Providing Ransomware protection on our endpoints is important as these attacks have become one of the most prevalent and damaging cyber threats faced by organizations and...
San Jose, California, September 2024 – Wazuh, a leading provider of open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, is pleased to announce its partnership with NewNet, a specialist in risk management services for information security, cybersecurity, and cloud solutions. This collaboration enhances NewNet’s Security Operations Center (SOC) capabilities […]
Read more
/ News
Wazuh and NewNet Announce Strategic Partnership to Enhance Cybersecurity Services
San Jose, California, September 2024 – Wazuh, a leading provider of open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, is pleased to announce its partnership with NewNet, a specialist in risk management services for information security, cybersecurity, and cloud solutions. This collaboration enhances NewNet’s Security Operations Center (SOC) capabilities […]
Read moreLatrodectus malware is a sophisticated malware loader that has emerged as a significant threat in recent cyberattacks targeting Windows operating systems. Latrodectus is designed to deliver payloads and execute arbitrary commands on infected systems. Its distribution has been linked to threat actors TA577 and TA578, who have employed it in various threat campaigns. It is […]
Read more
Detecting and responding to Latrodectus malware with Wazuh
Latrodectus malware is a sophisticated malware loader that has emerged as a significant threat in recent cyberattacks targeting Windows operating systems. Latrodectus is designed to deliver payloads and execute arbitrary commands on infected systems. Its distribution has been linked to threat actors TA577 and TA578, who have employed it in various threat campaigns. It is […]
Read moreSan Jose, California, October 2024 – Wazuh, a leading provider of open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, announces its partnership with iG2 Group Inc., a Canadian enterprise security provider specializing in Unified Intelligent Security Solutions. This collaboration is aimed at simplifying cybersecurity management and enhancing threat detection […]
Read more
/ News
Wazuh Announces Partnership with iG2 Group Inc
San Jose, California, October 2024 – Wazuh, a leading provider of open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, announces its partnership with iG2 Group Inc., a Canadian enterprise security provider specializing in Unified Intelligent Security Solutions. This collaboration is aimed at simplifying cybersecurity management and enhancing threat detection […]
Read moreSan Jose, California, September 2024 – Wazuh, a leading provider of open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, is pleased to announce its partnership with Wowrack, a global managed IT infrastructure provider with over two decades of expertise in cloud, data center, network, and security services. Since 2001, […]
Read more
/ News
Wazuh Announces Strategic Partnership with Wowrack
San Jose, California, September 2024 – Wazuh, a leading provider of open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, is pleased to announce its partnership with Wowrack, a global managed IT infrastructure provider with over two decades of expertise in cloud, data center, network, and security services. Since 2001, […]
Read moreCUPS (Common Unix Printing System) is a widely used printing system for Unix-like operating systems. It allows users to share printers over a network and provides a web-based interface for managing print jobs and configurations. However, in September 2024, several vulnerabilities were discovered in CUPS by Simone Margaritelli that could grant an attacker remote code […]
Read more
Detecting CUPS remote code execution vulnerability with Wazuh
CUPS (Common Unix Printing System) is a widely used printing system for Unix-like operating systems. It allows users to share printers over a network and provides a web-based interface for managing print jobs and configurations. However, in September 2024, several vulnerabilities were discovered in CUPS by Simone Margaritelli that could grant an attacker remote code […]
Read moreMint Stealer is a Python-based malware that steals data from web browsers, cryptocurrency wallets, VPN clients, mail clients, game applications, and more. Mint Stealer is sold as a malware-as-a-service (MaaS), designed to covertly exfiltrate sensitive information from infected Windows endpoints to a command and control (C2) server. Mint Stealer uses encryption and obfuscation techniques to […]
Read more
How Wazuh detects and responds to Mint Stealer
Mint Stealer is a Python-based malware that steals data from web browsers, cryptocurrency wallets, VPN clients, mail clients, game applications, and more. Mint Stealer is sold as a malware-as-a-service (MaaS), designed to covertly exfiltrate sensitive information from infected Windows endpoints to a command and control (C2) server. Mint Stealer uses encryption and obfuscation techniques to […]
Read morePureHVNC is a Remote Access Trojan (RAT) that focuses specifically on the stealthy remote control of Windows endpoints. The HVNC in PureHVNC stands for “Hidden Virtual Network Computing.” This means attackers can manipulate an endpoint remotely without the user’s awareness. PureHVNC malware is usually distributed through phishing campaigns that use urgent messaging to deceive victims […]
Read more
Detecting PureHVNC malware with Wazuh
