Ready to Rule Your Network?
We're announcing a new NetMon Freemium contest, backed by cash prizes! Create a solution based on DPA rules, query rules, or dashboards and enter it to win.
Read MoreWe're announcing a new NetMon Freemium contest, backed by cash prizes! Create a solution based on DPA rules, query rules, or dashboards and enter it to win.
Read MoreLearn how LogRhythm’s Security Orchestration, Automation, and Response (SOAR) capabilities can achieve 24x7 monitoring and response to malware threats.
Read MoreThe WannaCry ransomware campaign is just the latest wave of malware to target exploits in core networking protocols. Fortunately, the SMB dropper traffic is very easy to detect with NetMon using a simple Query Rule.
Read MoreIf you are already using Microsoft Sysmon in your environment, then you might be wondering whether it is possible to detect WannaCry activity on your Sysmon-enabled Windows hosts. The answer is yes!
Read MoreRansomware that has been publicly named "WannaCry," “WCry” or "WanaCrypt0r" (based on strings in the binary and encrypted files) has spread to at least 74 countries as of Friday 12 May 2017. This blog addresses the technical analysis of the ransomware, mitigation, LogRhythm signatures, Network Monitor (NetMon) query rules, and indicators of compromise.
Read MoreOn the afternoon of Friday, May 12, 2017, what we refer to as version 2 of WannaCry ransomware started to infect systems of a private Spanish telecommunications company. This blog covers the ransomware background, a high-level technical overview, the kill switch, and advice for defending against WannaCry.
Read MoreLogRhythm User and Entity Behavior Analytics (UEBA) functionality is built in to LogRhythm’s AI Engine and takes action to neutralize threats as they progress through the Cyber Attack Lifecycle.
Read MoreUse these free tools to extract System Center Service Manager (SCSM) log files to troubleshoot remote SCSM agents or pull files from remote hosts.
Read MoreShamoon is a highly destructive malware that is capable of spreading to other Windows systems on the network, wiping any infected system at a specified date and time.
Read MoreReal-time visibility is key to completely understanding the current state of your IT infrastructure. In October 2014, Facebook made low-level operating system monitoring easier by...
Read More