LogRhythm In The News Archive:
Heartbleed Bug Vulnerabilities Pervasive In Health-Care Industry, Security Experts Say
The software encryption bug known as Heartbleed could be especially damaging for hospitals and health-care organizations, which use a number of networks and public-facing web applications, security consultants told Bloomberg BNA.
Heartbleed: Security experts reality-check the 3 most hysterical fears
“While this is technically a ‘big deal,’ the exposure that this has received by the media is overblown,” says Greg Foss, senior security research engineer for LogRhythm, “especially when compared to other serious vulnerabilities that are responsibly disclosed every day, which few outside of the security community ever hear about.”
Consumers Can't Stanch Heartbleeding
The most common advice for consumers looking for a measure of protection from the Heartbleed bug is to change the passwords to your websites. "Follow normal best practices for online identity information," said Matt Willems, an engineer with LogRhythm Labs. "Change your passwords regularly, and if an online service says your information may be at risk, follow their directions."
More Than A Half-Million Servers Exposed To Heartbleed Flaw
Heartbleed may be one of the biggest Internet security events since security expert Dan Kaminsky found and helped coordinate a fix for the massive Domain Name Service (DNS) caching vulnerability in 2008. Bruce Schneier gives Heartbleed an 11 rating on an ascending scale of 1 to 10, and security companies and experts are issuing warnings of the severity of the bug.
Web Security and Phishing
Greg Foss LogRhythm Security Research Engineer discusses the topic of phishing and how to better protect yourself on the web today.
Senators Blame Target Execs for Big Data Breach
In the aftermath of the 2013 Target breach where hackers stole personal information from millions of customers, the United States Government seek to tighten up cyber security.
LogRhythm v6.2 Receives 5 Stars from SC Magazine
Peter Stephenson of SC Magazine awarded LogRhythm v6.2 a 5 out of 5 stars. After highlighting LogRhythm's powerful correlation and forensic analysis tools Stephenson concluded "Customers willing to invest in support services will be very pleased with the performance of this product."
The Morning Download: Moore's Law Could Be At Risk (login required)
The Morning Download comes from the editors of CIO Journal and cues up the most important news in business technology every weekday morning. The Download highlights "Big Data Still 'A New Frontier' For Most of The Public Sector" by Taylor Armerding.
Big Data Still 'A New Frontier' For Most of The Public Sector
Taylor Armerding discusses that despite cutting edge technology used by the NSA, government agencies lag behind the private sector when it comes to Big Data security. LogRhythm Co-Founder and CTO Chris Petersen weighs in on the arguement.
RSA Conference 2014: 10 Security Companies to Watch
Discover the top 10 security companies to watch from RSA 2014 by Petri IT Knowledgebase. LogRhythm is proud of have made the list “LogRhythm has been making waves on the partner front, was recently positioned in the leader’s quadrant of a recent Gartner SIEM report, and is clearly a security vendor to watch for 2014 and beyond.”
Mac Malware Targets BitCoin Wallet Logins
Disguised as an app designed to send and receive payments on Bitcoin Stealth Addresses, the Trojan actually acts as a dropper and installs browser extensions that monitor all web traffic on the lookout for login credentials for sites such as BTC-e and MT. Gox.
eSecurity Planet Buying Guide: Big Data Apps for Security
Drew Robb of eSecurity Planet takes a look at four Big Data-driven security soluitons that can prevent data breaches before they happen. Learn more about the industry leading solutions
Advanced malware: the growing cyber menace
Things may have appeared low-key last year in terms of high-profile malware threats, but when it comes to government cyber security, the relative quiet of 2013 probably means we're just in the eye of the storm . . .
Point of sale systems targeted in retailer data thefts
SEATTLE – The hackers responsible for the wave of breaches at big retailers this holiday season very likely began testing a method to infect thousands of point of sale systems in big retail chains in January 2013.
"This is a well-funded adversary taking their time to develop very specific malware to go after very specific targets and a big pay day," says Chris Petersen, chief technology officer at security intelligence firm LogRhythm. "This is organized crime applied to cybercrime."
Bitcoin-stealing malware delivered via clever email campaign
According to LogRhythm researchers, a peek in the header reveals immediately that the email does not come from a personal email address, but was sent through Amazon’s Simple Email Service (often misused by spammers).
Network Baseline Information Key To Detecting Anomalies
"Establishing baseline data for normal traffic activity and standard configuration for network devices can go a long way to helping security analysts spot potential problems" as establishing baseline data, "makes it easier to track deviations from that baseline."
Industry Predictions for 2014; Part 5: Mobil
"Mobile devices are generally considered to be developing the 'perfect storm' for corporate security. The storm that is brewing comes from the collision of multiple fronts: the ubiquity of the devices, the growth of M-commerce, the maturity of the malware, and the nature of the users. 2014 may well prove to be the year that the industry's warnings come home to roost."