DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Elektrobit and Argus Cyber Security announce industry-first automotive switch firmware pre-integrated with cyber security functionality

Elektrobit | September 15, 2022 | Read time : 02:50 min

Elektrobit
Elektrobit, a visionary global vendor of software products for the automotive industry, and Argus Cyber Security, a world leader in cyber security products and services for mobility platforms, today announced the launch of EB zoneo SwitchCore Shield, an industry-first pre-integrated solution of embedded intrusion detection and prevention (IDPS) functionality within advanced network management systems for next-generation vehicles.

The joint solution is an automotive-grade switch firmware for E/E architectures that pre-integrates Argus Ethernet IDPS, a cyber security protection layer for automotive Ethernet networks, as an embedded module. This production-ready solution reduces carmakers' integration costs and risks while accelerating new vehicles' time to market. Building upon decades of automotive expertise from Elektrobit and Argus, this breakthrough solution allows carmakers to evaluate data detected and quickly determine actions required to confront an attempted cyber-attack.

Adding a layer of intelligence and cyber protection to automotive Ethernet switches, facilitates the management of the growing number of network functions required to enhance the scalability, safety, and security of vehicles. By offloading network and cyber-related tasks to the switch firmware, it optimizes the microcontroller unit's computational resource consumption.

EB zoneo SwitchCore Shield also enables carmakers to comply with emerging cyber security regulations, such as UN R155 and Chinese GB/T, and also takes security a step further, providing an additional layer of threat prevention via Argus Ethernet IDPS for increased interoperability with Classic AUTOSAR systems.

"We developed EB zoneo SwitchCore Shield to fill the gap between the cyber security domain and the advanced networking needed for next-gen, software-defined vehicles. "We're helping carmakers to save time and money by providing a pre-integrated solution built to meet the highest levels of safety and security regulations."

Mike Robertson, head of product and strategy management, Elektrobit

About Elektrobit
Elektrobit is an award-winning and visionary global vendor of software products and services for the automotive industry. A leader in automotive software with over 35 years serving the industry, Elektrobit's software powers over five billion devices in more than 600 million vehicles and offers flexible, innovative solutions for car infrastructure software, connectivity & security, automated driving and related tools, and user experience. Elektrobit is a wholly-owned, independently-operated subsidiary of Continental.

About Argus Cyber Security
Argus is a global leader in cyber security for connected mobility, providing products and services for embedded automotive systems and backend, fleet-level security functions. Founded in 2014, Argus is headquartered in Tel Aviv, Israel, with offices in Michigan, Stuttgart, Paris, Tokyo, and Seoul. Argus is an independent subsidiary of Elektrobit, a leading provider of automotive software products and services.

Spotlight

Attackers continue to optimize and refine target selection by finding central strategic targets More than half a billion records of personally identifiable information (PII) such as names, emails, credit card numbers and passwords were leaked in 2013—and these security incidents show no signs of stopping. HALF A BILLION REASONS Why data security still faces major challenges Attackers continue to successfully use operational sophistication as demonstrated by: A single payment processor breach resulting in coordinated ATM heists in more than 24 countries for a ten-hour spree netting $45 million.


Other News
DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Absolute Software Unveils New Product Innovations for Resilient Zero Trust

