Blackbit ransomware is a variant of the LokiLocker ransomware. It utilizes sophisticated techniques to encrypt and obstruct data recovery. The ransomware is built on the Ransomware-as-a-service (RaaS) model. RaaS is...
CrossLock ransomware is a recent strain of ransomware developed using the Go programming language, making it harder to reverse engineer. The ransomware is capable of infecting several platforms, including Windows...
Our new blog post shows how to detect SFX archives exhibiting suspicious behavior with Wazuh.
In this blog post, we continue showing how Wazuh can detect some common Active Directory attacks using Windows security logs.
This blog shows how Wazuh can detect some common Active Directory attacks using Windows security logs and events captured on Sysmon.
Lockbit ransomware uses a broad range of techniques to target organizations worldwide. Check our new blog post to learn how to detect Lockbit 3.0 ransomware with Wazuh