Collaborate Disseminate
Remote internships can provide a wide range of benefits. Whether you’re a current student or a recent graduate, an internship gives you the chance to apply your skills, advance your career, and try new things. A remote internship may seem…
The post Top… Continue reading Top 8 Benefits of a Remote Internship at LogRhythm
In the months since the global pandemic impacted the U.S., people shifted to new ways of working and living, and new obstacles to overcome. As if the Covid-19 pandemic wasn’t challenging enough, this year we’ve already witnessed prominent cybersecurity… Continue reading Highlights from RSAC 2021: Zero Trust, XDR, Cybersecurity Careers, and More
As cybercrime continues to grow, your network’s security remains a top priority. To protect your network from potential threats, better access control over your network is paramount. Without it, you could be leaving your organization vulnerable to thre… Continue reading LogRhythm and Zscaler Partner to Streamline Website Access Control
You have lots of security tools at your disposal, but do they help you visualize your data to identify threats or quickly resolve security incidents? Do you know what your data is telling you? LogRhythm uses security information and event…
The post Eve… Continue reading Every Security Incident has a Story
While many organizations focus on outside threats, network security shouldn’t be neglected. Having greater visibility into the websites people are searching and the files they are downloading in your network should be a priority. To strengthen your net… Continue reading Automate URL and File Blacklisting with Netskope and LogRhythm
TL;DR First and foremost, apply patches to the Exchange infrastructure. Assume compromise. It’s been reported that the attackers launched a massive compromise attack against 60,000+ Exchange Servers before patches became available, and many other attac… Continue reading A Guide to Detecting Microsoft Exchange Zero-Day Exploits
Security professionals are widely adopting MITRE ATT&CK™ for network threat hunting. ATT&CK stands for Adversarial Tactics, Techniques and Common Knowledge, and it represents a globally accessible information base of adversary tactics and techn… Continue reading Network Threat Hunting Made Easy With the MistNet NDR MITRE ATT&CK™ Engine
TL/DR Qualys has reported that Sudo, before 1.9.4p2, has a heap-based buffer overflow vulnerability that allows privileged escalation to root via “sudoedit -s” and a command-line argument that ends with a single backslash character. Detecting a success… Continue reading How to Audit and Test for Sudo’s CVE-2021-3156 with LogRhythm
TL/DR Methods to detect when a certificate is exported from a Windows system are discussed in detail below using the audit log “Certificate Services Lifecycle Notifications” and collecting the log messages with “MS Windows Event Logging XML – Generic” … Continue reading Windows Certificate Export: Detections Inspired by the SolarWinds Compromise
As remote work has become the norm for many enterprises, organizations are struggling with the troubling reality of rising insider threats. Whether the results are from careless or negligent employees or malicious insiders, it’s crucial to arm your org… Continue reading Code42 and LogRhythm Partner to Protect Against Insider Threats