433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (727) 493-2351

COVID-19 data put for sale on the Dark Web

Resecurity, a California-based cybersecurity company protecting Fortune 500, has identified leaked PII stolen from Thailand’s Department of Medical Sciences containing information about citizens with COVID-19 symptoms. The incident was uncovered and shared with Thai CERT. The data was put for sale on several Dark Web marketplaces and was available for further purchase via a Telegram channel created by the bad actors. Based on the acquired samples and additional insights related to the security incident, the … More → The post COVID-19 data put for sale on the Dark Web appeared first on Help Net Security.
http://news.poseidon-us.com/SXPy8h

How Carrier’s product security team delivers the ‘right support for the right product’

John Deskurakis had a green field opportunity when he stepped into the role of chief product security officer in April 2020 at Carrier Global Corp. United Technologies, which had spun off Carrier, took the existing product security function with it. That gave Deskurakis the chance to build an entirely new program—one that could meet the unique security needs of each of Carrier’s product lines.[ Learn 8 pitfalls that undermine security program success and 12 tips for effectively presenting cybersecurity to the board. | Sign up for CSO newsletters. ] “We didn’t want to replicate what United Technologies was doing, because it was focused on aerospace. We wanted to focus more on our specific areas because our products are different, our customers are different, they have different needs than aerospace,” he says. “So we decided to rebuild the capabilities to suit the diverse needs of our Carrier customers, to think about what’s the best outcome for the end users.” To read this article in full, please click here
http://news.poseidon-us.com/SXPp7q

Rise in IoT vulnerability disclosures, up 57%

Vulnerability disclosures impacting IoT devices increased by 57% in the first half (1H) of 2022 compared to the previous six months, according to a research by Claroty. The report also found that over the same time period, vendor self-disclosures increased by 69%, becoming more prolific reporters than independent research outfits for the first time, and fully or partially remediated firmware vulnerabilities increased by 79%, a notable improvement given the relative challenges in patching firmware versus … More → The post Rise in IoT vulnerability disclosures, up 57% appeared first on Help Net Security.
http://news.poseidon-us.com/SXP7vV

ISC Stormcast For Monday, August 29th, 2022 https://isc.sans.edu/podcastdetail.html?id=8150, (Mon, Aug 29th)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
http://news.poseidon-us.com/SXP7dl

Dealing With False Positives when Scanning Memory Dumps for Cobalt Strike Beacons, (Sun, Aug 28th)

I updated my Cobalt Strike beacon analysis tool 1768.py to deal with false positives in Windows system's memory dumps.
http://news.poseidon-us.com/SXMp7L

Sysinternals Updates: Sysmon v14.0 and ZoomIt v6.01, (Sun, Aug 28th)

Both Sysinternals utilities (Sysmon and ZoomIt) received updates that significantly extends their scope: Sysmon can now also block actions, and ZoomIt can record videos.
http://news.poseidon-us.com/SXMcSQ

Week in review: RCE bug in GitLab patched, phishing PyPI users, Escanor malware in MS Office docs

Thoma Bravo: Securing digital identities has become a major priority In this Help Net Security interview, Andrew Almeida, Partner on the Flagship team at Thoma Bravo, talks about the firm’s recent acquisition of SailPoint, and about innovation in the enterprise identity space. Critical RCE bug in GitLab patched, update ASAP! (CVE-2022-2884) GitLab has fixed a remote code execution vulnerability (CVE-2022-2884) affecting the Community and the Enterprise Edition of its DevOps platform, and has urged admins … More → The post Week in review: RCE bug in GitLab patched, phishing PyPI users, Escanor malware in MS Office docs appeared first on Help Net Security.
http://news.poseidon-us.com/SXMVrx

Elastic appoints Ken Exner as CPO

Elastic has appointed Ken Exner as chief product officer (CPO) effective August 29, 2022. Exner will be responsible for leading engineering, product management, and product design, with a focus on enhancing the Elastic Enterprise Search, Observability, and Security solutions and delivering a cloud service to Elastic customers. Exner will report to Elastic CEO Ash Kulkarni. Exner brings three decades of experience leading product and engineering teams. Prior to joining Elastic, he spent 16 years at … More → The post Elastic appoints Ken Exner as CPO appeared first on Help Net Security.
http://news.poseidon-us.com/SXLljK