Hunting for HIDDEN COBRA with RSA NetWitness
December 1, 2017
By Kevin Stear, Justin Lamarre, Ahmed Sonbol and Kent Backman HIDDEN COBRA On November 14th 2017,...
RSA LogParserDiffTool
November 14, 2017
The "Log Parser Diff Tool" is a newly developed tool, by request of our customers, that performs a...
Inaudible Subversion - Did your Hi-Fi just subvert your PC?
November 3, 2017
While threat hunting, RSA FirstWatch came across a curious exposure in Windows PCs, involving...
RSA NetWitness Event Stream Analysis (ESA) Rules
October 31, 2017
LB4-W04 - RSA NetWitness Suite ESA / EPL Hands-On Lab- (Advanced) Angela Stranahan - Software...
Launching RSA Ideas
October 31, 2017
For years RSA has been in business of providing best-in-class security products and services to...
Sage Ransomware Campaign
October 20, 2017
During the week of October 16th 2017, RSA FirstWatch observed a new malspam campaign delivering...
Lua Parsing Template and Associated Reference Materials
October 20, 2017
If you attended my sessions on Lua Parsing in NetWitness, we referenced some materials as well as a...
MS Excel Command Execution Without Macros
October 16, 2017
There has recently been a reappearance of a method used to execute commands via malicious Excel...
Malspam targets Swiss with Retefe Banking Trojan
October 12, 2017
During the first week of October 2017, RSA FirstWatch identified a Malspam campaign targeting Swiss...
Malspam Delivers DarkComet RAT October-2017
October 12, 2017
On October 10th, 2017 malspam delivered a malicious RTF document that tries to exploit Microsoft...