Traduttore automatico - Read this site in another language

martedì 12 marzo 2019

La NSA presenta Ghidra, potente strumento per il reverse engineering



Se un giorno ci dovessimo trovare ad analizzare un manufatto tecnologico alieno, per comprenderne il principio di funzionamento, replicarne la tecnologia e acquisire quella nuova conoscenza, ci troveremo a dover compiere un processo di reverse engineering, ovvero partendo da un prodotto finito, “smontarlo” per capire che cosa è, cosa fa e come lo fa.
Durante la RSA Conference di San Francisco (tenuta il 5 Marzo 2019), convegno internazionale sulla sicurezza informatica, la National Security Agency, l’organismo governativo degli Stati Uniti preposto a difendere il paese da attacchi di qualunque tipo, ha presentato Ghidra, uno strumento open source per la sicurezza informatica sviluppato dall’Agenzia.
Lo strumento scritto in Java, non serve per violare ma bensì per i processi di reverse engineering In questo caso, permette di scomporre (decompilare) un programma per rivelarne i codici, permettendo di risalire o intuire ciò che veramente il software analizzato è in grado di fare.

Gli SRE (Software Reverse Engineering) svolgono un processo essenziale per gli analisti di malware poiché, grazie a essi si è in grado di “editare” le righe di codice dei programmi, ricavando così preziose e vitali informazioni, reali o potenziali funzioni, gli autori del codice e da dove potrebbe venire l’attacco. Questo permette di attuare le necessarie azioni (contromisure) atte a vanificarlo o a ridurne l'impatto.

Ghidra è uno dei tanti strumenti open source rilasciato dalla Nsa. Rob Joyce, capo delle operazioni Cyber della NSA ha sottolineato come l’Agenzia stia lavorando a Ghidra da diversi anni (a dirla tutta è in uso da circa una decina, come appare su WikiLeaks Vault7, CIA Hacking Tools) e come questo sia uno strumento molto potente e particolarmente versatile. Il programma dispone di una interfaccia grafica (GUI) interattiva ed è compatibile con Windows, Mac OS e Linux, dispone inoltre di un meccanismo di annullamento/ripristino che consentirà agli utenti di provare le teorie sul possibile funzionamento del codice analizzato.

Joyce, ha definito Ghidra come un “contributo alla comunità della sicurezza informatica della nazione” ma la natura open source del potente software dell’NSA lo rende, di fatto, un appetibile strumento anche per tutte le altre nazioni. Questa notizia ha avuto un grande impatto ed ha reso la community molto eccitata e preoccupata allo stesso tempo. Si è pensato alla presenza di una backdoor nel software stesso (e alcuni utenti dicono di averla trovata poche ore dopo il rilascio, sospetta apertura connessione sulla porta 18001 quando il software viene avviato in modalità debug) oppure, sono nati alcuni sospetti sulla possibilità che questo rilascio al mondo intero sia in realtà conseguenza di uno spostamento, da parte dell’Agenzia, verso una suite di SRE molto più sofisticata. Il rilascio avrebbe dunque lo scopo di dare l’illusione al mondo della community cyber che “lo stato dell’arte” di questo tipo di software per la cyber sicurezza sia quello raggiunto da Ghidra, in modo tale che se un programma, dalla struttura inedita e non contemplata dall’ormai superato tool, venisse analizzato sarebbe visto solo come un ET, strano, non del tutto capito, semplicemente un buffo e non pericoloso “alieno”.


Enrico Secci 

- https://www.wired.com/story/nsa-ghidra-open-source-tool/
- https://www.wired.it/internet/web/2019/03/07/nsa-ghidra-malware/
- https://itsfoss.com/nsa-ghidra-open-source/
- https://systemscue.it/ghidra-la-svolta-opensource-della-nsa/14730/
- https://www.securityinfo.it/2019/03/06/ghidra-il-tool-di-reverse-engineering-dellnsa-disponibile-per-tutti/
https://www.nsa.gov/resources/everyone/ghidra/

domenica 10 marzo 2019

Citrix Raises Bar for SD-WAN Security

Press release

MAR 5, 2019


Company enables new capabilities to easily apply people-centric security policies across branches and applications

FORT LAUDERDALE, Fla.--(BUSINESS WIRE)-- The days of manually applying security policies across branch locations are officially over. At least for customers of Citrix Systems, Inc. (NASDAQ: CTXS). The company today announced next-generation capabilities within its SD-WAN solution that enable enterprises to easily administer user-centric policies and connect branch employees to applications in the cloud with greater security and reliability.
“Today’s enterprise is more distributed than ever, requiring IT to provide secure access to corporate systems and data across multiple locations, networks and clouds,” said Chalan Aras, Vice President, SD-WAN and Intelligent Traffic Management, Citrix. “In the past, this meant manually applying security policies across branch locations. With enhanced security features delivered as part of Citrix® SD-WAN companies can now easily extend user-centric policies to the branch and connect employees to applications in the cloud with a few clicks.”


