Security Spotlight

Disable Windows Event Logging – Security Spotlight

The “Security Spotlight” blog series provides insight into emerging cyberthreats and shares tips for how you can leverage LogRhythm’s security tools, services, and out-of-the-box content to defend against attacks. In this Security Spotlight, we’ll be talking about a technique attackers…

Read More

November 28, 2023

Detecting Token Impersonation – Security Spotlight

The “Security Spotlight” blog series provides insight into emerging cyberthreats and shares tips for how you can leverage LogRhythm’s security tools, services, and out-of-the-box content to defend against attacks. In this Security Spotlight, we’ll be talking about a common method…

Read More

November 21, 2023

Detecting Domain Name Abuse – Security Spotlight

The “Security Spotlight” blog series provides insight into emerging cyberthreats and shares tips for how you can leverage LogRhythm’s security tools, services, and out-of-the-box content to defend against attacks. In this Security Spotlight, we’ll be talking about a cool open-source…

Read More

November 14, 2023

How LOLBAS Is Used in MS Process Abuse – Security Spotlight

How LOLBAS Is Used in MS Process Abuse – Security Spotlight

The “Security Spotlight” blog series provides insight into emerging cyberthreats and shares tips for how you can leverage LogRhythm’s security tools, services, and out-of-the-box content to defend against attacks. In this Security Spotlight, we’ll be talking about LOLBAS and highlighting…

Read More

November 7, 2023

Security Spotlight - Enhanced Reporting with Grafana

Enhance Your Reporting with Grafana – Security Spotlight

The “Security Spotlight” blog series provides insight into emerging cyberthreats and shares tips for how you can leverage LogRhythm’s security tools, services, and out-of-the-box content to defend against attacks. In this Security Spotlight, we’ll be talking about enhancing your reporting…

Read More

November 2, 2023

Enable RDP Locally - Security Spotlight

Remote Desktop Protocol Misuse – Security Spotlight

The “Security Spotlight” blog series provides insight into emerging cyberthreats and shares tips for how you can leverage LogRhythm’s security tools, services, and out-of-the-box content to defend against attacks. In this Security Spotlight, we’ll be talking about Remote Desktop Protocol…

Read More

October 30, 2023

Detecting AWS Unauthenticated Cross-Account Attacks – Security Spotlight

The “Security Spotlight” blog series provides insight into emerging cyberthreats and shares tips for how you can leverage LogRhythm’s security tools, services, and out-of-the-box content to defend against attacks. Amazon Web Services (AWS) has a shared responsibility model that brings…

Read More

October 26, 2023

Account Discovery: Windows – Security Spotlight

The “Security Spotlight” blog series provides insight into emerging cyberthreats and shares tips for how you can leverage LogRhythm’s security tools, services, and out-of-the-box content to defend against attacks. In this Security Spotlight, we’ll be talking about how adversaries may…

Read More

October 24, 2023

Monitoring BITSAdmin Misuse – Security Spotlight

The “Security Spotlight” blog series provides insight into emerging cyberthreats and shares tips for how you can leverage LogRhythm’s security tools, services, and out-of-the-box content to defend against attacks.  In this Security Spotlight, we’ll be talking about BITS, and…

Read More

October 17, 2023

SCR File Execution Using Rundll32 – Security Spotlight

The “Security Spotlight” blog series provides insight into emerging cyberthreats and shares tips for how you can leverage LogRhythm’s security tools, services, and out-of-the-box content to defend against attacks.  In this Security Spotlight, we’ll be talking about the execution…

Read More

October 12, 2023

Detecting Raspberry Pi on the Network – Security Spotlight

The “Security Spotlight” blog series provides insight into emerging cyberthreats and shares tips for how you can leverage LogRhythm’s security tools, services, and out-of-the-box content to defend against attacks.  In this Security Spotlight, we’ll be talking about the Raspberry…

Read More

October 10, 2023

Monitoring Virtual Network Computing – Security Spotlight

The “Security Spotlight” blog series provides insight into emerging cyberthreats and shares tips for how you can leverage LogRhythm’s security tools, services, and out-of-the-box content to defend against attacks. In this Security Spotlight, we’ll be talking about monitoring Virtual Network…

Read More

October 5, 2023

Credential Dumping LSASS via comsvsc.dll – Security Spotlight

The ‘Security Spotlight’ series of blogs is written in accompaniment with the YouTube series of the same name, which is aimed at providing quick visibility and understanding into how you can leverage the LogRhythm platform against a variety of threats.…

Read More

October 3, 2023

Tips to Monitor Disabled and Deleted User Accounts – Security Spotlight

The ‘Security Spotlight’ series of blogs is written in accompaniment with the YouTube series of the same name, which is aimed at providing quick visibility and understanding into how you can leverage the LogRhythm platform against a variety of threats.…

Read More

September 28, 2023

Monitoring Users Opening Malicious Files – Security Spotlight

The ‘Security Spotlight’ series of blogs is written in accompaniment with the YouTube series of the same name, which is aimed at providing quick visibility and understanding into how you can leverage the LogRhythm platform against a variety of threats. …

Read More

September 26, 2023