Artificial intelligence (AI) is doing wonderful things for many businesses. It’s helping to automate repetitive tasks for efficiency and cost savings. It’s supercharging customer service and coding. And it’s helping to unearth insight to drive improved business decision-making. Way back in October 2023, Gartner estimated that 55% of organizations were in pilot or production mode with generative AI (GenAI). That figure will surely be higher today.

Yet criminal enterprises are also innovating with the technology, and that spells bad news for IT and business leaders everywhere. To tackle this mounting fraud threat, you need a layered response that focuses on people, process and technology.

What are the latest AI and deepfake threats?
Cybercriminals are harnessing the power of AI and deepfakes in several ways. They include:

• Fake employees: Hundreds of companies have reportedly been infiltrated by North Koreans posing as remote working IT freelancers. They use AI tools to compile fake resumes and forged documents, including AI-manipulated images, in order to pass background checks. The end goal is to earn money to send back to the North Korean regime as well as data theft, espionage and even ransomware.
• A new breed of BEC scams: Deepfake audio and video clips are being used to amplify business email compromise (BEC)-type fraud where finance workers are tricked into transferring corporate funds to accounts under control of the scammer. In one recent infamous case, a finance worker was persuaded to transfer $25 million to fraudsters who leveraged deepfakes to pose as the company’s CFO and other members of staff in a video conference call. This is by no means new, however – as far back as 2019, a UK energy executive was tricked into wiring £200,000 to scammers after speaking to a deepfake version of his boss on the phone.
• Authentication bypass: Deepfakes are also being used to help fraudsters impersonate legitimate customers, create new personas and bypass authentication checks for account creation and log-ins. One particularly sophisticated piece of malware, GoldPickaxe, is designed to harvest facial recognition data, which is then used to create deepfake videos. According to one report, 13.5% of all global digital account openings were suspected of fraudulent activity last year.
• Deepfake scams: Cybercriminals can also use deepfakes in less targeted ways, such as impersonating company CEOs and other high-profile figures on social media, to further investment and other scams. As ESET’s Jake Moore has demonstrated, theoretically any corporate leader could be victimized in the same way. On a similar note, as ESET’s latest Threat Report describes, cybercriminals are leveraging deepfakes and company-branded social media posts to lure victims as part of a new type of investment fraud called Nomani.
• Password cracking: AI algorithms can be set to work cracking the passwords of customers and employees, enabling data theft, ransomware and mass identity fraud. One such example, PassGAN, can reportedly crack passwords in less than half a minute.
• Document forgeries: AI-generated or altered documents are another way to bypass know your customer (KYC) checks at banks and other companies. They can also be used for insurance fraud. Nearly all (94%) claims handlers suspect at least 5% of claims are being manipulated with AI, especially lower value claims.
• Phishing and reconnaissance: The UK’s National Cyber Security Centre (NCSC) has warned of the uplift cybercriminals are getting from generative and other AI types. It claimed in early 2024 that the technology will “almost certainly increase the volume and heighten the impact of cyber-attacks over the next two years.” It will have a particularly high impact on improving the effectiveness of social engineering and reconnaissance of targets. This will fuel ransomware and data theft, as well as wide-ranging phishing attacks on customers.

What’s the impact of AI threats?
The impact of AI-enabled fraud is ultimately financial and reputational damage of varying degrees. One report estimates that 38% of revenue lost to fraud over the past year was due to AI-driven fraud. Consider how:

• KYC bypass allows fraudsters to run up credit and drain legitimate customer accounts of funds.
• Fake employees could steal sensitive IP and regulated customer information, creating financial, reputational and compliance headaches.
• BEC scams can generate huge one-off losses. The category earned cybercriminals over $2.9 billion in 2023 alone.
• Impersonation scams threaten customer loyalty. A third of customers say they’ll walk away from a brand they love after just one bad experience.

