What You See is Not What You Copy
Tricking users into copying different commands from what is displayed on a web page… OK, maybe I’m late to this party but I recently came across a very cool attack vector that I had not heard about until now. There’s…
Read MoreOctober 8, 2014
Do You Trust Your Computer?
These past couple weeks have been a blur. I had the opportunity to attend and speak at both AppSecUSA and DerbyCon and can not say enough good things about these conferences. There were so many excellent talks and activities that…
Read MoreOctober 3, 2014
Name Changes for AI Engine Rules
With the current Knowledge Base release, LogRhythm Labs will introducing the first round of changes to AI Engine™ Rule organization. This initial stage involves implementing a more intuitive naming scheme for AI Engine&trade Rules. (Note: compliance based Engine&trade Rules will…
Read MoreOctober 1, 2014
Adding Items to a LogRhythm List via SmartResponse Plugins
SmartResponse™ Plugins allow LogRhythm alarm and AI Engine rules to launch nearly any scriptable action. The most widely-used SmartResponse Plugin is Add Item to List. This plugin makes additions to LogRhythm lists. For example, adding a benign IP or URL…
Read MoreAugust 28, 2014
Taking Advantage of Default Settings
While at Black Hat this year I attend a great talk by security researcher Aditya K Sood. He discussed at length, the Fundamental Weaknesses in Botnet C&C Panels. One of the major talking points he hit on was the major…
Read MoreAugust 7, 2014
Xfinity Pineapple
Notice: LogRhythm nor the author of this blog post are liable for any illegal activities conducted with this information. LogRhythm does not condone or support such activity. This post is simply a proof-of-concept to explore the risks of open wireless…
Read MoreJune 18, 2014