Kuiper ransomware detection and response with Wazuh
The Kuiper ransomware is a strain of ransomware written in Golang that encrypts data on various endpoints such as Windows, macOS, and Linux in exchange for money. It utilizes a...
Blog search results for 'Anthony Faruna'
Showing 8 of 8 resultsDeploying Wazuh agents using Windows Group Policy Objects (GPO)
In this case, we will learn how to deploying the Wazuh agent on a Windows Active Directory infrastructure using Group Policy Objects (GPO).
Blackbit ransomware detection with Wazuh
Blackbit ransomware is a variant of the LokiLocker ransomware. It utilizes sophisticated techniques to encrypt and obstruct data recovery. The ransomware is built on the Ransomware-as-a-service (RaaS) model. RaaS is...
CrossLock ransomware detection with Wazuh
CrossLock ransomware is a recent strain of ransomware developed using the Go programming language, making it harder to reverse engineer. The ransomware is capable of infecting several platforms, including Windows...
Monitoring SFX archives with Wazuh
Our new blog post shows how to detect SFX archives exhibiting suspicious behavior with Wazuh.
How to detect Active Directory attacks with Wazuh [Part 2 of 2]
In this blog post, we continue showing how Wazuh can detect some common Active Directory attacks using Windows security logs.
How to detect Active Directory attacks with Wazuh [Part 1 of 2]
This blog shows how Wazuh can detect some common Active Directory attacks using Windows security logs and events captured on Sysmon.
Detecting Lockbit 3.0 ransomware with Wazuh
Lockbit ransomware uses a broad range of techniques to target organizations worldwide. Check our new blog post to learn how to detect Lockbit 3.0 ransomware with Wazuh