Simplified Branch Networking
Citrix SD-WAN helps enterprises deliver a reliable, high-performance workspace experience when accessing SaaS apps, cloud workloads, virtual apps and desktops or traditional data center resources. With Citrix SD-WAN, enterprises can:
  • Simplify branch networking by converging WAN edge capabilities, including built-in stateful firewall, WAN Optimization and more.
  • Define security zones to apply different policies for different users.
  • Provide integrated, single sign-on, remote access and content inspection in a single solution.
  • Easily on-board, manage and monitor services.
  • Confidently break out internet traffic from branches to optimize WAN resources.
Easy Administration
By integrating with a series of third-party APIs, Citrix allows enterprises to take security to the next level and:
  • Synchronize location information with the Citrix SD-WAN management plane.
  • Establish IPsec tunnels between branches and security enforcement points for traffic inspection and threat prevention with high availability.
  • Automatically apply controls to protect users and applications whether they are connecting to SaaS applications or services over the internet.
“With the API integration between Citrix SD-WAN and the Zscaler Cloud Security Platform, enterprises can enable secure local breakouts for applications and resources hosted on the Internet simplifying operations, lowering cost and complexity and ultimately providing a fast and secure user experience,” said Punit Minocha, Senior Vice President of business and corporate development, Zscaler.
Zscaler is part of a robust global ecosystem of Citrix SD-WAN technology partners helping large enterprises and SMBs alike securely transition to the cloud and simplify branch networking and the first to enable Citrix’s new integration capabilities.
“Companies today demand flexibility and choice in how they defend their networks,” Aras said. “Our new API integrations are designed to provide this and enable them to accelerate their cloud migrations in an efficient and cost-effective way.”


https://investors.citrix.com/press-releases/press-release-details/2019/Citrix-Raises-Bar-for-SD-WAN-Security/default.aspx

sabato 9 marzo 2019

US cybercom attacca la russa Internet Research Agency


Talvolta capita che accadano fatti importanti ma che in Italia nessuno vi dia peso. Questo è successo, ancora una volta, a fine 2018.


Secondo il New York Times, peraltro non smentito, lo US Cyber Command ha infatti eseguito una operazione ufficiale cyber offensiva (la prima?) contro un obiettivo russo: la "Internet Research Agency" di San Pietroburgo.
Il New York Times ha infatti riportato le "confidenze" di varie persone che hanno lavorato al progetto, garantendone l'anonimato naturalmente.
Il motivo dell'attacco sembra essere legato alla prevenzione di campagne di disinformazione legate alle elezioni di metà mandato del presidente Trump.
In effetti la Internet Research Agency è conosciuta da tempo in occidente come la fabbrica della disinformazione, che ospita un migliaio di "troll" che agiscono per conto del governo russo.
Non voglio certo entrare nel merito della disinformazione ma semplicemente indicare che tra il combattere una guerra mondiale cyber nascosti dietro gruppi più o meno segreti e il compiere una azione di attacco cyber preventivo alla luce del sole c'è una bella differenza! 
L'attacco, inoltre, non è stato compiuto contro uno dei tanti cyber sfigati ma contro la Russia, uno degli stati più potenti ed organizzati da questo punto di vista, o almeno questo è quanto ci è stato sempre detto.

Il fatto mi induce a riflettere.

