hot wallet, qui est connecté à Internet et utilisé pour effectuer des transactions, contenait environ deux pour cent des avoirs Bitcoin de l’entreprise. Tous les autres portefeuilles sont « sûrs et indemnes, » assure Zhao.

Tous les dépôts et retraits sont toujours suspendus et le resteront jusqu’à ce qu’un examen approfondi de la sécurité des systèmes et des données de l’échange soit effectué. Ces vérifications devraient durer une semaine.

Binance s’est engagée à couvrir les pertes des utilisateurs via le Secure Asset Fund for Users (SAFU), qui est son fonds d’assurance en cas d’urgence.

Les échanges de monnaies cryptographiques sont depuis longtemps parmi les cibles préférées des voleurs numériques. Bithumb, une autre importante plateforme de cryptomonnaies, a perdu près de 20 millions de dollars US il y a à peine quelques semaines, dans ce qui semblait être l’œuvre d’initiés malhonnêtes.