Monitor Zoom Security and Privacy Risks Using the LogRhythm NextGen SIEM
Posted by: Andrew Hollister
The mass migration to remote working in recent times has caused an increased focus on the security of remote collaboration tools. LogRhythm has found a variety of these tools in our customer base and has built collection methods and analytics…
Read More
April 21, 2020
Detecting Young Domains with Palo Alto Networks and LogRhythm
Posted by: Brian Coulson
As the world continues dealing with a pandemic involving the coronavirus disease (COVID-19), malicious campaigns are well underway. For example, an opportunistic attacker will leverage a user’s sense of urgency and curiosity to prompt them to open a malicious email,…
Read More
April 9, 2020
5 PCI-DSS Compliance Questions Every Security Analyst Should Ask
Posted by: Kyle Dimitt
If you are involved in taking payment for a good or service of any kind, you are likely required to comply with the Payment Card Industry Data Security Standards (PCI-DSS). This comprehensive security framework and compilation of best practices applies…
Read More
April 9, 2020
Using Open-Source Intelligence to Detect Attacks Using Newly Created Domain Names
Posted by: LogRhythm Labs
When high-profile threats surface, they are often accompanied by a flurry of information sharing from security researchers and practitioners. The information they share can be delivered in a variety of formats. For example, following the recent malware activity surrounding the…
Read More
April 1, 2020
Detect Phishing Campaigns and Stolen Credentials with Custom AI Engine Rules
Posted by: LogRhythm Labs
Attackers have been known to take advantage of world events to increase their use of phishing, social engineering, malware delivery, and numerous other nefarious attacks. The recent COVID-19 pandemic is no exception as attackers are currently creating custom campaigns to…
Read More
March 31, 2020
Insights and Included Content to Protect Your Organization During Times of Crisis
Posted by: LogRhythm Labs
In times of crisis and uncertainty, nefarious threat actors have always preyed on the public and worked to exploit the situation for their benefit. The COVID-19 pandemic is no exception, as attackers have begun to masquerade and disguise common cyberattacks…
Read More
March 27, 2020
Living Off the Land Attacks with Scheduled Task
Posted by: Brian Coulson
In our previous living off the land (LotL) blog post, we discussed why attackers use tools that already exist in the environment to plan an attack. But what role does Microsoft Scheduled Tasks in an attacker’s plan? In this post, we’re…
Read More
March 10, 2020
LogRhythm Labs: Cybersecurity Expertise Delivered into Your LogRhythm Deployment
Posted by: Andrew Hollister
What is LogRhythm Labs? LogRhythm Labs is the team that researches and creates the content that goes into the LogRhythm NextGen SIEM Platform. The team mission is to: Research and deliver world-class security, compliance, intelligence, and operational risk content to protect our customers…
Read More
March 10, 2020
4 Trending Phishing Techniques: Real-Life Examples and Tips for Detection
Many successful attacks begin with a phishing email that some user falls for. And that’s why MITRE prominently features Spearphishing (T1192) as an Initial Access technique in ATT&CK. View the on-demand webinar with Ultimate Windows Security to learn about the latest phishing techniques used by attackers and how MITRE ATT&CK can help detect and remediate these threats.
Read More
March 9, 2020
Beware of Coronavirus Phishing Attempts — Tips to Keep Your Organization Safe
Coronavirus: it’s what every news outlet and person is talking about. With the outbreak of the infection, people want to stay up to date on the latest news and reports, so they’re looking up data and clicking on links to…
Read More
March 9, 2020
What Are Living Off the Land Attacks?
Posted by: Andrew Hollister
In the physical world, “living off the land” simply means to survive only by the resources that you can harvest from the natural land. There may be multiple reasons for doing this — perhaps you want to get “off the…
Read More
March 4, 2020
2019 in the Rearview, 2020 in the Windshield
Posted by: Andrew Hollister
2019 was a big year for IT security whichever way you choose to look at it. Huge volumes of records were exposed, loads of organizations experienced a ransomware attack, skimmers compromised countless websites, and European authorities issued massive fines under…
Read More
February 5, 2020
8 Cybersecurity Predictions for 2020
Posted by: LogRhythm Labs
As we do each year, the LogRhythm Labs team came together recently to reflect on the year in cybersecurity and think about what’s to come. 2019 was definitely interesting. Breaches continued to keep organizations on their toes, with over 5,000…
Read More
December 11, 2019
Examining the baseStriker Vulnerability
Posted by: Eric Brown
The zero-day “baseStriker” vulnerability is still widely in use, but do you know what to look out for if it finds its way into your organization? While 18 months have passed since Microsoft developed a fix for the vulnerability that…
Read More
November 14, 2019
Experts Weigh in on National Cybersecurity Awareness Program
In honor of National Cybersecurity Awareness Month, we sat down with some of our security experts to talk about their experience raising awareness in the industry and implementing cyber training. Read the interview to get their thoughts and some inspiration…
Read More
October 28, 2019
Exploring IT Operations with LogRhythm
Posted by: Julian Crowley
The LogRhythm NextGen SIEM Platform collects, classifies, and normalizes log data from over 800 unique source types. At LogRhythm, our focus has always been on identifying and mitigating security threats through monitoring, alarming, and event log correlation. And while we…
Read More
August 30, 2019
How to Balance Security Maturity and Compliance with LogRhythm
Compliance doesn’t guarantee prevention against a breach, and it never will. Various frameworks, legislation, and regulations are meant to lay part of the foundation for organizations to build and expand on; though this rarely is the case. While different industries…
Read More
April 22, 2019
Aligning the LogRhythm NextGen SIEM Platform with the MITRE ATT&CK Framework
Posted by: LogRhythm Labs
Contributors to this blog include Dan Kaiser and Brian Coulson. The MITRE ATT&CK framework is quickly becoming a focal point in the security world — and for good reason. This framework provides a consistent, industry-wide standard on which you can…
Read More
April 15, 2019