Detecting and responding to Lumma Stealer with Wazuh
Lumma Stealer, also known as LummaC2 Stealer, is a customizable malware written in C/C++ that allows for efficient and low-level...
Lumma Stealer, also known as LummaC2 Stealer, is a customizable malware written in C/C++ that allows for efficient and low-level...
Providing Ransomware protection on our endpoints is important as these attacks have become one of the most prevalent and damaging cyber threats faced by organizations and individuals. These types of attacks continue to rise due to the lucrative nature of ransom payments. Ransomware attacks adopt sophisticated techniques, such as advanced encryption algorithms and social engineering […]
Read moreProviding Ransomware protection on our endpoints is important as these attacks have become one of the most prevalent and damaging cyber threats faced by organizations and individuals. These types of attacks continue to rise due to the lucrative nature of ransom payments. Ransomware attacks adopt sophisticated techniques, such as advanced encryption algorithms and social engineering […]
Read moreSan Jose, California, September 2024 – Wazuh, a leading provider of open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, is pleased to announce its partnership with NewNet, a specialist in risk management services for information security, cybersecurity, and cloud solutions. This collaboration enhances NewNet’s Security Operations Center (SOC) capabilities […]
Read moreSan Jose, California, September 2024 – Wazuh, a leading provider of open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, is pleased to announce its partnership with NewNet, a specialist in risk management services for information security, cybersecurity, and cloud solutions. This collaboration enhances NewNet’s Security Operations Center (SOC) capabilities […]
Read moreLatrodectus malware is a sophisticated malware loader that has emerged as a significant threat in recent cyberattacks targeting Windows operating systems. Latrodectus is designed to deliver payloads and execute arbitrary commands on infected systems. Its distribution has been linked to threat actors TA577 and TA578, who have employed it in various threat campaigns. It is […]
Read moreLatrodectus malware is a sophisticated malware loader that has emerged as a significant threat in recent cyberattacks targeting Windows operating systems. Latrodectus is designed to deliver payloads and execute arbitrary commands on infected systems. Its distribution has been linked to threat actors TA577 and TA578, who have employed it in various threat campaigns. It is […]
Read moreSan Jose, California, October 2024 – Wazuh, a leading provider of open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, announces its partnership with iG2 Group Inc., a Canadian enterprise security provider specializing in Unified Intelligent Security Solutions. This collaboration is aimed at simplifying cybersecurity management and enhancing threat detection […]
Read moreSan Jose, California, October 2024 – Wazuh, a leading provider of open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, announces its partnership with iG2 Group Inc., a Canadian enterprise security provider specializing in Unified Intelligent Security Solutions. This collaboration is aimed at simplifying cybersecurity management and enhancing threat detection […]
Read moreSan Jose, California, September 2024 – Wazuh, a leading provider of open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, is pleased to announce its partnership with Wowrack, a global managed IT infrastructure provider with over two decades of expertise in cloud, data center, network, and security services. Since 2001, […]
Read moreSan Jose, California, September 2024 – Wazuh, a leading provider of open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, is pleased to announce its partnership with Wowrack, a global managed IT infrastructure provider with over two decades of expertise in cloud, data center, network, and security services. Since 2001, […]
Read moreCUPS (Common Unix Printing System) is a widely used printing system for Unix-like operating systems. It allows users to share printers over a network and provides a web-based interface for managing print jobs and configurations. However, in September 2024, several vulnerabilities were discovered in CUPS by Simone Margaritelli that could grant an attacker remote code […]
Read moreCUPS (Common Unix Printing System) is a widely used printing system for Unix-like operating systems. It allows users to share printers over a network and provides a web-based interface for managing print jobs and configurations. However, in September 2024, several vulnerabilities were discovered in CUPS by Simone Margaritelli that could grant an attacker remote code […]
Read moreMint Stealer is a Python-based malware that steals data from web browsers, cryptocurrency wallets, VPN clients, mail clients, game applications, and more. Mint Stealer is sold as a malware-as-a-service (MaaS), designed to covertly exfiltrate sensitive information from infected Windows endpoints to a command and control (C2) server. Mint Stealer uses encryption and obfuscation techniques to […]