In primo luogo, se si pensa a quanto accaduto lo scorso novembre, si può leggere l'operazione alla Occidentale, ovvero come "Operazione preventiva per scongiurare illegittime interferenze nelle elezioni presidenziali", oppure alla maniera convenzionale, come aggressione contro uno Stato sovrano. Ognuno la pensi come vuole, tanto non cambia niente in quanto come tutti sappiamo, in queste cose si applica... il Diritto Internazionale (la legge del più forte?)!
Comunque la si legga, si può però dire che gli USA, con questo attacco hanno dato vita ad un nuovo corso. Hanno innescato una miccia pericolosa, in quanto le "cariche esplosive" si trovano disseminate in tutto il mondo e non solo in Russia e negli USA, hanno messo a rischio dunque l'intera comunità mondiale in quanto eventuali risposte potrebbero causare "danni collaterali! ai sistemi di tutto il mondo, interconnessi o meno. Hanno poi, infine, con il loro agire, bellamente dichiarato di essere loro i più forti al mondo, infatti non si può spiegare altrimenti un attacco alla luce del sole.
Ed è su quest'ultimo punto che mi voglio concentrare. Vi invito infatti a dare uno sguardo ai vari elenchi APT (Advanced Persistent Threat) disponibili on line. Vi accorgerete che quelli elencati non sono tutti, ma solo una parte, quella legata ai supposti attacchi dei "cattivissimi" russi, cinesi, nordcoreani, iraniani e così via. 
Mai una volta che a condurre un APT sia uno stato occidentale (buono per definizione?).
Di tanto in tanto vi è un qualche gruppo non bene identificato, magari quando ha agito (ma sicuramente è un caso!) contro gli interessi cinesi o russi.
Bene, direte, la guerra è guerra.
Vero, ma un tempo (anche se non sempre!) si aveva la decenza di dichiarala la guerra, non fosse altro per cercare di regolare il conflitto e affinché chi stava nei dintorni capisse da che parte schierarsi, o, talvolta, per cercare di limitare i danni collaterali.
Una guerra nel cyberspace lascia tutti coloro che non si sono preparati (e sono ancora in tanti!) in balia di conseguenze incalcolabili a priori, ma d'altra parte è questo il significato neanche troppo nascosto del detto "la guerra è guerra".
Un'ultima cosa, questa "iniziativa" spinge a favore della "separazione" della Internet russa da quella mondiale. Come infatti si sa da tempo vi sono delle iniziative, sia russe sia cinesi, per "staccarsi" da internet così come oggi la conosciamo. Russia e Cina, dunque, sempre più vicine... siamo sicuri che questo sia l'interesse dell'Occidente?

Ad ognuno la libertà di fare le proprie considerazioni...   

Alessandro Rugolo 

Per approfondire:
- https://www.washingtonpost.com/world/national-security/us-cyber-command-operation-disrupted-internet-access-of-russian-troll-factory-on-day-of-2018-midterms/2019/02/26/1827fc9e-36d6-11e9-af5b-b51b7ff322e9_story.html?noredirect=on&utm_term=.9b8b230904b2;
- https://www.lawfareblog.com/new-contours-cyber-conflict;
- https://www.cybercom.mil/
- https://www.fireeye.com/current-threats/apt-groups.html
- https://attack.mitre.org/groups/

giovedì 7 marzo 2019

Beta Systems Signs Xband Enterprises as first US-based partner for IAM Solutions


26/02/2019 - Corporate, IAM, Press release 

Berlin / McLean, VA, February 26, 2019 - Beta Systems IAM Software AG continues its expansion in North America. The new partner, Xband Enterprises, headquartered in Andover, Massachusetts, delivers high-speed internet hosting services and cloud-based solutions worldwide. For Beta Systems, this is a major step in introductions of the next-generation IAM solutions to the US market, focused on the needs of the business user.
“We are absolutely delighted to be the first U.S. based company enabled by Beta Systems as a Cloud Integration Partner. Xband Enterprises will expand its cyber portfolio to offer hardened Identity & Access Management solutions that will help protect our clients from the ever changing cyber threat landscape.  For 37 years Beta Systems has served clients with strategic solutions. This partnership enables us the foundation to help our customers achieve compliance requirements while adapting to the ever changing needs of the cloud. Beta Systems Identity and Access Management Garancy Suite coupled with our patented keystroke encryption is the strongest Identity and Access Management solution that prevents loss of credentials from Zero-day keyloggers”, said CEO of Xband Enterprises; Troy Cromwell. “We look forward to expanding our client base and offerings with Beta Systems.“
“The addition of Xband Enterprises to our distribution channel in the US is key to future success in the marketplace. With Xband’s forward-thinking services, their customers can now experience IAM as a key component of an overall cyber strategy”, said Walter Teichert, Director of International Sales. “We’re confident that Xband’s current and future customers will appreciate the business-driven approach to IAM in our Garancy suite.”
The Beta Systems IAM Software AG is the largest independent European provider of identity and access management solutions (IAM) for businesses. For more than 35 years, Beta Systems has supported its financial services, manufacturing, trading and IT services customers with software development and support "Made in Germany".
Tailored access control solutions for large international organizations are aligned with compliance regulations. Beta Systems IAM Software AG is a wholly owned subsidiary of Beta Systems Software AG.
Further information and details on Beta Systems IAM Software AG are available at https://www.betasystems-iam.com.
Further information and details about Xband Enterprise are available at https://www.xbandnetworks.com

https://www.betasystems.com/en/news/news/detail/article/beta-systems-signs-xband-enterprises-as-first-us-based-partner-for-iam-solutions.html