Pushing back against AI-enabled fraud
Fighting this surge in AI-enabled fraud requires a multi-layered response, focusing on people, process and technology. This should include:

• Frequent fraud risk assessments
• An updating of anti-fraud policies to make them AI-relevant
• Comprehensive training and awareness programs for staff (e.g., in how to spot phishingand deepfakes)
• Education and awareness programs for customers
• Switching on multifactor authentication (MFA) for all sensitive corporate accounts and customers
• Improved background checks for employees, such as scanning resumes for career inconsistencies
• Ensure all employees are interviewed on video before hiring
• Improve collaboration between HR and cybersecurity teams

AI tech can also be used in this fight, for example:

• AI-powered tools to detect deepfakes (e.g., in KYC checks).
• Machine learning algorithms to detect patterns of suspicious behavior in staff and customer data.
• GenAI to generate synthetic data, with which new fraud models can be developed, tested and trained.

As the battle between malicious and benevolent AI enters an intense new phase, organizations must update their cybersecurity and anti-fraud policies to ensure they keep pace with the evolving threat landscape. With so much at stake, failure to do so might impact long-term customer loyalty, brand value and even derail important digital transformation initiatives.

AI has the potential to change the game for our adversaries. But it can also do so for corporate security and risk teams.

The post AI reshaping the fraud landscape and creating new risks appeared first on My Startup World - Everything About the World of Startups!.

In 2024, AV-Comparatives subjected 16 consumer security products for Windows to rigorous testing, evaluating their ability to protect against real-world Internet threats, identify recent malicious programs, defend against advanced targeted attacks, and provide protection without slowing down the PC. ESET HOME Security Essential emerged as the top performer, receiving the highest Advanced+ Award in all seven tests conducted throughout the year.

As stated in the AV-Comparatives´ Summary Report 2024, “Reviewers were impressed by the clean, intuitive user interface designed for non-expert users, as well as the extensive customization and scan options available for power users.”

Although the majority of vendors make auto-renewal mandatory, the report points out that, most commendably, ESET is among those vendors who do not impose auto-renewal on users. The report further highlights ESET HOME Security Essential as a well-designed and easy-to-use security product that provides safe default settings and essential features easily accessible to all users.

Andreas Clementi, founder and CEO of AV-Comparatives, commented on ESET’s recognition: “ESET’s performance throughout our 2024 tests has been consistently strong, earning high ratings across multiple categories. The awards reflect the product’s reliability in malware protection, usability, and system performance. ESET HOME Security Essential demonstrated a well-balanced approach, providing effective security without imposing a significant burden on the system, which many users will appreciate.”

“We are honored to be recognized as AV-Comparatives’ Product of the Year for 2024. This award is a testament to our commitment to providing high-performance, technologically advanced security solutions that protect digital lives of our customers without compromising their device performance. We will continue to innovate and enhance our products to address real-life cybersecurity and privacy needs of our users, so they can enjoy the full potential of themselves and their technology in a secure digital world,” said Viktória Ivanová, Vice President of Consumer and IoT Segment at ESET.

ESET HOME Security for Windows is designed to offer high-performance protection with low system impact, utilizing multilayered technologies that go beyond basic antivirus capabilities.

Click here to read the full AV-Comparatives’ Summary Report 2024.

The post ESET recognized as AV-Comparatives’ 2024 Product of the Year appeared first on My Startup World - Everything About the World of Startups!.

Available on a range of popular podcast platforms, including Apple Podcasts, Spotify, Amazon Music, Podcast Index, iHeart Radio, Pocket Casts, Deezer, Podcast Addict, Listen Notes and Podchaser, the first episode will air on “Trust in Technology—AI and Driverless Cars” where Anscombe and Bay discuss the public’s embrace and skepticism towards the technology.

“I’m excited to have Kirsten join me at Speakeasy Security – delivering a fresh perspective from her years working to help consumers, SMBs and enterprises manage cybersecurity risk,” said Tony Anscombe. “Each episode, Kirsten and I will explore how new technologies and AI advancements are impacting our personal and professional lives, and the cybersecurity and privacy implications. We will aim to make complex tech issues understandable and enjoyable, while offering practical tips and advice for both businesses and consumers.”

Kirsten Bay is a sought-after public speaker and respected leader in the cyber insurance industry. She brings 25 years of expertise in financial services, risk intelligence and cybersecurity to the podcast in her role as co-host. Anscombe is a 30-plus year security industry expert and established author, blogger and speaker on new policies, regulations and the cybersecurity threat landscape. Speakeasy Security will also continue to feature ESET’s leading researchers and threat detection experts, as well as recognized cybersecurity influencers and guests from across the tech universe.

