Illustrations by Greg Leighton.

Welcome to “In Security,” the web comic that takes a lighter look at the dark wave of threats crashing across business networks, endpoints, data and users. Get acquainted with the team and catch up by reading Episode 001, Episode 002, Episode 003, Episode 004 and Episode 005.

Let’s be frank — the Great Dawnack’s prediction on the future of cybersecurity is bleak and vague. While not incorrect, this prognosticating only highlights the problems plaguing the future of cybersecurity, not the solutions needed to keep what’s already a record number of attacks at bay.

Fortunately for you, dear reader, and our cartoon comrades, the RSA Conference was recently held in San Francisco. RSA is to cybersecurity solutions and offerings what CES is to the latest gadgets and gizmos. Essentially, this year’s 33,000 attendees were treated to the smarter security solutions that will be thwarting the ever-growing organizational skill and savvy of cybercriminals the world over.

To showcase some highlights from RSA that will stop tomorrow’s ransomware from ramshackling IT infrastructures, we asked the Great Dawnack to divine the contents inside a few hermetically sealed envelopes. Before we open the first envelope, though, we’d like to offer a big thanks to Johnny Carson’s alter ego, Carnack, for letting us borrow his bit.

What Range Is Hotter Than an Electrolux With Road Flares on Top?

The answer is the IBM Security X-Force Command Center. From this bat cave for corporate protection, RSA attendees learned how IBM Security analysts can simulate the latest attack vectors against almost any corporate IT configuration. Like a real firing range, the command center’s cyber range scenarios enable companies to prepare for the worst without the danger of downtime or loss of data.

Much More Than Elementary!

Also unveiled at RSA was the IBM answer to the hottest topic of 2017 in and outside of cybersecurity — machine learning. With IBM’s Cognitive Security Operations Center (SOC), powered by Watson for Cyber Security, human analysts receive a new shield against threats that continue to mount in sheer number and sophistication.

Today’s security analyst is faced with between 10 to 20 incidents per day, and each incident could have thousands of articles, blogs and other research resources needed to stop and then remediate the issue. With IBM QRadar Advisor with Watson at the heart of tomorrow’s SOC, cognitive research sits at analysts’ fingertips to cull through materials, correlate relevant research and provide human-ready remediation steps to rectify threats and keep networks to endpoints safe and secure.

Down With IoT — Better Get Ready!

The ultimate lesson from RSA, though, is preparedness. As the Internet of Things (IoT) expands the enterprise footprint with rapidly reproducing endpoints, waiting for attacks will be a surefire recipe for disaster. For every new tracking device, printer, thermostat or even smart coffeemaker brought into the office, cybercriminals are already ahead of the game to use these seemingly benign devices as entry points into other systems and more valuable data.

Thankfully, IBM and other security vendors are here so you don’t have to visit flea markets looking for a functional crystal ball.

Watch the on-demand webinar to learn more about the Cognitive Security Operations Center

More from Intelligence & Analytics

Email campaigns leverage updated DBatLoader to deliver RATs, stealers

11 min read - IBM X-Force has identified new capabilities in DBatLoader malware samples delivered in recent email campaigns, signaling a heightened risk of infection from commodity malware families associated with DBatLoader activity. X-Force has observed nearly two dozen email campaigns since late June leveraging the updated DBatLoader loader to deliver payloads such as Remcos, Warzone, Formbook, and AgentTesla. DBatLoader malware has been used since 2020 by cybercriminals to install commodity malware remote access Trojans (RATs) and infostealers, primarily via malicious spam (malspam). DBatLoader…

New Hive0117 phishing campaign imitates conscription summons to deliver DarkWatchman malware

8 min read - IBM X-Force uncovered a new phishing campaign likely conducted by Hive0117 delivering the fileless malware DarkWatchman, directed at individuals associated with major energy, finance, transport, and software security industries based in Russia, Kazakhstan, Latvia, and Estonia. DarkWatchman malware is capable of keylogging, collecting system information, and deploying secondary payloads. Imitating official correspondence from the Russian government in phishing emails aligns with previous Hive0117 campaigns delivering DarkWatchman malware, and shows a possible significant effort to induce a sense of urgency as…

X-Force releases detection & response framework for managed file transfer software

5 min read - How AI can help defenders scale detection guidance for enterprise software tools If we look back at mass exploitation events that shook the security industry like Log4j, Atlassian, and Microsoft Exchange when these solutions were actively being exploited by attackers, the exploits may have been associated with a different CVE, but the detection and response guidance being released by the various security vendors had many similarities (e.g., Log4shell vs. Log4j2 vs. MOVEit vs. Spring4Shell vs. Microsoft Exchange vs. ProxyShell vs.…

Unmasking hypnotized AI: The hidden risks of large language models

11 min read - The emergence of Large Language Models (LLMs) is redefining how cybersecurity teams and cybercriminals operate. As security teams leverage the capabilities of generative AI to bring more simplicity and speed into their operations, it's important we recognize that cybercriminals are seeking the same benefits. LLMs are a new type of attack surface poised to make certain types of attacks easier, more cost-effective, and even more persistent. In a bid to explore security risks posed by these innovations, we attempted to…