How to Detect Exploits of FireEye Red Team Tools in Your Environment
Posted by: LogRhythm Labs
What The FireEye Breach Means for Security Operations Teams On December 8, 2020, FireEye announced that they had been “attacked by a highly sophisticated threat actor” and that they “found that the attacker targeted and accessed certain Red Team assessment…
Read MoreDecember 11, 2020
LogRhythm MITRE ATT&CK Knowledge Base (KB) Module 2.0
Posted by: LogRhythm Labs
Major Update to the LogRhythm MITRE ATT&CK KB Module When LogRhythm originally developed and launched the MITRE ATT&CK Knowledge Base (KB) Module, we worked under MITRE ATT&CK’s version 6. The MITRE ATT&CK framework is constantly developing, and many changes have…
Read MoreDecember 7, 2020
6 Cybersecurity Predictions for 2021
Posted by: LogRhythm Labs
Over the past few weeks, we’ve been reviewing our previous cybersecurity predictions (click here for part 1 and here for part 2 if you missed it). But now, it’s time to look to the future. After a team discussion, we…
Read MoreDecember 7, 2020
LogRhythm 2021 Predictions: How COVID-19 and the Remote World Will Shape 2021
COVID-19 caused a rapid shift for organizations operating on-premise to remote operation, spiking cloud usage and large parts of the workforce increasingly becoming users of SaaS-based services. This has, in turn, created new pain points for CISOs, such as visibility…
Read MoreDecember 4, 2020
Past Cybersecurity Predictions: A Look at What We Got Right — Part II
Posted by: LogRhythm Labs
In 2020, we learned that even a global pandemic can’t slow down cyberattacks, and threat actors are still very much at large seeking new ways to gain control of vital data and bring organizations to their knees. In addition to…
Read MoreDecember 2, 2020
Past Cybersecurity Predictions: A Look at What We Got Right — Part I
Posted by: LogRhythm Labs
Around this time every year, leaders from across industries sit down to reflect on the trends they have seen over the course of the previous months and how these developments might shape the year ahead. At LogRhythm, it’s our annual…
Read MoreNovember 24, 2020
Ransomware Prevention Panel: How to Address a Pervasive and Unrelenting Threat
Watch this on-demand webcast to dive deeper into the themes explored in the SANS white paper “How to Address a Pervasive and Unrelenting Threat,” written by SANS instructor Justin Henderson. Along with Justin, you’ll learn from a panel of cybersecurity experts about how to protect against infection vectors, the latest trends in ransomware attacks, and how defending against ransomware changes when considering remote workforces.
Read MoreNovember 23, 2020
The State of Data Privacy. Do You Have Rights to Your Data?
Posted by: Rem Jaques
2020 has been full of surprises, but what’s not surprising is that we’re now more virtual than we have ever been. Consider the last 30 days of your life. Have you entered credit card information online? Did you allow said…
Read MoreNovember 23, 2020
What is ZeroLogon? How to Detect and Patch
Posted by: Brian Coulson
TL/DR What is ZeroLogon? In Layman’s Terms ZeroLogon is the name for a Microsoft cryptography vulnerability found in CVE-2020-1472 that makes it easy for cybercriminals to hack into your system by impersonating any computer. The Cybersecurity and Infrastructure Agency has…
Read MoreNovember 5, 2020
7 Common CISO Pain Points and How to Overcome Them
Working in cybersecurity has its clear benefits: bringing value to a vital industry, competitive pay, and a thriving job market. With any career, however, there will always be pain points and some aspects that are less exciting than others. As someone…
Read MoreNovember 1, 2020
NYDFS 500 First Enforcement Action
Posted by: Kyle Dimitt
In July 2020, the New York State Department of Financial Services (NYDFS) filed the first enforcement action under the NYDFS Cybersecurity Regulation, 23 NYCRR Part 500 (Part 500), against First American Title Insurance Company (First American), a large title insurance…
Read MoreOctober 8, 2020
What is the Zero Trust Model of Cybersecurity, Really?
The Zero Trust Model framework is the next evolution of our security model. Explore what exactly the Zero Trust model is and how companies have successfully implemented their own models. The Zero Trust Model Explained The original Zero Trust model…
Read MoreOctober 1, 2020
New Cybersecurity Maturity Model Certification (CMMC) Updates
Posted by: Kyle Dimitt
In our last blog, What DoD Contractors Need to Know About the New Cybersecurity Maturity Model Certification, we covered the essential components and driving factors behind the DoD’s new federal requirement. This post addresses some of the unanswered questions around…
Read MoreSeptember 21, 2020
SOAR: The Answer to the Cybersecurity Skills Gap and a Future in the Cloud
Cloud is exacerbating the cybersecurity skills gap, but the solution lies in SOAR. As organisations look to protect their data from sophisticated threat actors, there are two intertwining trends that need to be addressed: sweeping organisational migration to the cloud…
Read MoreJune 25, 2020
A Roundup of LogRhythm’s Most Visited Technical Blog Posts
The LogRhythm blog is an abundance of content and insight from our LogRhythm Labs team, security tips and tricks, threat research, infosec news, use cases from our customers, and more to help you stay at the top of your game…
Read MoreJune 19, 2020
Anatomy of a Hacker Group: APT29 (AKA Cozy Bear)
Watch the on-demand webinar now to learn from members of LogRhythm Labs’ threat research team and Randy Franklin Smith of Ultimate Windows Security, who will do a deep-dive into the APT29 threat group, their activities, and how you can automate the detection and mitigation of threats either associated with the group or that use similar techniques.
Read MoreJune 9, 2020
LogRhythm Joins NCCoE’s Technology Collaborators to Help Secure Telehealth Remote Patient Monitoring Ecosystem
It is with great excitement that I share LogRhythm’s involvement in the newest healthcare project from the National Cybersecurity Center of Excellence (NCCoE) — Securing Telehealth Remote Patient Monitoring Ecosystem. The project aims to provide a reference architecture that will…
Read MoreMay 21, 2020
A Security Analyst’s Guide to Monitoring Remote VPN Activity in the LogRhythm SIEM
Posted by: Brian Coulson
Remote work is no longer a trend, and is becoming the norm for many companies. Whether your organization has been practicing remote work for a while, or it is just beginning to adopt work-from-home policies, VPN monitoring — the ability…
Read MoreMay 21, 2020