“I am thrilled to join Speakeasy Security as a co-host and to explore how new technologies, smart devices and privacy-focused legislations will impact society and everyday users,” said Bay. “My goal with Tony is to offer thought-provoking insights and practical advice to help our audience navigate and stay secure in an ever-evolving digital landscape.”

For more information on Speakeasy Security, visit https://www.eset.com/us/about/newsroom/podcast-list/.

The post ESET introduces new Speakeasy security podcast series appeared first on My Startup World - Everything About the World of Startups!.

Online gambling is big business. Topping revenue of $84bn in 2023, the business of online casinos, virtual poker and sports betting is on the rise. It’s been helped in no small part by the Supreme Court, whose ruling several years ago effectively allowed US states to legalize sports betting. But as the industry grows and new users come online, scammers looking for quick wins are also targeting the online betting and gambling space in ever greater numbers.

From nefarious online casinos to malicious apps and phishing messages, the list of potential fraud channels continues to grow. If you’re fond of a flutter, take a look at the most common scams we’ve highlighted below, and arm yourself with the knowledge to stay safe.

Top 6 gambling and betting scams
Fraudsters will usually reach their victims via similar channels: that means email, messaging apps and social media, as well as malicious casino sites, gambling apps and potentially even betting forums. Here are some of the most common threats:

1. Phishing
A social engineering technique as old as the internet, it’s no surprise that gambling scammers are also using phishing to achieve their goals. The trick is to impersonate a legitimate online casino or betting company and persuade the victim into handing over their personal and/or financial details – or give you their account logins.

These messages – usually sent via email, but also by social media, messaging apps or text – may contain promises of special offers, designed to lure the victim. Or they could pretend there’s something wrong with their account that needs urgently addressing (usually by filling in login details). The scammer will aim to create a sense of urgency in order to rush the victim into acting without thinking things through properly first. Legitimate branding and spoofed sender domains/phone numbers add further legitimacy.

2. Task scams
The FTC recently warned of a growing threat from a specific type of online job scam in which victims are approached about work, usually via unsolicited messages on WhatsApp or similar. The scammers promise easy work on vaguely worded tasks such as “app optimization” or “product boosting” – where they are told they’ll receive money in return for liking rating products via a specialized app. They may even receive a small sum as supposed evidence that the scheme is legitimate.

However, before long, the scammers ask their victims to put their own money into the scheme, in order for them to complete the next set of tasks. Once they do, the money will be lost forever. Losses reportedly hit $220m for the first six months of 2024 alone. Although not strictly speaking a betting scam, the gamification element has been described as “almost like gambling.”

3. Malicious casinos
Not all online casinos are created equal. In fact, some are merely a front for fraudulent activity. They might offer huge welcome bonuses, high returns and unlimited free spins in order to attract victims. These offers may be promoted by online ads or spam emails/texts/social messages. In reality, you’ll find that these too-good-to-be-true promises do not bear scrutiny. Often the small print will make it impossible for you to take advantage or collect any winnings without losing something yourself.

Nefarious casinos may also block withdrawals with technical excuses or excessively long account verification processes. They might even disappear altogether after stealing enough player deposits.

4. Fake apps
Fraudulent apps are also an increasingly common way to part gamblers with their money. Victims are attracted to them via flashy internet ads promising quick-and-easy wins. They may be backed by phishing/fake sites populated by fake reviews of the app – something easy to do now in various local languages with AI tools. In some cases, users may even initially be allowed to win small amounts, in order to build their confidence and encourage them to make bigger bets. When they do, any winnings will be locked and the scammers disappear.

One recent example of the threat was a campaign involving 500 deceptive ads and 1,377 malicious websites.

5. Scam tipsters
You should also beware of anyone claiming to offer insider tips online. Betting fraudsters may claim they have an unbeatable system. They may also say that they’ve been banned by digital gambling sites because they keep on winning, forcing them to pass on their tips to betters like you in return for payment.

