Network Threat Hunting Made Easy With the MistNet NDR MITRE ATT&CK™ Engine
Security professionals are widely adopting MITRE ATT&CK™ for network threat hunting. ATT&CK stands for Adversarial Tactics, Techniques and Common Knowledge, and it represents a globally accessible information base of adversary tactics and techniques based on real-world observations. MITRE ATT&CK provides…
Read More
February 26, 2021
How to Audit and Test for Sudo’s CVE-2021-3156 with LogRhythm
Posted by: Brian Coulson
TL/DR Qualys has reported that Sudo, before 1.9.4p2, has a heap-based buffer overflow vulnerability that allows privileged escalation to root via “sudoedit -s” and a command-line argument that ends with a single backslash character. Detecting a successful exploit of the…
Read More
February 23, 2021
Zero Trust Framework: A Guide to Implementation
Posted by: Kelsey Gast
Implementing a Zero Trust framework across an organization requires leading with a “never trust and always verify” mindset to secure your data and resources. Over the years, organizations have increasingly implemented Zero Trust frameworks into their environment because technological advancements…
Read More
February 22, 2021
Water Critical Infrastructure Cybersecurity: Detecting an Attack
Posted by: Ashok Chokalingam
The need for water critical infrastructure (CI) cybersecurity has become a growing concern as a recent cyberattack has made national headlines. On February 8, 2021, a hacker modified chemicals in a water treatment plant in Oldsmar, Florida. During a press…
Read More
February 20, 2021
Threat Detection in the Public Cloud: Cloud Security Solutions
There is no debating it; the public cloud is here to stay, and therefore, the need for cloud security solutions continue to increase. According to Gartner, spending on public cloud services is forecast to grow 18.4% in 2021, totaling $304.9…
Read More
February 19, 2021
How to Enable Process Creation Events to Track Malware and Threat Activity
Posted by: Dan Crossley
This is the second part of a blog series discussing Windows process creation events. Part one introduced process creation events and discussed why they should be enabled. In this post, we will take a deeper dive and first look at…
Read More
February 11, 2021