433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

How Carrier’s product security team delivers the ‘right support for the right product’

John Deskurakis had a green field opportunity when he stepped into the role of chief product security officer in April 2020 at Carrier Global Corp. United Technologies, which had spun off Carrier, took the existing product security function with it. That gave Deskurakis the chance to build an entirely new program—one that could meet the unique security needs of each of Carrier’s product lines.[ Learn 8 pitfalls that undermine security program success and 12 tips for effectively presenting cybersecurity to the board. | Sign up for CSO newsletters. ] “We didn’t want to replicate what United Technologies was doing, because it was focused on aerospace. We wanted to focus more on our specific areas because our products are different, our customers are different, they have different needs than aerospace,” he says. “So we decided to rebuild the capabilities to suit the diverse needs of our Carrier customers, to think about what’s the best outcome for the end users.” To read this article in full, please click here
http://news.poseidon-us.com/SXPp7q

Rise in IoT vulnerability disclosures, up 57%

Vulnerability disclosures impacting IoT devices increased by 57% in the first half (1H) of 2022 compared to the previous six months, according to a research by Claroty. The report also found that over the same time period, vendor self-disclosures increased by 69%, becoming more prolific reporters than independent research outfits for the first time, and fully or partially remediated firmware vulnerabilities increased by 79%, a notable improvement given the relative challenges in patching firmware versus … More → The post Rise in IoT vulnerability disclosures, up 57% appeared first on Help Net Security.
http://news.poseidon-us.com/SXP7vV

ISC Stormcast For Monday, August 29th, 2022 https://isc.sans.edu/podcastdetail.html?id=8150, (Mon, Aug 29th)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
http://news.poseidon-us.com/SXP7dl

Dealing With False Positives when Scanning Memory Dumps for Cobalt Strike Beacons, (Sun, Aug 28th)

I updated my Cobalt Strike beacon analysis tool 1768.py to deal with false positives in Windows system's memory dumps.
http://news.poseidon-us.com/SXMp7L

Sysinternals Updates: Sysmon v14.0 and ZoomIt v6.01, (Sun, Aug 28th)

Both Sysinternals utilities (Sysmon and ZoomIt) received updates that significantly extends their scope: Sysmon can now also block actions, and ZoomIt can record videos.
http://news.poseidon-us.com/SXMcSQ

Week in review: RCE bug in GitLab patched, phishing PyPI users, Escanor malware in MS Office docs

Thoma Bravo: Securing digital identities has become a major priority In this Help Net Security interview, Andrew Almeida, Partner on the Flagship team at Thoma Bravo, talks about the firm’s recent acquisition of SailPoint, and about innovation in the enterprise identity space. Critical RCE bug in GitLab patched, update ASAP! (CVE-2022-2884) GitLab has fixed a remote code execution vulnerability (CVE-2022-2884) affecting the Community and the Enterprise Edition of its DevOps platform, and has urged admins … More → The post Week in review: RCE bug in GitLab patched, phishing PyPI users, Escanor malware in MS Office docs appeared first on Help Net Security.
http://news.poseidon-us.com/SXMVrx

Elastic appoints Ken Exner as CPO

Elastic has appointed Ken Exner as chief product officer (CPO) effective August 29, 2022. Exner will be responsible for leading engineering, product management, and product design, with a focus on enhancing the Elastic Enterprise Search, Observability, and Security solutions and delivering a cloud service to Elastic customers. Exner will report to Elastic CEO Ash Kulkarni. Exner brings three decades of experience leading product and engineering teams. Prior to joining Elastic, he spent 16 years at … More → The post Elastic appoints Ken Exner as CPO appeared first on Help Net Security.
http://news.poseidon-us.com/SXLljK

How customer experience can make or break the help desk — and the perception of IT

Outdated metrics and stressed end users can hamper the success of IT service desk teams. But with the right balance and support, service desk employees can improve customer experience.
http://news.poseidon-us.com/SXGpWs