But, of course, it’s all a lie. Sometimes, such scams can come from unusual sources – such as a world-class poker player who is now facing jail time after fraudulently promising access to “insider information” to give players a winning edge.

6. Fixed-match scam
This is similar to the above example, except the scammer will begin by finding a group of people interested in fixed matches: say 30 individuals. The tipster will request payment from each up front and tell 10 to bet on one outcome, 10 to bet on another and 10 to bet on a third. (In most sports matches, there are only three possible outcomes).

The 10 individuals for whom the tipster predicted the correct result now think they have just betted on a genuine fixed match, and will be incentivized to put more money on the next match. Those who didn’t win will be blocked by the scammer.

Top tactics for ensuring a safer betting experience

To keep the scammers at arm’s length, be sure to:

• Stick to verified and licensed gambling platforms, with regulatory approval.
• Be skeptical of any offering big bonuses and unlimited free spins, and always read the small print – offers like massive bonuses or unlimited free spins often come with hidden catches.
• Switch on multi-factor authentication (MFA) on any account to add an extra layer of security to your accounts and protect your logins from unauthorized access.
• Never share personal or financial information, including logins, via unsolicited messages or questionable sites.
• Check your bank and betting accounts regularly to spot any unusual activity.
• Steer clear of tipsters who approach you online, especially those claiming insider knowledge or access to fixed matches.
• Ignore ads and individuals tied to new social media account; instead, stick to platforms and individuals with a credible history.
• Only download apps from legitimate stores (i.e., Apple App Store and Google Play) and check ratings/developer reviews before doing so.

Like any online activity, gambling comes with its own set of risks. Bet responsibly, and stay safe out there.

The post How to avoid online betting scams appeared first on My Startup World - Everything About the World of Startups!.

In this cyberespionage operation, the attackers replaced the legitimate installer with one that also deployed the group’s signature implant, which ESET has named SlowStepper — a feature-rich backdoor with a toolkit of more than 30 components. The China-aligned threat actor has been active since at least 2019, engaging in espionage operations against individuals and entities in mainland China, Taiwan, Hong Kong, South Korea, the United States, and New Zealand.

“In May 2024, we noticed detections of malicious code in an NSIS installer for Windows that users from South Korea had downloaded from the website of the legitimate VPN software IPany. In further analysis, we discovered that the installer was deploying both the legitimate software and the backdoor. We contacted the VPN software developer to inform them of the compromise, and the malicious installer was removed from their website,” says ESET researcher Facundo Muñoz, who made the discovery.

Additionally, PlushDaemon gains initial access via the technique of hijacking legitimate updates of Chinese applications by redirecting traffic to attacker-controlled servers. ESET has also observed the group gaining access via vulnerabilities in legitimate web servers.

The SlowStepper backdoor is used exclusively by PlushDaemon. This backdoor is notable for its multistage C&C protocol using DNS, as well as its ability to download and execute dozens of additional Python modules with espionage capabilities.

The malware collects a wide range of data from web browsers; is capable of taking photos; scans for documents; collects information from various applications, including messaging applications (e.g., WeChat, Telegram); can spy via audio and video; and steals password credentials.

“The numerous components in the PlushDaemon toolset, and its rich version history, show that, while previously unknown, this China-aligned APT group has been operating diligently to develop a wide array of tools, making it a significant threat to watch out for,” concludes Muñoz.

The post ESET Discovers New China-aligned APT Group PlushDaemon appeared first on My Startup World - Everything About the World of Startups!.

There was a time when the boundary between cybercrime and state-aligned threat activity was rather easy to discern. Cybercriminals were fuelled solely by the profit motive. And their counterparts in the government carried out mainly cyberespionage campaigns, plus the occasional destructive attack, to further their employers’ geopolitical goals. However, in recent months, this line has begun to dissolve, including when it comes to ransomware, a trend also noted by ESET’s latest Threat Report.

This has potentially major implications for IT and security leaders – not only increasing the risk of attack, but also changing the calculus around how to mitigate that risk.

