LogRhythm Labs
What Are Living Off the Land Attacks?
In the physical world, “living off the land” simply means to survive only by the resources that you can harvest from the natural land. There may be multiple reasons for doing this ...
Getting Started with PCI DSS Compliance
If your business is involved in the processing of credit card payments, you are likely required to comply with the Payment Card Industry Data Security Standards (PCI DSS). Navigating the questions around ...
4 PCI DSS Compliance Questions Every Security Analyst Should Ask
If you are involved in taking payment for a good or service of any kind, you are likely required to comply with the Payment Card Industry Data Security Standards (PCI DSS) requirements. This ...
How to Leverage Case Playbooks for Compliance
Mature security processes should involve leveraging playbooks to guide their responses to potential breaches and ensure compliance with regulations. These playbooks serve as dynamic blueprints, outlining predefined steps, protocols, and best practices ...
Artificial Intelligence – A Danger to Patient Privacy?
Industries worldwide have integrated artificial intelligence (AI) into their systems as it promotes efficiency, increases productivity, and quickens decision-making. ChatGPT certainly raised eyebrows as it demonstrated similar characteristics at the start of its ...
Defending Against Multi-Factor Authentication Fatigue Attacks
Implementing a multi-factor authentication (MFA) solution in your organization adds significant protection against user account compromise, but by no means is MFA hacker-proof. There are many tactics cybercriminals use to defeat MFA ...
Detecting Follina (CVE-2022-30190): Microsoft Office Zero-Day Exploit
Follina (CVE-2022-30190) is a Microsoft Office zero-day vulnerability that has recently been discovered. It’s a high-severity vulnerability that hackers can leverage for remote code execution (RCE) attacks. To help you prevent a ...
The LAPSUS$ Supply Chain Attack: Third-Party Playbooks and Detections
How to leverage third-party incident response procedures to detect threats using SIEM Detecting fraudulent authentication and authorized activity is difficult at best. Many businesses face challenges when detecting fraudulent use of their ...
Threat Hunting Anomalous DNS and LDAP Activity with Trend Rules
The recent Log4Shell (CVE-2021-44228) vulnerability is the impetus to creating this blog and discussing how you can use LogRhythm AI Engine (AIE) “Trend rules” to effectively detect anomalous behavior. This approach can ...
Top Ransomware Detection Techniques
Ransomware is defined as a type of malware that blocks access to data until a sum of money is paid. This niche type of cybercrime is now big business due to the ...