We recently released NetWitness Platform XDR version 12.1 which
completed many initiatives related to detection content and policy
management and enables us to launch new, threat-centric content bundles.
These bundles focus on important elements rela...
Introduction As part of a larger content hygiene initiative begun
earlier this year, we have concluded the second phase which focused
exclusively on EDR (endpoint) application rules. During phase II of this
initiative, special emphasis was placed on ...
Introduction Volexity, industry-leading incident response and forensics
firm based out of Reston, Virginia, U.S.A., identified a new zero-day
(0-day) vulnerability in Atlassian’s Confluence Server software during
an engagement over the Memorial Day h...
‘Follina’ CVE-2022-30190 0-Day: What You Need To Know On May 27, 2022,
the NAO Security Cyber Security Research Team reported[i] that had
observed an interesting malicious document that had been submitted to
VirusTotal[ii], allegedly originating in B...
Background NetWitness Threat Research has identified a set of NetWitness
Threat Research Intelligence Content and Reports that will no longer
receive updates and are effectively being retired. They will remain
available within the ‘legacy’ branch of ...
Hello @EdPadilla, No, there were no replacements for those feeds. And to
date, there are no official plans to replace them or resurrect them
(identically) moving forward. We are working on net new feed concepts
and offerings however, I am not in a po...
Hi @EdPadilla, The reason that you cannot find them is that all of the
legacy RSA FirstWatch feeds were discontinued some time ago. This blog
post is from 2015-06-25 and the feeds that the author references are no
longer in service. For more informa...
Hello All! We wanted to alert you to some rule logic that our team
created to address this Atlassian Zero Day: [Community] Atlassian
Confluence RCE exploit(CVE-2022-26134) DESCRIPTION This app rule detects
Atlassian Confluence RCE exploit(CVE-2022-26...