Reaping the Benefit? New Botnet Exploits IoT Security Flaws


Last year, the Mirai botnet wreaked havoc, using compromised Internet of Things (IoT) devices to take down large internet providers in North America and Europe with a distributed denial-of-service (DDoS) attack. While Mirai has largely faded from view, Bleeping Computer reported that a new threat named IoT_Reaper is exploiting specific IoT security flaws and has already infected more than 2 million devices worldwide.

Source: Reaping the Benefit? New Botnet Exploits IoT Security Flaws

Board Directors Need to Get Involved With Cyber Risk Governance


Board directors are under a lot of pressure. They know that it’s only a matter of time before their organization suffers a cyber incident, and all eyes will naturally be on the directors themselves to see if they were properly exercising their risk oversight.

Source: Board Directors Need to Get Involved With Cyber Risk Governance

Q4 Security User Group Meetings — BigFix & Guardium & IAM


Could you be getting more value from your IBM Security Solution? Your local user group offers a chance to meet up with your peers working with the same technology. Even without diving into the (often confidential) details of your current project, bouncing ideas around with people having a different viewpoint can be valuable. Such discussions can give you a fresh perspective, new ideas and increased motivation. Join us to hear tips from our experts, network with other customers and share best practices for security.

Source: Q4 Security User Group Meetings — BigFix & Guardium & IAM

Malware Mines Monero on Vulnerable Servers


Exploiting Vulnerable Servers

According to We Live Security, a legitimate open source Monero central processing unit (CPU) miner called xmrig was released in May. Threat actors then copied the code and made very few changes to develop the malware.

They added some hardcoded command-line arguments representing the attacker’s wallet address as well as the mining pool URL. The fraudsters also shut down any other xmrig that may have been running to eliminate competition for CPU resources.

Source: Malware Mines Monero on Vulnerable Servers

Cybercriminals Could Easily Take Over Industrial Cobots, Researchers Warn


A string of security weaknesses in areas such as default configurations, authentication mechanisms and open source components could enable cybercriminals to easily take over robots used in industrial settings, researchers warned.An analysis of major industrial and collaborative robots, or cobots, by IOActive revealed close to 50 vulnerabilities that, if exploited, could harm the people who work with them.

The firm created a series of videos to demonstrate what tampering with cobots could look like, including swinging robotic arms that have had safety features and emergency settings disabled.

Source: Cybercriminals Could Easily Take Over Industrial Cobots, Researchers Warn

IBM Security Operations and Incident Response Solutions


IBM® Security Operations and Response, part of the IBM Security immune system, consists of solutions that deliver core functionality to prevent, detect and respond to attacks, including security analytics, threat hunting, incident response, and threat intelligence with network and endpoint protection.

Source: IBM Security Operations and Incident Response Solutions

IBM 2017 Cost of Data Breach Study – United States


IBM® is proud to sponsor the 12th annual Cost of Data Breach Study, the industry’s gold-standard benchmark research, independently conducted by Ponemon Institute. This year’s study reports the global average cost of a data breach is down 10 percent over previous years to $3.62 million. The average cost for each lost or stolen record containing sensitive and confidential information also significantly decreased from $158 in 2016 to $141 in this year’s study.

Source: IBM 2017 Cost of Data Breach Study – United States

Event Registration


Organizations rely heavily on cybersecurity analysts to protect themselves from cyberattacks. With the traditional approach of threat monitoring and investigation, analysts may run the risk of missing the true indicators of compromise or not having sufficient time to deal with legitimate security threats. So what should organizations do to overcome this challenge?

Source: Event Registration

Data Scientist Jobs Top Glassdoor List


It’s official: Data scientist jobs have reached the top of Glassdoor’s Best Jobs in America list in 2016 and 2017 with an overall job score of 4.8 out of 5, a job satisfaction score of 4.4 out of 5 and a median base salary of $110,000.  This is why I went back to grad school to pursue a degree in both Data Science and Security!

Source: Data Scientist Jobs Top Glassdoor List

Insider Threat Detection Use Case – IBM Security


Expose the attacker inside your networkInsider threats account for 60 percent of cyber attacks, and they are incredibly difficult to detect. In fact, most cases go unnoticed for months or years. Regardless of whether the insider is a malicious employee or a contractor whose credentials have been compromised, security teams need the ability to quickly and accurately detect, investigate and respond to these potentially damaging attacks.

Source: Insider Threat Detection Use Case – IBM Security