Blurred lines in cyberspace
One could argue that ransomware attacks launched by state-sponsored hackers is, in fact, nothing new. In 2017, North Korea-affiliated operatives are thought to have launched WannaCry (aka WannaCryptor), the first ever global ransomworm. It was only halted after a security researcher stumbled upon and activated a “kill switch” hidden in the malicious code. In the same year, state-sponsored hackers launched the NotPetya campaign against Ukrainian targets, although in this case it was actually destructive malware disguised as ransomware in order to throw investigators off the scent. In 2022, ESET observed the Russian Sandworm group using ransomware in a similar way: as a data wiper.

The line between state-backed operations and financially motivated crime has been blurring ever since. As we also noted a while back, many dark web vendors sell exploits and malware to state actors, while some governments hire freelance hackers to help with certain operations.

What’s happening today?
However, these trends appear to be accelerating. Specifically in recent past, ESET and others have observed several apparent motives:

Ransomware to fill state coffers
Government hackers are deliberately using ransomware as a money-making tool for the state. This is most obvious in North Korea, where threat groups also target cryptocurrency firms and banks with sophisticated mega-heists. In fact, it’s believed they made about $3bn in illicit profits from this activity between 2017 and 2023.

In May 2024, Microsoft observed Pyongyang-aligned Moonstone Sleet deploying custom ransomware dubbed “FakePenny” on the next works of several aerospace and defense organizations, after first stealing sensitive information. “This behavior suggests the actor had objectives for both intelligence gathering and monetization of its access,” it said.

North Korean group Andariel is also suspected to have provided initial access and/or affiliate services to the ransomware group known as Play. That’s because Play ransomware was spotted in a network previously compromised by Andariel.

Making money on the side
Another motive for state involvement in ransomware attacks is to let government hackers earn some money from moonlighting. One example is Iranian group Pioneer Kitten (aka Fox Kitten, UNC757 and Parisite) which has been spotted by the FBI “collaborating directly with ransomware affiliates to enable encryption operations in exchange for a percentage of the ransom payments.”

It worked closely with NoEscape, Ransomhouse, and ALPHV (aka BlackCat) – not only providing initial access, but also helping to lock down victim networks and collaborate on ways to extort victims.

Throwing investigators off the scent
State-linked APT groups are also using ransomware to cover up the true intent of attacks. This is what the China-aligned ChamelGang (aka CamoFei) is believed to have done in multiple campaigns targeting critical infrastructure organizations in East Asia and India, as well as the US, Russia, Taiwan and Japan. Using the CatB ransomware in this way not only provides cover for these cyber-espionage operations, but also enables operatives to destroy evidence of their data theft.

Does attribution matter?
It’s obvious why government-backed groups are using ransomware. At the very least, it provides them with a useful cover of plausible deniability which can confuse investigators. And in many cases, it does so while increasing state revenue and helping to motivate government-employed hackers who are often little more than poorly paid civil servants. The big question is whether it really matters who is doing the attacking? After all, Microsoft has even uncovered evidence of government agencies outsourcing work wholesale – although in the case of Storm-2049 (UAC-0184 and Aqua Blizzard, no ransomware was involved.

There are two schools of thought here. On the one hand, best practice security advice should still ring true – and be an effective way to build resilience and accelerate incident response—whoever is doing the attacking. In fact, if state-aligned APT groups end up using cybercrime tactics, techniques and procedures (TTPs), this may even benefit network defenders, as these are likely to be easier to detect and defend against than sophisticated custom tools.

However, there’s also an argument for saying that understanding one’s adversary is the essential first step to managing the threat they pose. This is explained in the 2023 research report, Cyber Attacker Profiling for Risk Analysis Based on Machine Learning: “One of the essential components of cyber security risk analysis is an attacker model definition. The specified attacker model, or attacker profile, affects the results of risk analysis, and further the selection of the security measures for the information system.”