Avira Password Manager: Making order out of password chaos

Press release Monday, November 5, 2018

Tettnang, Germany, November 5, 2018 – Avira is proud to introduce the newly updated Avira Password Manager, dedicated to cleaning up the confusing mess of passwords and account login details: making passwords more secure, easier mobile autofill capabilities, instant alerts for stolen personal data, and still completely for your eyes only. 

Remembering secure passwords is a problem
Unless you are a savant, blessed with an incredible memory for random combinations of numbers, letters, and symbols—you are probably not exercising good password management. It simply is not possible for most people to remember a collection of truly secure passwords for their bank, social media, and other online accounts.
Bad password management is much more than a lost sticky note. Weak and stolen passwords are leveraged in 81% of all data theft. * Although people know that weak and recycled passwords leave them vulnerable to brute force attacks and “credential stuffing” attacks where hackers try out known username and password combinations, more than 60% of device users share the same password across multiple accounts and many choose easy-to-guess passwords.
Insecurity starts in the memory
Recent data collected by IBM Security shows that the younger you are, the more likely you are to use fewer and less secure passwords. For example, the younger Generation Z (age 18-24) is using an average of just 5 passwords, but only 39% are bothering to make a secure password with a mix of characters, symbols, and capitalization, and a huge 42% are reusing passwords between their various accounts. This “always online” generation should know better. Their elders (age 55+) have an average of 12 passwords in their day-to-day regime. Almost half are making the effort to create a complex password and only 31% say they reuse passwords between accounts.
“I have 219 combinations of usernames and passwords for different web-sites I use every day. Being in the security industry I know how dangerous using the same combination or easy passwords can be, as the username is quite often the same email address”, said Travis Witteveen, Avira CEO. “An effective password manager, not just ensures I have a unique combination, but it also warns me if a site has been compromised and my credentials may be at risk. Since the new autofill functionality on iOS, it has never been easier to keep my login credentials with me, regardless of the device I’m using.”
Password management that goes beyond the password
“A password manager should do much more than simply remember passwords,” said Tim Gaiser, Director Identity Protection at Avira. “A good password manager does three primary things: keeps all passwords safe and accessible on all my devices, takes over the problem of creating and remembering unhackable passwords for all my accounts, and clarifies my online security with tips and alerts in case of potential data breaches.”
  1. Keep that password secure (and all to yourself)
Avira Password Manager only needs you to set a single Master Password and it will take care of the rest: helping import existing passwords, creating new secure ones, and syncing this data between your devices.
You are the only person who knows the Master Password; even Avira has no access to it. With the two-factor authentication for your Avira account, passwords are secured even more. 
  1. Improve yourself with Security Status
The new Security Status feature provides a complete picture of your online security. The Security Status flags your attempts to recycle passwords and grades passwords for their complexity and strength. You also get an automatic warning if your accounts have been hacked or passwords have been misused. Thanks to Avira’s deep knowledge of infected sites, you are alerted before you can enter your private data into a hacked or deceptive website. 
  1. Make it easy to act securely
Avira Password Manager makes it easy to act securely by placing all password-protected accounts in a single solution—regardless if you are on your PC or smartphone. The autofill function saves user time and slashes the number of potential data entry errors whether you are on a smartphone or home computer. As a cloud-based solution, it works even if you are running a device based on Android, iOS, MacOS, or Windows operating systems. All changes made to the saved password data are automatically synced and accessible to other devices in the family network. User data can now be organized in tags. In addition to passwords, the app keeps other sensitive data secure, encrypted, and accessible—making it easier to log in to other websites and apps.
Step up into the Avira Password Manager
The basic Avira Password Manager is completely free.  Avira Password Manager Pro comes with a wider range of features such as Security Status. Users can register or log in to the web dashboard and download the mobile solution and browser extensions (needed to enable autofill in web browsers) at:  https://www.avira.com/en/avira-password-manager-pro
(*) Verizon 2017 Data Breach Investigations Report
(**) Avira online survey conducted in August 2018 within Germany with 718 respondents having an age range of 20-65.

