Enhancing macOS protection with Wazuh
Since version 4.3.0, Wazuh introduced a new technique for collecting logs from macOS endpoints using the unified logging system (ULS). ULS is available in macOS 10.12 and later. Wazuh uses...
Blog search results for 'Openime Oniagbi'
Showing 6 of 6 resultsDetecting hoaxshell with Wazuh
Our new blog post shows how Wazuh can detect generic and obfuscated hoaxshell payloads and other attacks that abuse PowerShell.
Detecting Dirty Pipe vulnerability with Wazuh (CVE-2022-0847)
A vulnerability in the Linux kernel, dubbed “Dirty Pipe”, allows unprivileged users to overwrite data in read-only files. This can allow users to gain access to root privileges on the...
Detecting process injection attacks with Wazuh
Process injection is a defense evasion technique used by adversaries to execute malicious code within legitimate processes. When malware runs its code in the context of another process, it can...
Detecting Pandora Ransomware with Wazuh
Pandora Ransomware gained notoriety in March 2022 when DENSO, a well-known giant in the automotive industry was compromised. After this, several malware researchers analyzed Pandora samples and agree that it...
Detecting malicious URLs using Wazuh and URLhaus
URLhaus is a project operated by abuse.ch. The purpose of the project is to collect, track, and share malware URLs, helping network administrators and security analysts to protect their networks and...