Phobos ransomware has become a growing concern due to its tactics in targeting state and territorial governments. The ransomware group compromises Windows endpoints using phishing as the primary method to...
Cloud Security Posture Management (CSPM) is essential to ensuring the security and compliance of cloud environments. In cloud computing, the potential for security misconfigurations is significantly high due to mismanagement...
Cloud Security Posture Management (CSPM) is important in ensuring the security and compliance of cloud environments. In cloud computing where organizations can quickly and easily provision, configure, and modify cloud...
njRAT, also known as Bladabindi, is a remote access trojan (RAT) designed to allow an attacker remotely control an infected Windows endpoints. The malware gained significant attention in 2020 after...
Google Cloud Platform (GCP) is a highly scalable cloud computing platform offered by Google. It provides organizations with several cloud-based services, including computing, storage, machine learning, and data analytics. GCP...
This blog post shows how to leverage Wazuh to monitor and analyze security events in VMware ESXi endpoints and detect any malware present.
In this blog post, we use Sysmon integration and the Wazuh security configuration assessment module to detect RedLine infostealer.
Check our new blog post to learn how to analyze the Indicators of Compromise (IOCs) of Chaos malware and mitigate the infection using Wazuh.