Absolute | December 01, 2022

Absolute Software™ , the only provider of self-healing, intelligent security solutions, today announced new product innovations, empowering customers with deeper visibility and intelligence, expanded software integrations, and a refreshed user experience through its latest updates to Absolute Secure Endpoint and Absolute Secure Access. These product releases continue the company’s investment in bringing together the combined power of Absolute Secure Endpoint and Absolute Secure Access with our unique, firmware-embedded self-healing capability, enabling customers to achieve truly resilient Zero Trust environments and deliver an optimal user experience. This announcement builds on the launch of Absolute ZTNA – the industry’s first self-healing Zero Trust Network Access (ZTNA) solution – and Absolute Insights™ for Endpoints and Network, providing unparalleled intelligence into device, application, and network performance. Embedded in more than 600 million devices, Absolute is the only intelligent security solutions provider capable of delivering visibility, control, and resiliency across endpoints, applications, and network connections. The Absolute Platform enables IT and security teams to ensure their endpoints remain compliant and mission-critical applications remain operational, and empowers them to transition from traditional VPNs to a resilient Zero Trust approach without hindering security or user productivity. A recent 451 Research report validates Absolute’s differentiated platform approach and capabilities, saying: Too often, organizations don’t fully consider the resilience of the deployed zero-trust environment, and network access and device security are handled independently. It’s a situation that complicates security operations and one that can impact employee productivity. “Our common platform addresses a wide range of market needs, as we have the unique ability to apply self-healing capabilities to devices, applications, and network access. “Organizations are acknowledging that they need resilience-focused Zero Trust approaches, capable of integrating endpoint and access assessments at every step. By providing the critical components needed to achieve that resiliency - deep visibility, intelligence, and firmware-embedded Persistence - we are enabling them to not only protect devices, data, and users but also ensure critical controls are operating at maximum efficacy.” John Herrema, EVP of Products and Strategy at Absolute New capabilities available to Absolute Secure Endpoint customers in the latest product release include: Public API Expansion: The latest Absolute Secure Endpoint release adds new Public APIs to our existing library, allowing customers and partners to integrate our device actions into their existing workflows - significantly improving the efficiency of their existing workflows and enhancing automation capabilities. Absolute Connector for ServiceNow™: The Absolute Connector for ServiceNow enables joint customers to access Absolute’s comprehensive asset intelligence and single source of truth within their ServiceNow platform environment – enabling them to efficiently respond to service requests, supplement their ServiceNow workflows, and rapidly demonstrate compliance. Expanded Application Resilience™ Catalog: The Absolute Application Resilience catalog now includes support for more than 60 critical security applications that IT and security administrators can self-heal across their endpoints. Recent additions include WinMagic® MagicEndpoint™, Dell™ Trusted Device, Deep Instinct™, Norton 360™, OPSWAT™, UNOWHY™, Aranda Software™, and Pixart® MDM. The company also announced upcoming server and client enhancements to Absolute Secure Access, including: New Look and Feel: The names, status icons, fonts, and colors have been updated to reflect new product names and refreshed corporate brand; the core functionality and upgrade experience remain smooth and easy. SaaS Enhancements: The SaaS offering adds native NAT capabilities and enhanced alerting. Enhanced 5G Telemetry and Detection: Insights for Network dashboards that display cellular coverage, signal quality, and usage now include the 5G mid-band spectrum, and reflect improved 5G sensitivity. Deeper Visibility: The Secure Access/webService API has been enhanced, offering programmatic access to key pool performance metrics, including status information for our Active/Active server infrastructure. Faster NAC Checks: NAC capabilities are optimized, significantly reducing the time it takes for the VPN to connect and begin tunneling traffic. Android Client Enhancements: Collecting network telemetry on Android devices can now be done with the screen off to improve battery life, ensuring that administrators have actionable device and network information even if a device is in sleep mode. The Android cryptographic libraries providing FIPS 140-2 cryptography are also updated. The features included in the latest Absolute Secure Endpoint release are available now. For additional details, including which are available to Control, Visibility, or Resilience tier customers, visit here. The company expects to make Absolute Secure Access updates available to customers in January 2023. About Absolute Software Absolute Software is the only provider of self-healing, intelligent security solutions. Embedded in more than 600 million devices, Absolute is the only platform offering a permanent digital connection that intelligently and dynamically applies visibility, control and self-healing capabilities to endpoints, applications, and network connections - helping customers to strengthen cyber resilience against the escalating threat of ransomware and malicious attacks. Trusted by 18,000 customers, G2 recognized Absolute as a leader for the eleventh consecutive quarter in the Fall 2022 Grid® Report for Endpoint Management and as a high performer in the Grid Report for Zero Trust Networking.

Read More

DATA SECURITY, SOFTWARE SECURITY

Accenture Named a Leader in European Managed Security Service Providers by Independent Analyst Firm

