Security Tips and Tricks

“Make your money work for you.” It’s something that I’ve heard financial planners say for years. But recently, I started correlating this notion with what we do on a daily basis. In talking with others in the info sec space,…

October 16, 2015

As a multi-billion dollar company that makes everything, Acme Labs are rightly paranoid about the threats and resulting risks that they face. Just imagine if someone got a hold of their IP and used it for nefarious purposes. But, like…

October 15, 2015

With the release of LogRhythm 7, we introduced Precision Search. This feature helps you cut through the massive amount of data in your environment to identify specific information—all from one easy-to-use interface. With Precision Search, you can couple an unstructured…

October 14, 2015

The saying “a picture is worth a thousand words” has a lot of truth to it. And in the same manner, “a picture can be worth a thousand logs.” But how do you view the interactions of a thousand, a…

October 9, 2015

Posted by: Joe Partlow

Joe Partlow, CISO, is a guest blogger from ReliaQuest. He has been involved with InfoSec in some capacity or role for over 15 years, mostly on the defensive side, but has always been fascinated by those cool kids on offense.…

August 20, 2015

Detect Threats, Passively Identify Devices and Selectively Capture Packets NetMon release 2.7.1 implements the ability to add custom scripting rules that can run on every packet or flow, allowing automatic analysis of network metadata. This capability allows for advanced intrusion…

August 13, 2015

Live incident response and forensic data acquisition is often a very manual and time consuming process that leaves significant room for error and can even result in the destruction of evidence. There are many people involved when investigating an incident, which makes…

August 5, 2015

Over the last few days, we have been identifying another new phishing attack attempting to steal domain credentials. This particular example is isolated around the jimdo.com web hosting service. If you are not familiar with Jimdo, they essentially allow anyone…

July 15, 2015

In a recent survey, Security Spending and Preparedness in the Financial Sector, SANS polled various organizations within this sector to better understand their outlook on risks facing the organization. As a result, SANS made some suggestions that align with the…

July 2, 2015

Recently, Chris Petersen (LogRhythm’s CTO and Co-Founder) recently published the Security Operations Maturity Model (SOMM). The SOMM provides a systematic guide for an organization to assess and actively achieve a heightened security posture. In the SOMM, Chris stresses that the…

July 1, 2015

One morning, last week, coffee in hand, I opened the sports page of my local newspaper and the top story wasn’t about the latest pitcher to toss a no-hitter. There was nothing on the front page about game 6 of…

June 29, 2015

“Start by doing what is necessary, then do what it possible; and suddenly you are doing the impossible.” – St. Francis of Assisi In my 3+ years as a LogRhythm Professional Services & Security Consultant, I have often found customers…

June 17, 2015

Recently, I learned a valuable lesson from what appeared as though it would be a regular Monday. My day started off routinely, but along the way some surprising events unfurled. I was scheduled to go on-site with a federal customer…

June 9, 2015

This week, security researchers revealed evidence of a new flaw, LogJam, which could allow hackers to weaken encrypted connections between a user and a web or email server. The vulnerability was discovered as part of investigations into the FREAK flaw,…

May 22, 2015

Security Awareness is an incredibly important aspect of any security program. As we’ve seen in countless high-profile breaches, users are consistently the path of least resistance into any organization. Which is why training employees to identify ‘suspiciousness’ and react in…

May 1, 2015

In this installment of Lab’s weekly series, Security Awareness Training, we’ll be discussing appropriate methods for users remotely accessing corporate or cloud infrastructure. Many of us work remotely at some point and need to access corporate file shares and other…

April 9, 2015

Earlier this week, it was reported that British Airways had suffered a data breach which exposed the details of a number of frequent-flier Executive Club accounts. It is thought that the breach is the result of a third party that…

March 31, 2015

I’d like to talk a little bit about a new POS Malware variant called LogPOS. Being a researcher at LogRhythm I feel it is my duty to talk about any Malware with the word “log” in it. Ironically this malware…

March 16, 2015