Notice: LogRhythm nor the author of this blog post are liable for any illegal activities conducted with this information. LogRhythm does not condone or support such activity. This post is simply a proof-of-concept to explore the risks of open wireless…
Read MoreJune 18, 2014
Researchers at the University of Michigan recently released a new scanning and probing utility called ZMap capable of scanning hosts over 1300 times faster than the common open source tool NMap. In testing it was able to scan the entire…
Read MoreAugust 27, 2013
LogRhythm has been involved in the authoring of the Cybersecurity Framework as outlined in one of my previous blog posts. Although the framework is still being drafted, and won’t be released for public comment until later in the year, the White…
Read MoreAugust 8, 2013
After attending Black Hat and DEFCON this year, I noticed that there wasn’t an overarching theme, like the Cloud, APTs or Big Data that prior years have seemed to focus on. Given the recent disclosures about NSA surveillance programs, privacy was…
Read MoreAugust 3, 2013
This year I was fortunate enough to be able to attend the Black Hat 2013 conference in Las Vegas. The opening keynote by General Alexander set the mood for what I think will be a common trend throughout the rest…
Read MoreAugust 1, 2013
When a client authenticates with a Web application, a session is established. Usually a unique, pseudo-random session ID is generated and passed from the client to the Web application with each HTTP request that is made. This session ID might be…
Read MoreMarch 20, 2013
The recent compromise at The Hartford Insurance Company highlights the fact that AV software by itself isn’t always an adequate defense—even for malware that has been in the wild for quite some time. It was reported that a W32-Qakbot variant was…
Read MoreApril 13, 2011
