Using NetMon to Detect Modbus-Based SCADA Attacks With LogRhythm NetMon, you can analyze traffic flow between supervisory control and data acquisition (SCADA) systems, helping prevent major breaches of industrial control grids. As control platforms, SCADA systems are geographically spread across…
Read MoreNovember 1, 2017
Earlier this month, LogRhythm proudly released LogRhythm CloudAI—the most recent chapter in our User and Entity Behavior Analytics (UEBA) story. LogRhythm CloudAI uses machine learning to apply behavioral analytics to user behavior. By modeling user behavior to uncover security relevant…
Read MoreOctober 31, 2017
Update: Further analysis of the code revealed new information regarding the spread of Bad Rabbit across the network. This post has been updated to reflect this new information. Bad Rabbit Ransomware Background On the afternoon of October 24, 2017 (BST),…
Read MoreOctober 27, 2017
A pattern of high-profile network breaches happens repeatedly: An attacker gains a foothold on a single computer in the network—usually through use of a phishing scam or other well-known initial compromise method. Next, the attacker uses domain administrator credentials—stolen from…
Read MoreOctober 24, 2017
The LogRhythm Journey Begins Nearly 15 years ago, Phil Villella and I set out to change the definition of security information and event monitoring (SIEM). Our motivation originated in two fundamental beliefs: First, U.S. companies and agencies were running blind…
Read MoreOctober 10, 2017
LogRhythm Senior Malware Analyst, Erika Noerenberg, is on the front lines of decoding today’s headline cyberattacks. The cybersecurity industry is marked by a lack of gender diversity, and malware analysts often find themselves at the center of this exclusivity. In…
Read MoreOctober 2, 2017