https://www.avira.com/en/press-details/nid/1208/news/avira-password-manager-making-order-out-of-password-chaos

mercoledì 6 marzo 2019

January 2019’s Most Wanted Malware: A Significant New Threat Speaks Up

Press release

Check Point’s researchers detect growth of ‘SpeakUp’ – a new Linux backdoor which is spreading the XMRig crypto-mining malware


SAN CARLOS, CA  —  Wed, 13 Feb 2019
Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of cyber-security solutions globally, has published its latest Global Threat Index for January 2019. The index reveals a new backdoor Trojan affecting Linux servers, which is distributing the XMRig crypto-miner. The new malware, dubbed SpeakUp, is capable of delivering any payload and executing it on compromised machines.
The new Trojan currently evades all security vendors’ anti-virus software. It has been propagated through a series of exploitations based on commands it receives from its control center, including the 8th most popular exploited vulnerability, “Command Injection over HTTP”. Check Point’s researchers view Speakup as a significant threat, as it can be used to download and spread any malware.
In January, the top 4 most prevalent malware variants were cryptominers. Coinhive remains the top malware, impacting 12% of organizations worldwide. XMRig was once again the second most prevalent malware with a global impact of 8%, followed by Cryptoloot miner with an impact of 6% of organizations globally. While there are four cryptominers in January’s index, half of all malware forms in the top ten can be used to download further malware to infected machines.
Maya Horowitz, Threat Intelligence Group Manager at Check Point commented:  “While January saw little change in the malware forms aimed at enterprises worldwide, we are beginning to see new ways to distribute malware. Threats like these are a stark warning of bigger threats to come. Backdoors like Speakup can evade detection and then distribute further, potentially more dangerous malware to compromised machines. Since Linux is used extensively in enterprise servers, we expect Speakup will be a threat that will grow in scale and severity throughout the year.”
January 2019’s Top 3 ‘Most Wanted’ Malware:
*The arrows relate to the change in rank compared to the previous month.
  1. ↔ Coinhive – Crypto Miner designed to perform online mining of Monero cryptocurrency when a user visits a web page without the user’s knowledge or approval the profits with the user. The implanted JavaScript uses a great deal of the computational resources of end users’ machines to mine coins, and may crash the system.
  2.  XMRig– Open-source CPU mining software used for the mining process of the Monero cryptocurrency, and first seen in-the-wild on May 2017.
  3.  Cryptoloot – Crypto-Miner that uses the victim’s CPU or GPU power and existing resources for crypto mining – adding transactions to the blockchain and releasing new currency. It is a competitor to Coinhive, trying to pull the rug under it by asking a smaller percentage of revenue from websites.
Hiddad, the modular backdoor for Android which grants privileges to downloaded malware, has replaced Triada at first place in the top mobile malware list. Lotoor follows in second place, while Triada has fallen to third place.
January’s Top 3 ‘Most Wanted’ Mobile Malware:
  1. Hiddad – Modular Backdoor for Android which grants super user privileges to downloaded malware, as helps it to get embedded into system processes.
  2. Lotoor– Hack tool that exploits vulnerabilities on Android operating system in order to gain root privileges on compromised mobile devices.
  3. Triada – Modular Backdoor for Android which grants super user privileges to downloaded malware, as helps it to get embedded into system processes. Triada has also been seen spoofing URLs loaded in the browser.
Check Point researchers also analyzed the most exploited cyber vulnerabilities. CVE-2017-7269 remained in first place with a global impact of 47%. Following closely behind, Web Server Exposed Git Repository Information Disclosure was in second place and OpenSSL TLS DTLS Heartbeat Information Disclosure followed in third, impacting 46% and 45% of organizations around the world respectively.
January’s Top 3 ‘Most Exploited’ vulnerabilities:
  1. ↔ Microsoft IIS WebDAV ScStoragePathFromUrl Buffer Overflow (CVE-2017-7269) – By sending a crafted request over a network to Microsoft Windows Server 2003 R2 through Microsoft Internet Information Services 6.0, a remote attacker could execute arbitrary code or cause a denial of service conditions on the target server. That is mainly due to a buffer overflow vulnerability resulted by improper validation of a long header in HTTP request.
  2. ↑ Web Server Exposed Git Repository Information Disclosure– An information disclosure vulnerability has been reported in Git Repository. Successful exploitation of this vulnerability could allow an unintentional disclosure of account information.
  3. ↓ OpenSSL TLS DTLS Heartbeat Information Disclosure (CVE-2014-0160; CVE-2014-0346) – An information disclosure vulnerability exists in OpenSSL. The vulnerability is due to an error when handling TLS/DTLS heartbeat packets. An attacker can leverage this vulnerability to disclose memory contents of a connected client or server.
Check Point’s Global Threat Impact Index and its ThreatCloud Map is powered by Check Point’s ThreatCloud intelligence, the largest collaborative network to fight cybercrime which delivers threat data and attack trends from a global network of threat sensors. The ThreatCloud database holds over 250 million addresses analyzed for bot discovery, more than 11 million malware signatures and over 5.5 million infected websites, and identifies millions of malware types daily.
* The complete list of the top 10 malware families in June can be found on the Check Point Blog:  http://blog.checkpoint.com/2019/02/13/january-2019s-most-wanted-malware-a-new-threat-speakup-linux-crypto-cryptomining/
Check Point’s Threat Prevention Resources are available at:  //www.checkpoint.com/threat-prevention-resources/index.html