Fighting back
That said, if you don’t know the identity of your adversary, there are still ways to mitigate the impact of their ransomware attacks. Here are 10 best practice steps:

• Tackle social engineering with updated security training and awareness programs
• Ensure accounts are protected with long, strong and unique passwords and multifactor authentication (MFA)
• Segment networks to reduce the “blast area” of attacks and limited lateral movement
• Deploy continuous monitoring (endpoint detection and response or managed detection and response) to identify suspicious behavior early on
• Regular test the effectiveness of security controls, policies and processes to drive continuous improvement
• Deploy advanced vulnerability and patch management tools

Ensure all sensitive assets are protected by multi-layered security software from a reputable supplier, including for desktops, servers and laptops/mobile devices

• Invest in threat intelligence from a trusted partner
• Perform regular backups in line with best practice
• Devise an effective incident response strategy and practice periodically

According to one estimate, organized crime accounted or 60% of data breaches last year, versus just 5% attributed to nation states. But the latter share is growing, and the breaches themselves could have an outsized impact on your organization. Continued awareness and proactive risk management are essential.

The post State-aligned APT Groups increasingly deploying ransomware appeared first on My Startup World - Everything About the World of Startups!.

Social media saw a flood of new scams cropping up, using deepfake videos and company-branded posts to lure victims into fraudulent investment schemes. These scams, tracked by ESET as HTML/Nomani, saw a 335% increase in detections between reporting periods. Countries with the most detections were Japan, Slovakia, Canada, Spain, and Czechia.

“The second half of 2024 seems to have kept cybercriminals busy finding security loopholes and innovative ways to expand their victim pool, in the usual cat-and-mouse game with defenders. As a result, we’ve seen new attack vectors and social engineering methods, new threats skyrocketing in our telemetry, and takedown operations leading to shake-ups of previously established ranks,” says ESET Director of Threat Detection Jiří Kropáč.

Among infostealers, notorious “infostealer-as-a-service” Redline Stealer was taken down by international authorities in October 2024. But it is expected that Redline Stealer’s demise will lead to the expansion of other similar threats. The ransomware landscape was reshaped by the takedown of former leader LockBit, creating a vacuum to be filled by other actors. RansomHub, a ransomware-as-a-service, stacked up hundreds of victims by the end of H2 2024, establishing itself as the new dominant player. China-aligned, North Korea-aligned, and Iran-aligned APT groups have been getting more involved in ransomware attacks.

With cryptocurrencies reaching record values in H2 2024, cryptocurrency wallet data was one of the prime targets of malicious actors. In our telemetry, this was reflected in a rise in cryptostealer detections across multiple platforms. The increase was the most dramatic on macOS, where so-called Password-Stealing Ware – heavily targeting cryptocurrency wallet credentials – more than doubled compared to H1. AMOS (also known as Atomic Stealer), malware designed to collect and exfiltrate sensitive data from Mac devices, was a significant contributor to this increase. Android financial threats, targeting banking apps as well as cryptocurrency wallets, grew by 20%.

The post ESET reports deepfakes are flooding social media and Formbook is now No.1 infostealer appeared first on My Startup World - Everything About the World of Startups!.

The modern smartphone has become an indispensable piece of technology. These powerful, pocket-sized computers enable us to do everything from hailing cabs to consulting with our local doctor. But costs can be prohibitive. Unsurprisingly, second-hand and refurbished devices have become an increasingly popular option, providing access to premium technology at a fraction of the price and appealing to budget-conscious consumers or those seeking sustainability.

Smartphones are also often among the most desired gifts during the holiday season. The latest models may be out of reach for many due to their high price, so second-hand phones present a more affordable option for gift-givers.

Also, any people upgrade their smartphones during the holiday season, either as gifts to themselves or because they’ve received a new phone as a present. This creates a secondary market for pre-owned devices as they sell or trade in their old models.

The key problem is not knowing what condition these devices will arrive in. To avoid unwittingly exposing yourself to cyber-risk, take time out to consider the following tips.

What are the risks of pre-owned phones?
Thanks to persistently high interest rates and inflation across much of the Western world, second-hand phones are increasingly commonplace. In fact, sales generated over $13bn globally in the first quarter of 2023 alone, up 14% annually, according to one estimate. In a mature market like the UK, a quarter of all phones sold in 2023 were reportedly second-hand or refurbished.

Yet this comes with certain cybersecurity risks. These include:

Outdated software
Some devices may no longer be supported by the manufacturer, meaning the underlying operating system doesn’t receive software updates. That’s bad news from a security perspective, as it means that when vulnerabilities are found by researchers or threat actors, your device won’t get a security patch to fix it. It will effectively be exposed to attackers. One 2020 study in the UK found that nearly a third of models being resold were no longer supported with security updates.