PureHVNC is a Remote Access Trojan (RAT) that focuses specifically on the stealthy remote control of Windows endpoints. The HVNC in PureHVNC stands for “Hidden Virtual Network Computing.” This means attackers can manipulate an endpoint remotely without the user’s awareness. PureHVNC malware is usually distributed through phishing campaigns that use urgent messaging to deceive victims […]
Read moreDocker has revolutionized the way to deploy applications, offering scalability, consistency, and efficiency. However, these benefits come with security challenges that must be addressed to protect your infrastructure. The Center for Internet Security (CIS) Docker Benchmark provides a comprehensive set of guidelines to secure Docker environments. This blog post shows how to automate the compliance […]
Read more
Scanning Docker infrastructure against CIS Benchmark with Wazuh
Docker has revolutionized the way to deploy applications, offering scalability, consistency, and efficiency. However, these benefits come with security challenges that must be addressed to protect your infrastructure. The Center for Internet Security (CIS) Docker Benchmark provides a comprehensive set of guidelines to secure Docker environments. This blog post shows how to automate the compliance […]
Read moreWe are excited to announce the release of Wazuh 4.9.0. This update introduced support for journald log collection, integration with AWS Security Hub and improved compatibility with OpenSearch 2.13.0. Additionally, there are improvements to WPK packages and enhancements to the Endpoint Summary section in the Wazuh dashboard. Key highlights Wazuh integration with AWS Security Hub […]
Read more
/ Releases
Introducing Wazuh 4.9.0
We are excited to announce the release of Wazuh 4.9.0. This update introduced support for journald log collection, integration with AWS Security Hub and improved compatibility with OpenSearch 2.13.0. Additionally, there are improvements to WPK packages and enhancements to the Endpoint Summary section in the Wazuh dashboard. Key highlights Wazuh integration with AWS Security Hub […]
Read moreNetwork and Information Systems (NIS2) is a European Union (EU) legislation raising cybersecurity standards for businesses due to new cyber threats across the EU. It’s an update and expansion of the original NIS (Network and Information Systems) directive adopted in 2016. NIS2 broadens the scope to include energy, transport, banking, public administration, and space sectors. […]
Read more
Ensuring NIS2 compliance with Wazuh
Network and Information Systems (NIS2) is a European Union (EU) legislation raising cybersecurity standards for businesses due to new cyber threats across the EU. It’s an update and expansion of the original NIS (Network and Information Systems) directive adopted in 2016. NIS2 broadens the scope to include energy, transport, banking, public administration, and space sectors. […]
Read moreSan Jose, California, August 2024 – Wazuh, a leading open-source platform for Security Information and Event Management (SIEM) and Extended Detection and Response (XDR), announces a strategic partnership with ActionLabs IT Services Philippines Corp., a company specializing in managed IT services across various industries. ActionLabs is a go to managed IT services provider, leveraging their […]
Read more
/ News
Wazuh Partners with ActionLabs to Enhance Managed IT Services
San Jose, California, August 2024 – Wazuh, a leading open-source platform for Security Information and Event Management (SIEM) and Extended Detection and Response (XDR), announces a strategic partnership with ActionLabs IT Services Philippines Corp., a company specializing in managed IT services across various industries. ActionLabs is a go to managed IT services provider, leveraging their […]
Read moreCross-Cluster Search (CCS) in Wazuh allows alerts from remote Wazuh clusters to be queried and viewed at a centralized location. The centralized location known as the Cross-Cluster Search (CCS) environment is trusted by the remote Wazuh clusters, enabling it to perform search operations. This lets security alerts be seen via a single Wazuh dashboard at […]
Read more
Managing multiple Wazuh clusters with Cross-Cluster Search
Cross-Cluster Search (CCS) in Wazuh allows alerts from remote Wazuh clusters to be queried and viewed at a centralized location. The centralized location known as the Cross-Cluster Search (CCS) environment is trusted by the remote Wazuh clusters, enabling it to perform search operations. This lets security alerts be seen via a single Wazuh dashboard at […]
Read moreDaolpu is a malware that steals sensitive information from infected Windows endpoints. This malware was first seen in July 2024, after CrowdStrike distributed a legitimate update to its Falcon product that caused widespread disruptions to Windows systems running this product. Due to this update, roughly 8.5 million Windows systems crashed and were unable to reboot […]
Read more
Daolpu infostealer detection and response with Wazuh
Daolpu is a malware that steals sensitive information from infected Windows endpoints. This malware was first seen in July 2024, after CrowdStrike distributed a legitimate update to its Falcon product that caused widespread disruptions to Windows systems running this product. Due to this update, roughly 8.5 million Windows systems crashed and were unable to reboot […]
Read more
Keep up to date
with our digest of articles
with our digest of articles
Wazuh will not sell, trade, lease, or rent your personal data to third parties. By subscribing, I agree to the use of my personal data in accordance with Wazuh Privacy Policy.