Running RSA NetWitness in Google Cloud
Tags
| attack-pattern: | Data Python - T1059.006 Software - T1592.002 Ssh - T1021.004 Tool - T1588.002 |
Common Information
| Type | Value |
|---|---|
| UUID | cabec7ea-f916-4022-86c5-f51ca722e0e2 |
| Fingerprint | 1a41bc7190b624f1 |
| Analysis status | DONE |
| Considered CTI value | 1 |
| Text language | |
| Published | Nov. 6, 2018, 8:10 p.m. |
| Added to db | Jan. 18, 2023, 9:24 p.m. |
| Last updated | Nov. 17, 2024, 5:57 p.m. |
| Headline | NetWitness Community |
| Title | Running RSA NetWitness in Google Cloud |
| Detected Hints/Tags/Attributes | 38/1/15 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 50 | cloud.google.com |
|
| Details | Domain | 2 | rd.lvm.lv |
|
| Details | Domain | 1 | rd.shell |
|
| Details | Domain | 8 | www.cyberciti.biz |
|
| Details | Domain | 2 | packages.cloud.google.com |
|
| Details | File | 1 | nw11.vmdk |
|
| Details | File | 1 | el7-dvd.iso |
|
| Details | IPv4 | 2 | 11.2.0.0 |
|
| Details | Threat Actor Identifier - APT | 297 | APT27 |
|
| Details | Url | 1 | https://cloud.google.com/compute/docs/instances/linux-guest-environment |
|
| Details | Url | 1 | https://cloud.google.com/compute/docs/gcloud-compute |
|
| Details | Url | 1 | https://www.cyberciti.biz/faq/howto-setting-rhel7-centos-7-static-ip-configuration |
|
| Details | Url | 1 | https://packages.cloud.google.com/yum/repos/google-cloud-compute-el7-x86_64 |
|
| Details | Url | 1 | https://packages.cloud.google.com/yum/doc/yum-key.gpg |
|
| Details | Url | 1 | https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg |