LogRhythm Labs

A Roundup of LogRhythm’s Most Visited Technical Blog Posts

The LogRhythm blog is an abundance of content and insight from our LogRhythm Labs team, security tips and tricks, threat research, infosec news, use cases from our customers, and more to help you stay at the top of your game…

Read More

Anatomy of a Hacker Group: APT29 (AKA Cozy Bear)

Watch the on-demand webinar now to learn from members of LogRhythm Labs’ threat research team and Randy Franklin Smith of Ultimate Windows Security, who will do a deep-dive into the APT29 threat group, their activities, and how you can automate the detection and mitigation of threats either associated with the group or that use similar techniques.

Read More
Doctor working on digital tablet on hospital background

LogRhythm Joins NCCoE’s Technology Collaborators to Help Secure Telehealth Remote Patient Monitoring Ecosystem

It is with great excitement that I share LogRhythm’s involvement in the newest healthcare project from the National Cybersecurity Center of Excellence (NCCoE) — Securing Telehealth Remote Patient Monitoring Ecosystem. The project aims to provide a reference architecture that will…

Read More
Monitoring Remote Worker on VPN

A Security Analyst’s Guide to Monitoring Remote VPN Activity in the LogRhythm SIEM

Remote work is no longer a trend, and is becoming the norm for many companies. Whether your organization has been practicing remote work for a while, or it is just beginning to adopt work-from-home policies, VPN monitoring — the ability…

Read More

Deepen Your Remote Desktop Protocol Visibility with Log Sources

Remote desktop is a common feature in operating systems. It allows a user to connect to a computer in another location and interact with the desktop remotely. Microsoft implemented this capability via its Remote Desktop Protocol (RDP) for Windows desktop…

Read More

What DoD Contractors Need to Know About the New Cybersecurity Maturity Model Certification

The Cybersecurity Maturity Model Certification (CMMC) is a new requirement from the U.S. Department of Defense (DoD). It mandates that DoD contractors obtain third-party certification to ensure appropriate levels of cybersecurity practices are in place to meet “basic cyber hygiene,”…

Read More

Monitor Zoom Security and Privacy Risks Using the LogRhythm NextGen SIEM

The mass migration to remote working in recent times has caused an increased focus on the security of remote collaboration tools. LogRhythm has found a variety of these tools in our customer base and has built collection methods and analytics…

Read More

Detecting Young Domains with Palo Alto Networks and LogRhythm

As the world continues dealing with a pandemic involving the coronavirus disease (COVID-19), malicious campaigns are well underway. For example, an opportunistic attacker will leverage a user’s sense of urgency and curiosity to prompt them to open a malicious email,…

Read More

5 PCI-DSS Compliance Questions Every Security Analyst Should Ask

If you are involved in taking payment for a good or service of any kind, you are likely required to comply with the Payment Card Industry Data Security Standards (PCI-DSS). This comprehensive security framework and compilation of best practices applies…

Read More
RiskIQ COVID-19 Domain List

Using Open-Source Intelligence to Detect Attacks Using Newly Created Domain Names

When high-profile threats surface, they are often accompanied by a flurry of information sharing from security researchers and practitioners. The information they share can be delivered in a variety of formats. For example, following the recent malware activity surrounding the…

Read More