Accenture | September 13, 2022

Accenture has been named a Leader in the latest Forrester Research report on European managed security service (MSS) providers, which notes that Accenture sets itself apart from the rest of the market by the way in which it develops assets that are embedded in its services for the benefit of clients. The report — "The Forrester Wave™: European Managed Security Service Providers, Q3 2022" — includes a comprehensive 39-criteria assessment of the top 10 cybersecurity consulting providers across three high-level categories: “Current Offering”; “Strategy”; and “Market Presence.” Client references and buyer feedback were also factored into each criterion evaluated in the report. Accenture received the highest score in the Current Offering category among competitors evaluated, with the highest possible score in twelve criteria, including: data sovereignty and European service delivery; managed application security; business and technical value; product vision; execution roadmap; innovation roadmap; and partner ecosystem. The report says that: Accenture stands out for its vision roadmap, with several planned items focusing on emerging CISO [chief information service officer] needs for managed services providers. Accenture also continues to set the standard for strong partnerships to drive unique technology and services IP. When noting how Accenture sets itself apart by developing assets that are embedded in services for clients, the report said that one particularly strong example of this was its Intelligent Application Security Platform (IASP), which delivers significant value for developers within its application security services. Reference customers praise the flexible personnel, highly competent technical staff, and strong partnership approach. Accenture is a good match for customers who want end-to-end security capabilities that deliver a wide array of managed services. “We’re on a mission to make cybersecurity a priority for business leaders in Europe, and our managed security services team can help clients navigate the challenges. “It’s an honor to be recognized for our work helping clients build better defenses and strengthen their cybersecurity capabilities. Because cyber risk is a constantly moving target, we help our clients identify not only existing threats but also emerging threats to their enterprises.” Jacky Fox, who leads Accenture Security in Europe In addition to being named a Leader among European MSS providers by Forrester, Accenture was recently named the No. 1 cybersecurity service provider by HFS Research and positioned as a Leader in the latest IDC MarketScape analysis of managed security services (MSS) providers in Europe. In 2021, Accenture was positioned as a Leader in two Forrester reports on cybersecurity: The Forrester Wave™: Global Cybersecurity Consulting Providers, Q4 2021 and The Forrester Wave™: European Cybersecurity Consulting Providers, Q3 2021. More information on Accenture in “The Forrester Wave™: European Managed Security Service Providers, Q3 2022” report can be found here. About Accenture Accenture is a global professional services company with leading capabilities in digital, cloud and security. Combining unmatched experience and specialized skills across more than 40 industries, we offer Strategy and Consulting, Technology and Operations services and Accenture Song — all powered by the world’s largest network of Advanced Technology and Intelligent Operations centers. Our 710,000 people deliver on the promise of technology and human ingenuity every day, serving clients in more than 120 countries. We embrace the power of change to create value and shared success for our clients, people, shareholders, partners and communities.

Read More

DATA SECURITY, SOFTWARE SECURITY

Quad9 Joins the Cyber Threat Alliance as Leading DNS Service to Improve the Cybersecurity of Our Global Digital Ecosystem

Quad9 | September 22, 2022

Today, Quad9, the leading free recursive DNS service, has joined the Cyber Threat Alliance (CTA) [cyberthreatalliance.org], a global non-profit working to improve the cybersecurity of our global digital ecosystem by enabling near real-time, high-quality cyber threat information sharing among organizations. Quad9 is part of the Contributing Allies program, which involves collaboration on cyber incidents and key cybersecurity topics. Exchange of expertise and threat intelligence with partners within the Cyber Threat Alliance is indispensable to counter online threats like malware, phishing, identity theft and ransomware. "As we expand our global reach, Quad9 is committed to working together with other cybersecurity providers through strategic partnerships and alliances. "Joining CTA's Contributing Allies program certainly fits that goal and enables us to engage more frequently with other like-minded organizations as we work together to improve security and privacy for all." John Todd, General Manager for Quad9 The Domain Name System (DNS) is where malicious domain names can be blocked most effectively preventing users from getting robbed of their money, identity or data. Over the past six years, Quad9 has built its strength developing the best-in-class maximum security and 100% privacy-assured DNS service. In so doing Quad9 has secured its place as one of the most important free cybersecurity providers in the world; protecting many tens of millions of users with servers in almost 100 countries. "We're excited to have Quad9 as a Contributing Ally," said Michael Daniel, President and CEO of the Cyber Threat Alliance. "They provide great security services and have some unique insights into the flow of data across the Internet. We look forward to working with them to continue improving the security of our digital ecosystem." Anyone who wants to boost their privacy and security can configure their device to use Quad9's DNS service, which blocks more than 150 million malicious events each day. Quad9's services are available to both individuals and organizations. About Quad9 Quad9 is a recursive DNS service providing cybersecurity protection against malware and phishing. Quad9 is a Swiss public-benefit foundation which exists for the purpose of improving privacy and security, Quad9 does not collect or resell personal data. Its service is provided to individuals and organizations at no cost and requires no contract. The organization was launched in 2017 and now operates from nearly two hundred locations in ninety countries. Quad9 exists to improve end user protection and privacy worldwide in addition to promoting the stability and security of the Internet.

