This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject

NetWitness Community

  • Home
  • Products
    • NetWitness Platform
      • Advisories
      • Documentation
        • Platform Documentation
        • Known Issues
        • Security Fixes
        • Hardware Documentation
        • Threat Content
        • Unified Data Model
        • Videos
      • Downloads
      • Integrations
      • Knowledge Base
    • NetWitness Cloud SIEM
      • Advisories
      • Documentation
      • Knowledge Base
    • NetWitness Detect AI
      • Advisories
      • Documentation
      • Knowledge Base
    • NetWitness Investigator
    • NetWitness Orchestrator
      • Advisories
      • Documentation
      • Knowledge Base
      • Legacy NetWitness Orchestrator
        • Advisories
        • Documentation
  • Community
    • Blog
    • Discussions
    • Events
    • Idea Exchange
  • Support
    • Case Portal
      • Create New Case
      • View My Cases
      • View My Team's Cases
    • Community Support
      • Getting Started
      • News & Announcements
      • Community Support Forum
      • Community Support Articles
    • Product Life Cycle
    • Support Information
    • General Security Advisories
  • Training
    • Blog
    • Certification Program
    • Course Catalog
      • Netwitness XDR
      • EC-Council Training
    • New Product Readiness
    • On-Demand Subscriptions
    • Student Resources
    • Upcoming Events
    • Role-Based Training
  • Technology Partners
  • Trust Center
Sign InRegister Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
AhmedSonbol1
Employee AhmedSonbol1
Employee
since ‎2016-01-13
‎2021-04-14

User Statistics

  • 48 Posts
  • 0 Solutions
  • 2 Likes given
  • 66 Likes received
  • NetWitness Community
  • About AhmedSonbol1

User Activity

  • Posts
  • Replies

Malspam delivers Keybase keylogger 2-11-2017

by AhmedSonbol1 2018-02-15 general.in NetWitness Community Blog
2018-02-15
Malspam activity was observed on February 11th delivering a Keybase variant. The keylogger was first reported by security researchers at Palo Alto Networks in 2015. FirstWatch previously blogged about how to detect it using RSA NetWitness. The delive...

Malspam delivers ISR Stealer 2-13-2017

by AhmedSonbol1 2018-02-14 general.in NetWitness Community Blog
2018-02-14
Malspam activity was observed on February 13th delivering a variant of ISR password stealer. ISR was reportedly used in spear phishing attacks against food and machine industries. In this blog post we will discuss the network activity using RSA NetWi...

Malspam delivers GandCrab ransomware 2-7-2017

by AhmedSonbol1 2018-02-08 general.in NetWitness Community Blog
2018-02-08
Malspam was observed on February 7th 2017 delivering GandCrab ransomware. GandCrab is a new ransomware family that was first reported in late January. This is the first time to see it being distributed via a malspam campaign [1]. This screenshot from...

A New Hancitor Campaign

by AhmedSonbol1 2018-01-25 general.in NetWitness Community Blog
2018-01-25
This week RSA FirstWatch observed a new malspam campaign delivering Hancitor malware. Hancitor is a downloader that was used by adversaries to deliver various malware families such as Pony and Zeus Panda Banker. Contrary to previous malspam campaigns...

Malspam delivers Ursnif Banking Trojan 1-12-2018

by AhmedSonbol1 2018-01-16 general.in NetWitness Community Blog
2018-01-16
Malspam was observed on January 12th 2018 delivering Ursnif (AKA Gozi). Ursnif is a Banking Trojan that was discovered in 2007. Originally it was targeting banking wire systems in English speaking countries. In the past decade, its list of target cou...
View more

Re: Detecting Taidoor variants using Security Analytics

by AhmedSonbol1 2017-05-17 general.in NetWitness Discussions
2017-05-17
Matthew,FireEye blog post is from 2013. The app rule in this post is based on the samples we analyzed in early 2016. -Ahmed
Likes from
User Count
RobertaStaniewi
New Contributor RobertaStaniewi New Contributor
1
KevinStear1
Employee KevinStear1
18
DanaAlNahawi
DanaAlNahawi Beginner
2
MaorFranco
Employee MaorFranco
3
RajasSave
Respected Contributor RajasSave Respected Contributor
4
View all
Likes given to
User Count
ReneleeManio
Occasional Contributor ReneleeManio Occasional Contributor
1
AnkushBaveja
AnkushBaveja Contributor
1
View all
Powered by Khoros
  • Blog
  • Events
  • Discussions
  • Idea Exchange
  • Knowledge Base
  • Case Portal
  • Community Support
  • Product Life Cycle
  • Support Information
  • About the Community
  • Terms & Conditions
  • Privacy Statement
  • Acceptable Use Policy
  • Employee Login
© 2022 RSA Security LLC or its affiliates. All rights reserved.