Malware
In some cases, a previous owner may even have (unwittingly or not) installed malicious software on the phone. This may be designed to do a variety of things, from steal your personal information and passwords to snoop on your calls and messages. It may even flood the device with unwanted ads or subscribe you to premium-rate services. The end goal is usually to make money in some way off you, either by stealing personal and financial information for use in fraud or digital extortion. 

No refurbishment checks
Some pre-owned phones may not have undergone the kind of checks that reputable second-hand sellers perform to ensure they are operational and running on a supported OS. This may expose you to some of the risks outlined above.

How to avoid cyber risks on second-hand devices
Mitigating these risks takes a multi-pronged approach, starting with due diligence during the buying process. That effectively means doing your research. Second-hand devices are available from a wide variety of sources, from manufacturers themselves to high-street retailers, telcos, and private sellers. Put the time in to make sure the seller has good reviews and their offer is legitimate. A warranty of at least a year should be a baseline requirement to ensure quality.

It’s also best to avoid jailbroken or rooted devices, as these may have had security features disabled which make them more exposed to threats.

Also, only choose devices that are still supported by the manufacturer; usually, phone-makers will support a handset for at least 2-3 years after it is released.

To further mitigate security risks, consider the following after purchase:

• do a full factory reset, wiping any data that may have been left on the device by the previous owner, including contacts, photos, messages, browsing history, passwords and apps,
• update all the software on the device after purchasing to the latest, most secure version, and switch on automatic updates,
• keep an eye out for tell-tale signs that it might be compromised with malware, such as unwanted pop-ups or ads, apps appearing that you didn’t download, or sluggish performance and unusually high battery usage
• install security software from a reputable provider and have it scan the device for threats.

Once your device is up and running, consider the following best practices to mitigate ongoing security risks:

• set up a screen lock and PIN, password, or biometric authentication (face recognition/fingerprint scan) for secure access
• backup your data and set to automatic backups to the cloud in case the device is lost or stolen
• delete any unused apps to minimize your attack surface
• switch on device encryption for an extra layer of security
• always use multi-factor authentication to access your device and any software/accounts on it
• turn Bluetooth, tethering or Wi-Fi off when not in use, to avoid eavesdroppers snooping around
• check your app permissions – if some apps are requesting access to more than is necessary, that should be a red flag
• only download apps from official app stores and from reputable developers
• be on the lookout for phishing messages and emails. If in doubt, never click on links or open attachments contained in these messages. Always contact the supposed sender separately first, or open the message on a more secure machine
• avoid using public Wi-Fi without a VPN.

If you’re still concerned about your pre-owned phone exposing you to security risks, don’t access any sensitive information or accounts when using it – such as mobile banking or syncing with your corporate accounts. In fact, if your employer allows BYOD handsets in the workplace, there may be an additional set of rules and policies you need to follow to ensure that your second-hand device can be used. The risks outlined above could be amplified if threat actors manage to use your handset as a stepping stone to reach corporate data and systems.

That said, there’s no reason why a pre-owned phone should cause undue stress and security risk, as long as you follow these best practices. And if you decide to hand it on to someone else, remember to perform a full backup, data erasure and factory reset.

The post How to secure your pre-owned phone appeared first on My Startup World - Everything About the World of Startups!.

KuppingerCole’s Leadership Compass recognizes ESET both as a Product and Market Leader for its ESET PROTECT MDR solution, emphasizing the benefits of its fully integrated, cloud-native platform with flexible and rapid deployment capabilities. The report highlights the service’s simple pricing model as well as the new standard tier tailored to the needs of small and medium enterprises (SMEs). ESET PROTECT MDR provides cross-industry, multi-regional insights, strong ransomware/extortion detection, and excellent blocking capabilities.

“ESET PROTECT MDR caters to organizations across the spectrum, from nimble startups to large enterprises,” said Warwick Ashford, Senior Analyst at KuppingerCole, and author of the report. “What sets this solution apart is its ability to deliver rapid response times, robust threat intelligence, and strong ransomware protection, all while offering strong compliance and localization support.”

