Telecommunication Security Use Cases
Posted by: Leonardo Hutabarat
Attacks made against telcos and internet service providers (ISPs) have steadily risen. Distributed denial of service (DDoS) attackers launched an 11-day attack against a Chinese telco in 2017 — breaking the DDoS record that year. That same year, Kaspersky Lab…
Read More
January 6, 2021
How to Detect and Respond to SS7 Attacks — OT Telco Use Cases
Posted by: Leonardo Hutabarat
In the telecom environment, using Signaling System No.7 (SS7) protocol is very crucial, especially in 2G networks. If you’re wondering how SS7 works, SS7 protocol is an international telecommunications standard used to set up public switched telephone network (PSTN) and…
Read More
December 28, 2020
How to Detect and Search for SolarWinds IOCs in LogRhythm
Posted by: LogRhythm Labs
LogRhythm Labs has gathered up the indicators of compromise (IOCs) from CISA, Volexity, and FireEye associated with the recent SolarWinds supply chain attack and made them available in a GitHub repository for your convenience. Feel free to download and import…
Read More
December 23, 2020
Threat Hunting Framework: Three Steps to Translate Threat Reports into Actionable Steps
Posted by: Chi Doan
Thanks to Sally Vincent and Dan Kaiser from the LogRhythm Labs team for developing the process and guiding content described in this post. Threat research can be an invaluable asset to security teams when attempting to formulate a proactive stance…
Read More
December 21, 2020
How to Detect Exploits of FireEye Red Team Tools in Your Environment
Posted by: LogRhythm Labs
What The FireEye Breach Means for Security Operations Teams On December 8, 2020, FireEye announced that they had been “attacked by a highly sophisticated threat actor” and that they “found that the attacker targeted and accessed certain Red Team assessment…
Read More
December 11, 2020
LogRhythm MITRE ATT&CK Knowledge Base (KB) Module 2.0
Posted by: LogRhythm Labs
Major Update to the LogRhythm MITRE ATT&CK KB Module When LogRhythm originally developed and launched the MITRE ATT&CK Knowledge Base (KB) Module, we worked under MITRE ATT&CK’s version 6. MITRE is constantly developing the ATT&CK framework, and many changes have…
Read More
December 7, 2020
6 Cybersecurity Predictions for 2021
Posted by: LogRhythm Labs
Over the past few weeks, we’ve been reviewing our previous cybersecurity predictions (click here for part 1 and here for part 2 if you missed it). But now, it’s time to look to the future. After a team discussion, we…
Read More
December 7, 2020
LogRhythm 2021 Predictions: How COVID-19 and the Remote World Will Shape 2021
COVID-19 caused a rapid shift for organizations operating on-premise to remote operation, spiking cloud usage and large parts of the workforce increasingly becoming users of SaaS-based services. This has, in turn, created new pain points for CISOs, such as visibility…
Read More
December 4, 2020
Past Cybersecurity Predictions: A Look at What We Got Right — Part II
Posted by: LogRhythm Labs
In 2020, we learned that even a global pandemic can’t slow down cyberattacks, and threat actors are still very much at large seeking new ways to gain control of vital data and bring organizations to their knees. In addition to…
Read More
December 2, 2020
Past Cybersecurity Predictions: A Look at What We Got Right — Part I
Posted by: LogRhythm Labs
Around this time every year, leaders from across industries sit down to reflect on the trends they have seen over the course of the previous months and how these developments might shape the year ahead. At LogRhythm, it’s our annual…
Read More
November 24, 2020