Do You Trust Your Computer?
These past couple weeks have been a blur. I had the opportunity to attend and speak at both AppSecUSA and DerbyCon and can not say enough good things about these conferences. There were so many excellent talks and activities that…
Read More
October 3, 2014
Name Changes for AI Engine Rules
With the current Knowledge Base release, LogRhythm Labs will introducing the first round of changes to AI Engineâ„¢ Rule organization. This initial stage involves implementing a more intuitive naming scheme for AI Engine&trade Rules. (Note: compliance based Engine&trade Rules will…
Read More
October 1, 2014
Adding Items to a LogRhythm List via SmartResponse Plugins
SmartResponseâ„¢ Plugins allow LogRhythm alarm and AI Engine rules to launch nearly any scriptable action. The most widely-used SmartResponse Plugin is Add Item to List. This plugin makes additions to LogRhythm lists. For example, adding a benign IP or URL…
Read More
August 28, 2014
Taking Advantage of Default Settings
While at Black Hat this year I attend a great talk by security researcher Aditya K Sood. He discussed at length, the Fundamental Weaknesses in Botnet C&C Panels. One of the major talking points he hit on was the major…
Read More
August 7, 2014
Xfinity Pineapple
Notice: LogRhythm nor the author of this blog post are liable for any illegal activities conducted with this information. LogRhythm does not condone or support such activity. This post is simply a proof-of-concept to explore the risks of open wireless…
Read More
June 18, 2014
University of Michigan Releases ZMap
Posted by: Matt Willems
Researchers at the University of Michigan recently released a new scanning and probing utility called ZMap capable of scanning hosts over 1300 times faster than the common open source tool NMap. In testing it was able to scan the entire…
Read More
August 27, 2013