Submitting the form

All results for 'Benjamin Nworah'

Showing 11 of 11 results

Using Wazuh to detect Remcos RAT

Blog / Engineering / Using Wazuh to detect Remcos RAT

Remcos was originally produced in 2016 as a legitimate software by BreakingSecurity for managing Windows systems remotely. Remcos has been classified as a remote access trojan (RAT) because threat actors widely use it to perform malicious campaigns. Remcos is usually delivered by phishing emails, and it allows attackers to secretly take full control of infected […]

Daolpu infostealer detection and response with Wazuh

Blog / Engineering / Daolpu infostealer detection and response with Wazuh

Daolpu is a malware that steals sensitive information from infected Windows endpoints. This malware was first seen in July 2024, after CrowdStrike distributed a legitimate update to its Falcon product that caused widespread disruptions to Windows systems running this product. Due to this update, roughly 8.5 million Windows systems crashed and were unable to reboot […]

How Wazuh detects and responds to Mint Stealer

Blog / Engineering / How Wazuh detects and responds to Mint Stealer

Mint Stealer is a Python-based malware that steals data from web browsers, cryptocurrency wallets, VPN clients, mail clients, game applications, and more. Mint Stealer is sold as a malware-as-a-service (MaaS), designed to covertly exfiltrate sensitive information from infected Windows endpoints to a command and control (C2) server. Mint Stealer uses encryption and obfuscation techniques to […]

STRRAT detection with Wazuh

Blog / Engineering / STRRAT detection with Wazuh

STRRAT is a Java-based remote access trojan (RAT) that provides threat actors with full remote control of infected Windows endpoints. STRRAT focuses on stealing credentials from browsers and email clients like Microsoft Edge, Google Chrome, Mozilla Firefox, Microsoft Outlook, Mozilla Thunderbird, and Foxmail. It also steals credentials by recording keystrokes of infected endpoints.

Detecting Amadey malware with Wazuh

Blog / Engineering / Detecting Amadey malware with Wazuh

Amadey is a malware that steals sensitive information from infected Windows endpoints. This malware was first discovered in 2018 and has maintained a persistent botnet infrastructure since then. It has the capability to download additional malware from a command and control (C2) server on the infected endpoints. The malware sends stolen information to a remote […]

Detecting vulnerabilities in container images using Amazon ECR and Wazuh

Blog / Engineering / Detecting vulnerabilities in container images using Amazon ECR and Wazuh

Amazon Elastic Container Registry (ECR) is an Amazon Web Services (AWS) managed container image registry service that stores, shares, and deploys container images. Amazon ECR provides an image scanning feature that uses the Common Vulnerabilities and Exposure (CVEs) database from the open source Clair project to detect vulnerabilities in container images. AWS provides a template […]

Monitoring AWS Managed Microsoft Active Directory with Wazuh

Blog / Engineering / Monitoring AWS Managed Microsoft Active Directory with Wazuh

AWS Managed Microsoft Active Directory (AD) is an AWS Directory Service that provides users, businesses, and organizations different options to use Microsoft Active Directory (AD) with other AWS services. AWS Managed Microsoft AD stores information about users, groups, and devices, and system administrators use this Directory Service to manage access to this information.  AWS Managed […]

Monitoring PostgreSQL database with Wazuh

Blog / Engineering / Monitoring PostgreSQL database with Wazuh

PostgreSQL is an open source, highly stable database management system that uses several features to securely store and scale data workloads. PostgreSQL is supported by major operating systems such as Linux, macOS, Microsoft Windows, FreeBSD, OpenBSD, and Solaris. It is primarily used by users, organizations, and businesses to store data for mobile applications, websites, analytics […]

Introducing Wazuh 4.8.0

Blog / Releases / Introducing Wazuh 4.8.0

We are thrilled to announce the release of Wazuh 4.8.0. This update introduces a rework of the Wazuh Vulnerability Detector module and improvements to the Wazuh dashboard user interface (UI) and user experience (UX). It includes updates to the VirusTotal integration and the MITRE ATT&CK database among others. Key highlights Redesigned Vulnerability Detector module The […]

No results for 'Benjamin Nworah'

Please make sure that all words are spelled correctly.