Connect with us

News

LG Magna Gets Cyber Security Management System Certification

Published

on

LG Magna e-Powertrain (LG Magna), the joint venture of LG Electronics (LG) and Magna International (Magna), have announced it has received Cyber Security Management System (CSMS, ISO/SAE 21434:2021) certification from the global certification organization, TÜV Rheinland. The certification indicates LG Magna is in full compliance with relevant vehicle cybersecurity regulations and requirements and has implemented a comprehensive security system covering component design, development, post-development cybersecurity activity and management.

An area of growing importance, automotive cybersecurity is set to take centre stage in the mobility sector when WP.29 UNECE R155 cybersecurity regulations come into effect. From July 2024, all vehicles produced by automotive OEMs must meet the newly established suite of cybersecurity management regulation to obtain type approval, which is a prerequisite for selling vehicles in 56 countries, including EU member states, the UK, Japan, and South Korea.

Countries that have adopted the regulation require automakers to prepare all components and systems for cybersecurity threats throughout the entirety of their vehicles’ lifecycles. ISO/SAE 21434, an international standard related to vehicle cybersecurity, defines the processes for establishing and maintaining cybersecurity, from the planning and development stage through to vehicle manufacturing, maintenance, and disposal.

LG Magna is setting up a robust cybersecurity framework to ensure it can meet the increasing demand from global automakers for advanced, highly secure vehicle components. The company has created an exhaustive cybersecurity process that is applied, and systematically updated, across the life of each product. The process includes identifying and assessing product security threats, and developing appropriate response strategies in line with ISO/SAE 21434 requirements. Additionally, risk monitoring systems and processes for swift issue remediation have been put in place.

A respected innovation partner, LG continues to expand its presence in the global automotive components and solution market. The Vehicle Component Solutions (VS) Company is acknowledged for its capabilities in in-vehicle infotainment (IVI) systems, LG Magna boasts strength in electric vehicle powertrains, while ZKW is a leader in advanced vehicle lighting systems. Established in 2021, LG Magna has further solidified its position as a trusted vehicle components supplier by securing CSMS certification.

“With vehicle cyberattacks on the rise, the demand from automakers for component solutions that ensure robust cybersecurity is growing at a rapid pace,” said LG Magna CEO, Cheong Won-suk. “As a major global vehicle parts supplier, LG Magna aims to proactively address any security vulnerabilities and continuously strengthen its systems and processes.”

Continue Reading

News

Sophos Completes Secureworks Acquisition

Published

on

Sophos and Secureworks have announced the completion of Sophos’ acquisition of Secureworks. The all-cash transaction values Secureworks at approximately $859 million. With the completion of the acquisition, Secureworks’ common stock has ceased trading on Nasdaq. Thoma Bravo, a leading software investment firm, backs Sophos.

With this acquisition, Sophos is now the leading pure-play cybersecurity provider of Managed Detection and Response (MDR) services, supporting more than 28,000 organizations of all sizes worldwide. The combination will enable Sophos to deliver an unparalleled security operations platform, featuring hundreds of built-in integrations for adaptive protection, detection and response for mitigating cyberattacks. The open and scalable platform helps organizations, especially those with diverse IT estates, safeguard current and future technology investments, providing greater operational efficiencies and return on cybersecurity spend. Sophos X-Ops is also expanding its threat intelligence and security services capabilities by adding the Secureworks Counter Threat Unit and security operations and advisory teams.

As a channel-first cybersecurity provider, Sophos remains unwavering in its commitment to delivering cutting-edge security services and technologies that empower our global community of resellers, Managed Service Providers (MSPs) and Managed Security Services Providers (MSSPs). This includes expanding their reach, enhancing operational scalability and providing stronger defences to the countless organizations that need the ability to effectively defend against today’s constant and complex cyberattacks.

“The market is embracing MDR as a clear means to deliver positive cybersecurity outcomes, and this has meant rapid growth in the category,” said Joe Levy, CEO, Sophos. “Sophos is differentiated by our very mature competencies in ransomware detection, malware analysis and threat actor tradecraft. These defences are further augmented by Sophos’ native artificial intelligence (AI), first innovated by our globally peer-recogniwed AI team nearly a decade ago, and embedded in our MDR, endpoint, network, email, and cloud security to more effectively neutralize and stop threats. With the integration of Secureworks, our expanded services and product portfolio will provide even stronger end-to-end security solutions that will include identity threat detection and response (ITDR), next-gen SIEM and managed risk, all in a single open platform. We will also be able to further advance our AI, threat intelligence and attack research through more diverse and deeper global telemetry that is analyst-tuned for the real world. At every level, we are very excited about this next accelerated chapter for Sophos.”

