LogRhythm Blog

Check out the latest security tips and tricks, news, and insights and join in the conversation.

War Game Cyber Attacks

Last week Barack Obama and David Cameron announced that the US and UK would implement a rolling program of “war game” cyber attacks on each other, which will be conducted by the FBI, GCHQ and MI5. Targeting critical national infrastructure,…

Read More

Catching the “Inception Framework” Phishing Attack

A new sophisticated, layered and targeted malware has been hitting Russia and Russian interests lately, and is starting to spread out. This has been named “Inception Framework” because of its massively layered design, in reference to the 2010 “Inception” movie.…

Read More

Kippo Honeypot: Log Replay Automation

Kippo is one of my favorite honeypots due to its sheer simplicity, portability, and ease-of-use. It comes with a really neat feature that allows you to replay what the attacker did once they gained access to the honeypot by way…

Read More

Moonpig API flaw left unfixed for 17 months

Earlier this week, online greetings card company Moonpig took its API offline as a flaw was enabling orders to be placed on customer accounts by hackers. The flaw, identified by researcher Paul Price, allowed hackers to bypass authentication security and…

Read More

A Successful SIEM Deployment: Truth or Fantasy?

“A Successful SIEM deployment: truth or fantasy”…a controversial opening statement one might say for a consultant who works for a SIEM provider (LogRhythm) and preaches the virtues of the technology. Am I saying that a successful SIEM deployment is a…

Read More

Detecting DNS Tunneling

All kind of different services, like web browsing, email, active directory, etc., use the Domain Name System (DNS) protocol to turn IP addresses into human readable names and vice versa. DNS was never intended to be used for data transfer,…

Read More