This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
JohnSimmons
Beginner
Beginner
since ‎2018-07-09
‎2021-04-13

User Statistics

  • 6 Posts
  • 0 Solutions
  • 16 Likes given
  • 10 Likes received

User Activity

Detecting Gh0st RAT in the RSA NetWitness Platform

2020-01-09
In order to defend their network effectively, analysts need to understand the threat landscape, and more specifically how individual threats present themselves in their tools. With that in mind, I started researching common Remote Access Trojans/Tool...

RSA NetWitness Detects New Phishing Vector

2019-03-25
On a recent engagement, I took a different approach to finding possible malicious files entering the customer's network. Rather than focusing on the e-mail, I looked for any RAR, macro-enabled office documents, and portable executable files (PE) ente...

RSA NetWitness Endpoint Detection of New Microsoft Zero-Day Vulnerability

2019-03-11
A question was posed to our team by one of the engineers; had we seen the new Chrome and Microsoft zero-day exploits using RSA NetWitness Endpoint? I honestly didn't even know about these exploits and so I had to do some research. I found the initial...

Custom TCP Shell and Mobile Messaging Apps

2019-02-23
During a recent customer engagement, I found the "customtcp shell" meta with some very interesting sessions. All of the traffic was using what appeared to be custom encryption and the destination IP was based in Korea. Of course, I knew this couldn't...
© 2022 RSA Security LLC or its affiliates. All rights reserved.