There’s No Hacking in Baseball (or is There?)
One morning, last week, coffee in hand, I opened the sports page of my local newspaper and the top story wasn’t about the latest pitcher to toss a no-hitter. There was nothing on the front page about game 6 of…
Read More
June 29, 2015
Doing the Impossible: Building your Security Intelligence Maturity
“Start by doing what is necessary, then do what it possible; and suddenly you are doing the impossible.” – St. Francis of Assisi In my 3+ years as a LogRhythm Professional Services & Security Consultant, I have often found customers…
Read More
June 17, 2015
IRS Breach: “Criminals Access 100,000 IRS Tax Returns”
On June 3rd, I logged into my computer, opened up the BBC news and clicked to the Tech section. The top headline was “Criminals access 100,000 IRS tax returns.” My immediate reaction was “so that’s where all the Anthem data…
Read More
June 15, 2015
A Case of the Mondays: How a Routine Visit Discovered a Cyber Attack
Recently, I learned a valuable lesson from what appeared as though it would be a regular Monday. My day started off routinely, but along the way some surprising events unfurled. I was scheduled to go on-site with a federal customer…
Read More
June 9, 2015
LogJam Flaw Discovered
This week, security researchers revealed evidence of a new flaw, LogJam, which could allow hackers to weaken encrypted connections between a user and a web or email server. The vulnerability was discovered as part of investigations into the FREAK flaw,…
Read More
May 22, 2015
Security Awareness: Taking Advantage of Opportunity
Security Awareness is an incredibly important aspect of any security program. As we’ve seen in countless high-profile breaches, users are consistently the path of least resistance into any organization. Which is why training employees to identify ‘suspiciousness’ and react in…
Read More
May 1, 2015