Creating a Custom Feed Using Logs - With the Latest Entries Sorted by event.time
October 4, 2017
There is an Out-of-the-Box (OOTB) Identity feed which can be configured to create a recurring feed...
Frequently Asked Questions: RSA Ideas for the RSA NetWitness Platform
October 4, 2017
What are Ideas on RSA Link? How do I access the Ideas feature for my product? How do I create an...
MalSpam Delivers RAT SpyWare Quasar 9-27-2017
October 2, 2017
On September 27th, malspam delivered a malicious RTF document that tries to exploit Microsoft...
Coinhive for Monero Mining: who needs ads!?
September 26, 2017
Over the past several months, RSA FirstWatch has been avidly tracking the rise of crypto-currency...
Malspam delivers Jacksbot 9-23-2017
September 26, 2017
Malspam activity was noted on September 23rd 2017 delivering a Jacksbot variant to infected...
From IOC to Query - How to search your environment based on available research
September 26, 2017
By now the InfoSec community had a chance to digest the recent findings around the popular software...
Malspam delivers Cobalt Strike payload 9-19-2017
September 25, 2017
Malspam activity was noted on September 19th 2017 delivering a Cobalt Strike payload. The malicious...
If it bleeds...we can kill it!
September 23, 2017
UPDATE: The functionality from the custom Lua parser described below is now available within the...
Malspam delivers MoonWind 9-20-2017
September 22, 2017
CVE-2017-8759 remains popular this week in malspam world with more malicious documents trying to...
Malspam and CVE-2017-8759
September 18, 2017
On September 12th FireEye security researchers disclosed information about CVE-2017-8759, a SOAP...