Delivered via the ESET PROTECT Platform, it also stands out for its additional advantages as a 20-minute Mean Time to Respond (MTTR) and a generative AI assistant in the form of the ESET AI Advisor, for proactive security insight. These features make ESET a versatile and reliable solution for organizations of all sizes and maturity levels.

“Being named a Product and Market Leader in KuppingerCole’s Leadership Compass for MDR reflects our dedication to innovation and excellence in cybersecurity,” said Michal Jankech, Vice President, Enterprise & SMB/MSP at ESET. “Organizations are seeking solutions that provide both proactive detection and rapid response. ESET PROTECT MDR is designed to meet these demands, ensuring businesses stay resilient and protected,” he added.

The recognition comes at a time when MDR solutions are more critical than ever. As cyber threats grow in complexity and frequency, organizations face great challenges, including endpoint vulnerabilities, phishing attacks, and ransomware campaigns. Compounding these issues is a widespread cybersecurity skills shortage, which makes it increasingly difficult for businesses to manage threats internally. MDR solutions, particularly those leveraging advanced AI and machine learning technologies, are essential tools for combating these challenges. They provide critical support for organizations lacking in-house security capabilities, and offer advanced threat detection, rapid response, and proactive risk mitigation strategies to address evolving cyber risks.

ESET has also been named a Product and Innovation Leader in the recent KuppingerCole’s Leadership Compass report on Endpoint Protection Detection and Response (EPDR). The authoritative guide to the EPDR market segment acknowledged ESET for its robust and innovative ESET PROTECT Platform, which integrates the Extended Detection and Response (XDR) enabling ESET Inspect, and ESET Threat Intelligence, among many other modules.

The post ESET recognized by KuppingerCole as a Market and Product Leader appeared first on My Startup World - Everything About the World of Startups!.

As nuanced as cybersecurity is, it is a necessity that requires organizations to cover their unique needs comprehensively, often beyond the capabilities of a single security vendor. Developing security maturity by employing multiple solutions, aggregating, and correlating vast amounts of data across several vendors, can be a daunting task. As such, there is a demand for seamless integration among solutions to simplify workflows, reduce manual effort, and enhance efficiency, all while fulfilling numerous compliance requirements.

To this end, ESET is continuing its integrations journey with IBM QRadar SIEM. The integration between the ESET PROTECT Platform and IBM QRadar SIEM leverages ESET’s AI-native cybersecurity platform with QRadar’s security information and event management (SIEM) capabilities. This enables threat data from ESET to be ingested by QRadar SIEM, providing visibility, and actionable insights to enhance enterprise security. In one stroke, this addresses challenges in monitoring endpoint activities and identifying threats across multiple perimeters in an organization.

ESET understands that such integrations can reduce complexity, while promoting better cyber hygiene, thus, significantly increasing the level of an organization’s security, and upgrading its threat hunting and incident response capabilities. This should help security analysts make fast, but satisfactory, security decisions, raising the quality and efficiency of their processes.

To that end, ESET is also integrating with Microsoft Sentinel, enabling organizations to ingest ESET threat detection data into MS Sentinel for advanced monitoring, analytics, and incident response. The data connector, developed by ESET, uses REST API to automate the retrieval of detection logs, providing continuous security insights in a centralized platform. This integration reduces manual intervention by automating data transfer, correlating endpoint data with cloud security, and streamlining incident management, which can often be quite complicated.

“As customers consolidate their cybersecurity stacks, and demand seamless integrations, ESET delivers exactly what they need. Our AI-native ESET PROTECT Platform, with its powerful detection engine, seamlessly integrates with major SIEM players, Microsoft Sentinel, and IBM QRadar SIEM, to provide extensive visibility into their environments. These integrations offer actionable rapid detection, shifting the focus from slow remediation and complexity to early prevention and enhanced security efficiency. Ultimately, this ensures our customers achieve a more streamlined, effective, and proactive cybersecurity posture,” said Pavol Balaj, Chief Business Officer at ESET.

The post New security integrations enhances ESET PROTECT Platform appeared first on My Startup World - Everything About the World of Startups!.