Read moreMint Stealer is a Python-based malware that steals data from web browsers, cryptocurrency wallets, VPN clients, mail clients, game applications, and more. Mint Stealer is sold as a malware-as-a-service (MaaS), designed to covertly exfiltrate sensitive information from infected Windows endpoints to a command and control (C2) server. Mint Stealer uses encryption and obfuscation techniques to […]
Read morePureHVNC is a Remote Access Trojan (RAT) that focuses specifically on the stealthy remote control of Windows endpoints. The HVNC in PureHVNC stands for “Hidden Virtual Network Computing.” This means attackers can manipulate an endpoint remotely without the user’s awareness. PureHVNC malware is usually distributed through phishing campaigns that use urgent messaging to deceive victims […]
Read morePureHVNC is a Remote Access Trojan (RAT) that focuses specifically on the stealthy remote control of Windows endpoints. The HVNC in PureHVNC stands for “Hidden Virtual Network Computing.” This means attackers can manipulate an endpoint remotely without the user’s awareness. PureHVNC malware is usually distributed through phishing campaigns that use urgent messaging to deceive victims […]
Read moreDocker has revolutionized the way to deploy applications, offering scalability, consistency, and efficiency. However, these benefits come with security challenges that must be addressed to protect your infrastructure. The Center for Internet Security (CIS) Docker Benchmark provides a comprehensive set of guidelines to secure Docker environments. This blog post shows how to automate the compliance […]
Read moreDocker has revolutionized the way to deploy applications, offering scalability, consistency, and efficiency. However, these benefits come with security challenges that must be addressed to protect your infrastructure. The Center for Internet Security (CIS) Docker Benchmark provides a comprehensive set of guidelines to secure Docker environments. This blog post shows how to automate the compliance […]
Read moreWe are excited to announce the release of Wazuh 4.9.0. This update introduced support for journald log collection, integration with AWS Security Hub and improved compatibility with OpenSearch 2.13.0. Additionally, there are improvements to WPK packages and enhancements to the Endpoint Summary section in the Wazuh dashboard. Key highlights Wazuh integration with AWS Security Hub […]
Read moreWe are excited to announce the release of Wazuh 4.9.0. This update introduced support for journald log collection, integration with AWS Security Hub and improved compatibility with OpenSearch 2.13.0. Additionally, there are improvements to WPK packages and enhancements to the Endpoint Summary section in the Wazuh dashboard. Key highlights Wazuh integration with AWS Security Hub […]
Read moreNetwork and Information Systems (NIS2) is a European Union (EU) legislation raising cybersecurity standards for businesses due to new cyber threats across the EU. It’s an update and expansion of the original NIS (Network and Information Systems) directive adopted in 2016. NIS2 broadens the scope to include energy, transport, banking, public administration, and space sectors. […]
Read moreNetwork and Information Systems (NIS2) is a European Union (EU) legislation raising cybersecurity standards for businesses due to new cyber threats across the EU. It’s an update and expansion of the original NIS (Network and Information Systems) directive adopted in 2016. NIS2 broadens the scope to include energy, transport, banking, public administration, and space sectors. […]
Read moreSan Jose, California, August 2024 – Wazuh, a leading open-source platform for Security Information and Event Management (SIEM) and Extended Detection and Response (XDR), announces a strategic partnership with ActionLabs IT Services Philippines Corp., a company specializing in managed IT services across various industries. ActionLabs is a go to managed IT services provider, leveraging their […]
Read moreSan Jose, California, August 2024 – Wazuh, a leading open-source platform for Security Information and Event Management (SIEM) and Extended Detection and Response (XDR), announces a strategic partnership with ActionLabs IT Services Philippines Corp., a company specializing in managed IT services across various industries. ActionLabs is a go to managed IT services provider, leveraging their […]
Read moreCross-Cluster Search (CCS) in Wazuh allows alerts from remote Wazuh clusters to be queried and viewed at a centralized location. The centralized location known as the Cross-Cluster Search (CCS) environment is trusted by the remote Wazuh clusters, enabling it to perform search operations. This lets security alerts be seen via a single Wazuh dashboard at […]
Read moreCross-Cluster Search (CCS) in Wazuh allows alerts from remote Wazuh clusters to be queried and viewed at a centralized location. The centralized location known as the Cross-Cluster Search (CCS) environment is trusted by the remote Wazuh clusters, enabling it to perform search operations. This lets security alerts be seen via a single Wazuh dashboard at […]
Read more