In the near term, Sophos and Secureworks are operating business as usual, working with our respective channel partners, MSPs and MSSPs worldwide to distribute our existing security services and technology. Both companies’ sales and customer experience groups will operate to support existing customers, assist with renewals and develop current and new business opportunities. Sophos protects more than 600,000 customers worldwide with its portfolio of MDR, endpoint, network, email, and cloud security solutions that integrate and adapt to provide real-time defence through the Sophos Central platform.

Under the terms of the agreement, Sophos acquired Secureworks in an all-cash transaction valued at approximately $859 million. Secureworks shareholders, including Dell Technologies, will receive $8.50 per share in cash. This represents a 28% premium to the unaffected 90-day volume-weighted average price (VWAP). Kirkland & Ellis LLP acted as legal counsel to Sophos, Goldman Sachs & Co. LLC., Barclays, BofA Securities, HSBC Securities (USA) Inc., and UBS Investment Bank acted as financial advisors and provided debt financing for the transaction. Piper Sandler & Company and Morgan Stanley & Co. LLC acted as financial advisors to Secureworks, and Paul, Weiss, Rifkind, Wharton & Garrison LLP acted as legal counsel.

Continue Reading

Artificial Intelligence

DeepSeek Popularity Exploited in Latest PyPI Attack

Published

on

The Supply Chain Security team at Positive Technologies’ Expert Security Center (PT ESC) discovered and neutralised a malicious campaign in the Python Package Index (PyPI) repository. This attack was aimed at developers, ML engineers, and anyone seeking to integrate DeepSeek into their projects.

The attacker’s account, created in June 2023, remained dormant until January 29, when the malicious packages deepseeek and deepseekai were registered. Once installed, these packages would register console commands. When these commands were executed, the packages began stealing sensitive user data, including information about their computers and environment variables often containing database credentials and access keys to various infrastructure resources. The attackers used Pipedream, a popular developer integration platform, as their command-and-control server to receive the stolen information.

Stanislav Rakovsky, Head of Supply Chain Security at PT ESC, explained, “Cybercriminals are always looking for the next big thing to exploit, and DeepSeek’s popularity made it a prime target. What’s particularly interesting is that the malicious code appears to have been generated with the help of an AI assistant, based on comments within the code itself. The malicious packages were uploaded to the popular repository on the evening of January 29.”

Given the heightened interest in DeepSeek, this attack could have resulted in numerous victims if the malicious activity had gone unnoticed for longer. Experts at Positive Technologies strongly recommend being more attentive to new and unknown packages.

Continue Reading

Artificial Intelligence

SentinelOne to Spotlight AI-Driven Cybersecurity at LEAP 2025

Published

on

SentinelOne has announced its participation at LEAP 2025, alongside its distributor, AlJammaz Technologies. The company will showcase its AI-powered cybersecurity solutions including advanced EDR, XDR, and ITDR solutions designed to deliver autonomous protection against evolving cyber threats.

SentinelOne’s solutions align with the Kingdom’s strategic priorities by offering proactive AI-driven protection for critical infrastructure, enterprises, and government entities. The company’s Singularity platform, known for its real-time, AI-driven threat detection, response, and prevention, will be at the centre of its presence at the exhibition. The platform enables enterprises to protect their endpoints, cloud environments, and identity layers, allowing them to innovate confidently amidst evolving cyber threats.

Speaking on their participation, Meriam ElOuazzani, Senior Regional Director, META at SentinelOne, said, “Cybersecurity remains central to progress with Saudi Vision 2030’s digital leadership and economic goals, and our solutions empower businesses to outpace evolving threats and fuel growth. By participating at LEAP, we aim to engage with key stakeholders in the tech ecosystem, explore new partnerships, and demonstrate how our solutions are reshaping workforce capabilities and the future of digital resilience.”

SentinelOne’s AI strategy focuses on delivering autonomous, real-time protection by leveraging machine learning and behavioural AI. This ensures businesses can detect, mitigate, and remediate cyberattacks faster and more effectively than traditional solutions. Senior executives from SentinelOne will be onsite at the AlJammaz Executive Lounge in Hall 1 to share insights on AI-driven security strategies and the future of autonomous cybersecurity. Visitors can also experience live demonstrations of the Singularity platform.

Continue Reading
Advertisement

Follow Us

Trending

Copyright © 2021 Security Review Magazine. Rysha Media LLC. All Rights Reserved.