Open in app

Sign in

Write

Sign in

Dan Crossley
Dan Crossley

50 Followers

Home

About

Published in

Coinmonks

·Pinned

A COVID Vaccination Passport Scheme Based on IOTA

Do you remember what it was like to be able to travel freely overseas to any country? Unfortunately a little thing called COVID-19 has put a stop to all that. …

Iota

6 min read

A COVID Vaccination Passport Scheme Based on IOTA
A COVID Vaccination Passport Scheme Based on IOTA
Iota

6 min read


Pinned

What is a LOLBIN?

To me, the phrase ‘Attackers Living off the Land’ evokes imagery of a foreign army sacking and plundering the countryside. Like Attila the Huns’ destructive campaign through Gaul in 451CE. During this destructive campaign, Attila had pillaged much of medieval Gaul, before withdrawing back to his homeland after the Battle…

Malware

3 min read

What is a LOLBIN?
What is a LOLBIN?
Malware

3 min read


Pinned

A Basic Malware Analysis Walkthrough

Found a suspicious file that you think could be malware, but you don't know what to do? Read on! Malware is a term used to describe any ‘malicious software’ which will cause damage to a computer. Malware has caused significant financial damage to organisations for some decades. The most common…

Malware

11 min read

What to do if you find a dodgy file, and don't know what to do!
What to do if you find a dodgy file, and don't know what to do!
Malware

11 min read


Pinned

Tracking Malware and Threat Actor Activity with Process Monitoring

Part 2: How to Enable Process Creation Events and How they can Track Malware and Threat Actor Activity This is the second part of a three-part blog series discussing Windows process creation events. Part 1 introduced process creation events and discussed why they should be enabled. In post, we will firstly look at how to enable process creation events, then look at a number of examples that describe…

Infosec

12 min read

Tracking Malware and Threat Actor Activity with Process Monitoring
Tracking Malware and Threat Actor Activity with Process Monitoring
Infosec

12 min read


May 28, 2021

Introducing LogRhythm.Tools

LogRhythm.Tools is a PowerShell framework which acts as a wrapper for the LogRhythm API. This simplifies interactions with the LogRhythm API because you only need to run a PowerShell cmdlet to call an API function, rather than a direct interaction with your own code. Automating tasks with the LogRhythm API…

Siem

4 min read

Introducing LogRhythm.Tools
Introducing LogRhythm.Tools
Siem

4 min read


Published in

Coinmonks

·May 27, 2021

Monitoring a Blockchain with a SIEM

In this article, I will explore the possibility of monitoring a blockchain network with a traditional SIEM tool. But first, some background.. What is a Blockchain? At the risk of alienating the non-technical reader, a blockchain is a distributed data structure which stores records with a cryptographic integrity guarantee. This means that it is…

Blockchain

9 min read

Monitoring a Blockchain with a SIEM
Monitoring a Blockchain with a SIEM
Blockchain

9 min read


May 26, 2021

6 Steps to Using the LogRhythm API

This article will show you how to use the LogRhythm SIEM API. It is important to understand what the API can do and how you can use it. This will help you get better value from your SIEM deployment. A Practical Use Case To showcase use of the API, we will walk through a…

Siem

5 min read

6 Steps to Using the LogRhythm API
6 Steps to Using the LogRhythm API
Siem

5 min read


Apr 29, 2021

A Guided Threat Hunting Expedition with LogRhythm CloudAI

Threat hunting is a great way of uncovering cyber-attacks or malicious activity within your environment which would otherwise have gone undetected. This post outlines a small, guided and task-oriented hunting expedition. In this expedition we will be looking for evidence of account compromise or insider threat activity by examining authentication…

Security

5 min read

A Guided Threat Hunting Expedition with LogRhythm CloudAI
A Guided Threat Hunting Expedition with LogRhythm CloudAI
Security

5 min read


Jan 9, 2021

How to Hunt for Credential Misuse with a SIEM

Credential Misuse is a risky but common practice. Such as when someone uses their domain credentials to run a service or a script. This is risky because a bad guy could get hold of the script, which means that the person then has the credentials. Like what happened to this…

Infosec

5 min read

How to Hunt for Credential Misuse with a SIEM
How to Hunt for Credential Misuse with a SIEM
Infosec

5 min read


Jan 7, 2021

Tracking Malware and Threat Actor Activity with Process Monitoring

Part 3: Centralising Process Creation Events with a SIEM This is the third part of a three-part blog series discussing Windows process creation events. Part 1 introduced process creation events and discussed why they should be enabled. Part 2 showed how to enable process creation events and gave some examples showing why they are valuable for threat detection. We…

Infosec

5 min read

Tracking Malware and Threat Actor Activity with Process Monitoring
Tracking Malware and Threat Actor Activity with Process Monitoring
Infosec

5 min read

Dan Crossley

Dan Crossley

50 Followers

https://uk.linkedin.com/in/crossleydaniel

Following
  • Dan Pedersen

    Dan Pedersen

  • Youssef Hosni

    Youssef Hosni

  • Richard de Vries

    Richard de Vries

  • Anton Chuvakin

    Anton Chuvakin

  • Barack Obama

    Barack Obama

See all (70)

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams