In the telecom environment, using Signaling System No.7 (SS7) protocol is very crucial, especially in 2G networks. If you’re wondering how SS7 works, SS7 protocol is an international telecommunications standard used to set up public switched telephone network (PSTN) and…
Read MoreDecember 28, 2020
LogRhythm Labs has gathered up the indicators of compromise (IOCs) from CISA, Volexity, and FireEye associated with the recent SolarWinds supply chain attack and made them available in a GitHub repository for your convenience. Feel free to download and import…
Read MoreDecember 23, 2020
Hard-coded is a term used to describe when a software developer embeds data directly into the source code of a program or script, rather than supplying it externally as a parameter. If the data consists of user credentials, this can…
Read MoreDecember 22, 2020
Thanks to Sally Vincent and Dan Kaiser from the LogRhythm Labs team for developing the process and guiding content described in this post. Threat research can be an invaluable asset to security teams when attempting to formulate a proactive stance…
Read MoreDecember 21, 2020
Scope High-risk vulnerabilities have been identified in the LogRhythm Web Console. Risk The risk of these vulnerabilities is high. However, “real-world” exploitation of the vulnerabilities does require certain pieces of information about the target organization’s LogRhythm NextGen SIEM and Web…
Read MoreDecember 16, 2020
The use of Docker containers is rapidly becoming the standard approach for most companies to deploy services in their environment; however, it also introduces risks and vulnerabilities. Explore the pros and cons of containers and how to mitigate Docker container…
Read MoreDecember 15, 2020
