blog

Catching Beaconing Malware

When a computer becomes infected with malware, it will usually begin to beacon out to a command and control server. This is one of the ways that commodity malware checks in with its command and control infrastructure to await further instructions. But it can be difficult to detect this activity. The beaconing can take place at any time or frequency—from once every couple of seconds to once a week (or possibly even longer if you are dealing with an advanced adversary).

How Far Cyber Criminals Will Go to Get Your PII

Everyone who works in security deals with phishing emails to some extent—some more than others. In fact, most of us in the security industry see so many phishing attacks on a daily basis that they are not all that interesting anymore. However, every once in awhile, a scammer will actually take the time to prepare and deploy more believable campaigns and target personally identifiable information (PII) in a more persistent way.

Do You Know Your Network?

Knowing what or who is on your network at work and at home is all too important. See how I detected unauthorised application communication via Network Monitor Freemium.

Five Steps to Defend Against Ransomware

Understanding what happens at each phase of a ransomware attack, and knowing the IOCs to look for, increases the likelihood of being able to successfully defend against—or at least mitigate the effects of—an attack.

How to Detect and Respond to Ransomware: A Video Use Case

Imagine you're going about your day, and then you see it—an alarm in the LogRhythm Security Intelligence Platform that ransomware has been detected by the AI Engine. But how? And what has been detected? Watch the video demo to learn how you can automate incident response for ransomware threats.