LogRhythm Security Spotlight
Cybersecurity insights to reduce noise, prioritize work, and quickly secure your environment
LogRhythm Security Spotlight
Learn About Trending Cyberthreats and How to Detect Them
There is a lot riding on the shoulders of security teams and with such high stakes at risk, it is more important than ever that organizations know how to defend their IT environments against the rising attack surface.
LogRhythm’s Security Spotlight video series shares key insights into trending cyberthreats to help you defend against evolving attacks. Tune in every week as our experts provide you with tips for how to improve your security maturity and use cases that are based on our customers’ needs when working with Analytic Co-Pilot team.
Watch Our Five Most Recent Security Spotlights
Microsoft Teams Cleartext Token Access
In this Security Spotlight, learn an overview on a security flaw in Microsoft Teams and how to detect it using LogRhythm SIEM.
Co-Pilot Customers can download and implement this rule from LogRhythm Community here.
Connect Teams and Close SecOps Gaps
In this Security Spotlight video, watch a quick overview on how you can integrate LogRhythm with Service Management tools to improve control over incident resolution.
Co-Pilot Customers can download and implement this rule from LogRhythm Community here.
Integrating MISP for Advanced Threat Intelligence
Malware Information Sharing Platform is an open source threat intel platform that leverages a structure data format that allows organizations to store key information, such as IP’s, domains or email addresses about threats they have experienced. Crucially, this information can then be linked to any future threats, creating a searchable repository or history of an organization’s threat exposure.
Co-Pilot Customers can enable this rule within you deployment from the LogRhythm Community.
Rename System Utilities
MITRE technique T1036.003 is a high-level technique adversaries use to evade detection and simplify compromise. Renaming system utilities allows attackers to leverage existing tools present on the target system, meaning that the requirement for additional payloads after initial access is greatly reduced.
Co-Pilot customers can download our detection rule from LogRhythm Community.
Dark Power Ransomware
In this Security Spotlight video, watch an overview of the ransomware group named Dark Power and approaches you can take to mitigate their threat. LogRhythm has detection rules for both LogRhythm SIEM and LogRhythm Axon to defend against this. Learn more from our video!
Co-Pilot customers can download the detection rule from LogRhythm Community.
3CX Supply Chain Attack
Supply chain attacks work by delivering viruses or other malicious software via a supplier or vendor rather than targeting individual end user organizations. Thankfully, these kinds of attacks are rare as they have a high technical skill requirement, but they appeal to threat actors because they can provide widespread access to victims from a single compromise. Recently, a Supply chain attack was exposed that had compromised a popular VOIP vendor, 3CX’s Desktop Application. Learn more in this video!
Co-Pilot customers can download the detection rule from LogRhythm Community.
View All Security Spotlights in the Playlist Below
Experience LogRhythm SIEM in action
See how you can mature your security operations by improving your time to detect and respond to threats. Schedule a demo with one of our team today.
