Skip navigation


Top & Trending
Halim Abouzeid
In this post, I will quickly go through some aspects of the WannaCry ransomware from the perspective of RSA NetWitness Endpoint and Packets. This would allow to help detect, investigate and analyze such compromises.     If we first look at the modules dropped by the malware, we can see 5 main modules. 4 of the modules are labeled as

Kevin Stear
In a world where the Internet makes sense to casual users “IP addresses (IPv4) follow the dot-decimal notation, which is four numbers, each ranging from 0 to 255, separated by dots. But then, to make things a little more complicated, we have exceptions, such as the non-dotted IP literals, in decimal (http://2130706433/) or