LogRhythm Labs

The Custom Field Can be Specially Modified to Contain Malicious Code

Dynamic Data Exchange (DDE): Detection and Response, Part 1

Malicious actors have begun using Microsoft’s Dynamic Data Exchange (DDE) mechanism to deliver payloads via Microsoft Office documents instead of the traditional embedded macros or VBA code. Specially crafted Microsoft Office documents sent via email can be used to carry…

Read More
Spectre Registry - RIM AI Engine Rule

Ensure Your Systems Are Patched from Meltdown and Spectre Vulnerabilities

Contributors to this blog include Nathaniel Quist and Dan Kaiser. Last week, we provided background on Spectre and Meltdown vulnerabilities in our LogRhythm Labs Security Advisory on Spectre and Meltdown blog. In response to these vulnerabilities, LogRhythm Labs has developed…

Read More

Security Advisory: Meltdown and Spectre Vulnerabilities

Between January 3 and 4, 2018, three vulnerabilities in processor hardware were made public that affect nearly all modern architectures. Impacted architectures include Intel, AMD, and ARM. If successfully exploited, an unprivileged process on an affected system could read privileged…

Read More
LogRhythm Labs 2018 Information Security Predictions

8 Information Security Predictions for 2018

2017 has been another year full of front-page computer security events and incidents. Headlines have bulged with state-sponsored attacks, ransomware, leaks, and a continuing wave of data breaches. As we welcome 2018, we’ve not only reflected on the cyberattacks of…

Read More

One Compliance Module to Rule Them All: Consolidated Compliance Framework

The continued growth, proliferation, and awareness of cybersecurity as a necessary focus for all companies has helped revolutionize the global compliance landscape. A growing number of old regulations have been re-factored to include more stringent cybersecurity controls. New regulations are…

Read More

Information Security Predictions for 2017 – How Did We Do?

Around this time every year, we dust off our crystal ball, pull out the casting runes, and ruminate over what might happen in the world of Information Security in the year to come. While we are gathering information for our…

Read More

Phishing Intelligence Engine (PIE): Open-Source Release

We are pleased to announce the release of the LogRhythm Phishing Intelligence Engine (PIE), an integrated app with LogRhythm’s NextGen SIEM Platform. What is Phishing Intelligence Engine (PIE)? LogRhythm’s PIE can help streamline and automate the entire process of tracking,…

Read More

Bad Rabbit Ransomware Technical Analysis

Update: Further analysis of the code revealed new information regarding the spread of Bad Rabbit across the network. This post has been updated to reflect this new information. Bad Rabbit Ransomware Background On the afternoon of October 24, 2017 (BST),…

Read More

The Reality of Ransomware

As the ransomware landscape continues to quickly change and evolve, every CISO also needs to evolve their business continuity and disaster recovery plans to ensure the impacts of ransomware can be minimized. If you haven’t updated your business continuity and…

Read More

What is the GDPR and How Can You Prepare?

The General Data Protection Regulation (GDPR) is the world’s first attempt at implementing big data compliance regulation, and it seems to be inspiring some fear throughout the compliance industry. Now that GDPR has come to combat the uptick in cyberattacks,…

Read More