Read More

DATA SECURITY, SOFTWARE SECURITY, WEB SECURITY TOOLS

Legit Security Discovers and Helps Remediate Software Supply Chain Vulnerabilities in Google Firebase & Apache Open-Source Projects

Legit Security | September 16, 2022

Legit Security, a cyber security company with an enterprise platform to secure an organization’s software supply chain, today announced that it discovered software supply chain attack vulnerabilities in popular open-source projects from Google and Apache. The discovered vulnerability affects GitHub, an extremely popular Source Code Management (SCM) system at the heart of many organization’s software supply chains and used by software developers globally. The Legit Security research team found a new type of CI/CD vulnerability called “GitHub Environment Injection” that allows attackers to take control of the vulnerable project's GitHub Actions CI/CD pipeline. Any GitHub user could exploit this vulnerability to modify the project’s source code, steal secrets, move laterally and attack inside the organization, and ultimately initiate a SolarWinds-like supply chain attack. The vulnerability was found in the Google Firebase project and in a very popular integration framework project from Apache. Both Google and Apache acknowledged and fixed the vulnerabilities after an initial disclosure by Legit Security. Legit Security has published a technical disclosure blog on their website including guidance for organizations to remediate this vulnerability. Legit Security’s Research Team discovered that a specially crafted payload written to a GitHub environment variable called “GITHUB_ENV” could allow an attacker to execute code on the target pipeline and thereby modify the source code or compromise the repository itself. This attack can be initiated by any GitHub user and is very easy to implement just by creating a “pull request” or a proposed change to the source code. The mere act of submitting the pull request will trigger the vulnerable build action and carry out a successful compromise and the attacker does not need to be subjected a code review approval from the source code maintainer for it to take effect. The Legit Security team disclosed these issues to Google and Apache project maintainers, along with remediation guidelines, and verified that these vulnerabilities weren’t exploited by a malicious actor. Both projects have been fixed and are now safe. However, these are not the only projects susceptible to this kind of attack. Since using the GITHUB_ENV file is currently considered the “safe” way to change environment variables in GitHub Actions, many repositories are using workflows that write untrusted data into this file, leaving them exposed to supply chain attacks. “This type of vulnerability joins many other software supply chain vulnerabilities and attacks targeting popular open-source projects, including GitHub, which is the largest and the de facto host of most open-source projects. “We, as a security community, must build the tools and processes to address these threats and allow organizations to trust software and use it safely. Here at Legit Security our mission is to secure every organization’s software supply chain and we are active conducting security research and collaborating on initiatives to achieve this goal." Liav Caspi, CTO and co-founder of Legit Security According to Gartner®, nearly half of organizations worldwide will experience an attack on their software supply chains by 2025, a three-fold increase from 2021. There has been a huge rise in attempts to compromise open-source projects and CI/CD build services, including GitHub Actions, to enable wide ranging attacks through software supply chains. For in-depth analysis of the GitHub Environment Injection vulnerability, along with broader information and guidance on how to protect your organization from software supply chain attacks, please visit the Legit Security website and blog. About Legit Security Legit Security protects software supply chains from attack by automatically discovering and securing the pipelines, infrastructure, code and people so that businesses can stay safe while releasing software fast. Legit provides an easy to implement SaaS platform that supports both cloud and on-premises resources and combines automated discovery and analysis capabilities with hundreds of security policies developed by industry experts with real-world SDLC security experience. This integrated platform keeps your software factory secure and provides continuous assurance that your applications are released without vulnerabilities.

Read More

Spotlight

Attackers continue to optimize and refine target selection by finding central strategic targets More than half a billion records of personally identifiable information (PII) such as names, emails, credit card numbers and passwords were leaked in 2013—and these security incidents show no signs of stopping. HALF A BILLION REASONS Why data security still faces major challenges Attackers continue to successfully use operational sophistication as demonstrated by: A single payment processor breach resulting in coordinated ATM heists in more than 24 countries for a ten-hour spree netting $45 million.

Resources