https://www.checkpoint.com/press/2019/january-2019s-most-wanted-malware-a-significant-new-threat-speaks-up/

Singtel and Argus join forces to strengthen cyber security capabilities for Singapore’s transportation sector

Press release

  • Argus cyber security solutions to be integrated with Singtel’s managed security services
  • Research lab to be set up to develop and test cyber security solutions for autonomous vehicles
Singapore and Tel Aviv, Israel, January 28, 2019 – Singtel and Argus Cyber Security, a global leader in automotive cyber security, have signed a Memorandum of Understanding (MOU) to collaborate on several initiatives to strengthen the cyber security capabilities for Singapore’s transportation sector, facilitating the introduction of connected cars and new technologies such as autonomous vehicles. In addition, both parties will also work together on the research and development of next generation cyber security solutions for autonomous vehicles.
“This partnership is part of our broader vision to create an ecosystem to support the development of new technologies and solutions focusing on the transportation sector, both in Singapore and globally,” said Mr Bill Chang, Chief Executive Officer, Group Enterprise at Singtel. “With a secure ecosystem, automobile manufacturers and automotive equipment providers can safely collaborate and develop advanced solutions for commercial and industrial autonomous vehicles. By partnering with a global leader like Argus, we are committed to positioning Singapore at the forefront of connected and autonomous vehicle technologies for the next generation of smart and cyber secure vehicles.”
Under the MOU, both parties will launch a suite of solutions which includes Argus’ in-vehicle solutions and technologies, and Argus’ stand-alone cyber security backend platform. This platform collects, correlates and analyses data derived from vehicles, mobile apps, cellular networks, cloud platforms and other sources, and will be integrated with the managed security services portfolio of Trustwave, Singtel’s cyber security arm. The platform helps automakers and fleet managers to quickly protect vehicles that are already on the road without making any modifications to them. It will be delivered through Trustwave’s global network of 10 Advanced Security Operations Centers, further enhancing its capabilities as a leading global managed security services provider.  
“We are delighted to partner with Singtel, a global technology leader and a trusted cyber security partner of the world’s leading business organizations. This partnership is another important leap forward towards delivering multi-layered, security solutions and services that make mobility intelligent and secure – in Singapore and around the world”, says Mr Ofer Ben-Noon, co-founder and Chief Executive Officer of Argus Cyber Security. “We look forward to broadening our scope of partnership with Singtel to include co-creating next generation of cyber security solutions and services for the autonomous vehicle industry”.
As part of the collaboration, Singtel and Argus will conduct cyber security research and development at the Singtel Cyber Security Institute (CSI) to help defend autonomous vehicles against sophisticated, evolving cyber threats. The partners could also use CSI’s advanced cyber range platform to subject their solutions to rigorous testing and prototyping. This augments Singtel’s ongoing collaboration with the National University of Singapore to develop advanced cyber security solutions for next generation cyber threats.
The partnership comes in the wake of the recent launch of 5G Garage – Singapore’s first live 5G facility at Singapore Polytechnic. The facility, which is connected to Singtel’s latest pilot 5G network, allows students to incubate, develop and trial 5G solutions for enterprises. Among the students’ projects is an autonomous vehicle which is being trialled for use on campus. The initiative and Singtel’s involvement in the development of Singapore’s next generation Electronic Road Pricing system demonstrate the company’s drive towards shaping and securing Singapore’s future transportation landscape.
The announcement of the partnership is timely as the introduction of autonomous vehicles in Singapore is one of the initiatives which the government has set out as part of the Smart Nation plan.



https://argus-sec.com/singtel-and-argus-join-forces/