Supercharged Protection: Preventing EV Chargers Cyberattacks with LogRhythm
Posted by: Leonardo Hutabarat
In today’s digital age, cyberattacks are becoming increasingly frequent and sophisticated, posing serious threats to both digital and physical infrastructures. Incidents like Stuxnet, which targeted power plants, have demonstrated the dangerous interrelationship between cyberattacks and physical damage. As the adoption…
Read MoreJune 18, 2024
Prevention & Cure: Countermeasures Against Healthcare Cyberattacks
Posted by: Syed Hasan Rizvi
A recent successful cyberattack on a large technology provider for hospitals and pharmacies in the US has left patients unable to obtain their medication. This attack is a reminder that healthcare cyberattacks are not stopping, and a successful attack will…
Read MoreMarch 4, 2024
Detecting Volt Typhoon TTPs – Security Spotlight
Posted by: Syed Hasan Rizvi
The “Security Spotlight” blog series provides insight into emerging cyberthreats and shares tips for how you can leverage LogRhythm’s security tools, services, and out-of-the-box content to defend against attacks. Last week, the Cybersecurity and Infrastructure Security Agency (CISA) released a…
Read MoreFebruary 13, 2024
Detecting OS Credential Dumping done via WDigest – Security Spotlight
The “Security Spotlight” blog series provides insight into emerging cyberthreats and shares tips for how you can leverage LogRhythm’s security tools, services, and out-of-the-box content to defend against attacks. In this Security Spotlight, we’ll be talking about OS Credential Dumping…
Read MoreDecember 21, 2023
Monitoring USB Usage with Windows Logs – Security Spotlight
The “Security Spotlight” blog series provides insight into emerging cyberthreats and shares tips for how you can leverage LogRhythm’s security tools, services, and out-of-the-box content to defend against attacks. In this Security Spotlight, we’ll be talking about how you can…
Read MoreDecember 14, 2023
Disable Windows Event Logging – Security Spotlight
The “Security Spotlight” blog series provides insight into emerging cyberthreats and shares tips for how you can leverage LogRhythm’s security tools, services, and out-of-the-box content to defend against attacks. In this Security Spotlight, we’ll be talking about a technique attackers…
Read MoreNovember 28, 2023
Detecting Token Impersonation – Security Spotlight
The “Security Spotlight” blog series provides insight into emerging cyberthreats and shares tips for how you can leverage LogRhythm’s security tools, services, and out-of-the-box content to defend against attacks. In this Security Spotlight, we’ll be talking about a common method…
Read MoreNovember 21, 2023
Detecting Domain Name Abuse – Security Spotlight
The “Security Spotlight” blog series provides insight into emerging cyberthreats and shares tips for how you can leverage LogRhythm’s security tools, services, and out-of-the-box content to defend against attacks. In this Security Spotlight, we’ll be talking about a cool open-source…
Read MoreNovember 14, 2023
How LOLBAS Is Used in MS Process Abuse – Security Spotlight
The “Security Spotlight” blog series provides insight into emerging cyberthreats and shares tips for how you can leverage LogRhythm’s security tools, services, and out-of-the-box content to defend against attacks. In this Security Spotlight, we’ll be talking about LOLBAS and highlighting…
Read MoreNovember 7, 2023
Enhance Your Reporting with Grafana – Security Spotlight
The “Security Spotlight” blog series provides insight into emerging cyberthreats and shares tips for how you can leverage LogRhythm’s security tools, services, and out-of-the-box content to defend against attacks. In this Security Spotlight, we’ll be talking about enhancing your reporting…
Read MoreNovember 2, 2023
Remote Desktop Protocol Misuse – Security Spotlight
The “Security Spotlight” blog series provides insight into emerging cyberthreats and shares tips for how you can leverage LogRhythm’s security tools, services, and out-of-the-box content to defend against attacks. In this Security Spotlight, we’ll be talking about Remote Desktop Protocol…
Read MoreOctober 30, 2023
Detecting AWS Unauthenticated Cross-Account Attacks – Security Spotlight
The “Security Spotlight” blog series provides insight into emerging cyberthreats and shares tips for how you can leverage LogRhythm’s security tools, services, and out-of-the-box content to defend against attacks. Amazon Web Services (AWS) has a shared responsibility model that brings…
Read MoreOctober 26, 2023
Account Discovery: Windows – Security Spotlight
The “Security Spotlight” blog series provides insight into emerging cyberthreats and shares tips for how you can leverage LogRhythm’s security tools, services, and out-of-the-box content to defend against attacks. In this Security Spotlight, we’ll be talking about how adversaries may…
Read MoreOctober 24, 2023
Monitoring BITSAdmin Misuse – Security Spotlight
The “Security Spotlight” blog series provides insight into emerging cyberthreats and shares tips for how you can leverage LogRhythm’s security tools, services, and out-of-the-box content to defend against attacks. In this Security Spotlight, we’ll be talking about BITS, and…
Read MoreOctober 17, 2023
SCR File Execution Using Rundll32 – Security Spotlight
The “Security Spotlight” blog series provides insight into emerging cyberthreats and shares tips for how you can leverage LogRhythm’s security tools, services, and out-of-the-box content to defend against attacks. In this Security Spotlight, we’ll be talking about the execution…
Read MoreOctober 12, 2023
Detecting Raspberry Pi on the Network – Security Spotlight
The “Security Spotlight” blog series provides insight into emerging cyberthreats and shares tips for how you can leverage LogRhythm’s security tools, services, and out-of-the-box content to defend against attacks. In this Security Spotlight, we’ll be talking about the Raspberry…
Read MoreOctober 10, 2023
Monitoring Virtual Network Computing – Security Spotlight
The “Security Spotlight” blog series provides insight into emerging cyberthreats and shares tips for how you can leverage LogRhythm’s security tools, services, and out-of-the-box content to defend against attacks. In this Security Spotlight, we’ll be talking about monitoring Virtual Network…
Read MoreOctober 5, 2023
Credential Dumping LSASS via comsvsc.dll – Security Spotlight
The ‘Security Spotlight’ series of blogs is written in accompaniment with the YouTube series of the same name, which is aimed at providing quick visibility and understanding into how you can leverage the LogRhythm platform against a variety of threats.…
Read MoreOctober 3, 2023