Detecting exploitation of XZ Utils vulnerability (CVE-2024-3094) with Wazuh

Detecting exploitation of XZ Utils vulnerability (CVE-2024-3094) with Wazuh

Post icon
/ Engineering
By

In March 2024, a backdoor was detected within XZ Utils, earning the designation CVE-2024-3094. The vulnerability has a CVSS score of 10, indicating its potential for critical impact if exploited. The vulnerability affects XZ versions 5.6.0 and 5.6.1 and presents a serious threat to endpoints that run Unix-like operating systems.  Previously, we detailed how to […]

Read more
Post icon
/ Engineering

Detecting exploitation of XZ Utils vulnerability (CVE-2024-3094) with Wazuh

By

In March 2024, a backdoor was detected within XZ Utils, earning the designation CVE-2024-3094. The vulnerability has a CVSS score of 10, indicating its potential for critical impact if exploited. The vulnerability affects XZ versions 5.6.0 and 5.6.1 and presents a serious threat to endpoints that run Unix-like operating systems.  Previously, we detailed how to […]

Read more
Wazuh and DeltaGRiC sign a partnership agreement

Wazuh and DeltaGRiC sign a partnership agreement

Post icon
/ News
By

San Jose, California, May 2024 – Wazuh, a leader in open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, has partnered with DeltaGRiC, a cybersecurity solutions provider. “We’re thrilled to announce this partnership with DeltaGRiC,” said Alberto Gonzalez, COO of Wazuh. DeltaGRiC leverages Wazuh’s platform to deliver MDR services through […]

Read more
Post icon
/ News

Wazuh and DeltaGRiC sign a partnership agreement

By

San Jose, California, May 2024 – Wazuh, a leader in open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, has partnered with DeltaGRiC, a cybersecurity solutions provider. “We’re thrilled to announce this partnership with DeltaGRiC,” said Alberto Gonzalez, COO of Wazuh. DeltaGRiC leverages Wazuh’s platform to deliver MDR services through […]

Read more
Threat hunting using inventory data collected by Wazuh

Threat hunting using inventory data collected by Wazuh

Post icon
/ Engineering
By and

Wazuh detects threats and intruders in your system, undesired software, or incorrect parameters on a process. Learn how to create custom rules based on the system information of Wazuh agents.

Read more
Post icon
/ Engineering

Threat hunting using inventory data collected by Wazuh

By and

Wazuh detects threats and intruders in your system, undesired software, or incorrect parameters on a process. Learn how to create custom rules based on the system information of Wazuh agents.

Read more
Wazuh and Oznet sign a partnership agreement

Wazuh and Oznet sign a partnership agreement

Post icon
/ News
By

San Jose, California, April 2024 – Wazuh, a leader in open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, announces a new partnership with Oznet, a cybersecurity firm dedicated to safeguarding clients’ digital assets through comprehensive cyberdefense strategies. Oznet operates with a clear mission to protect clients’ digital assets by […]

Read more
Post icon
/ News

Wazuh and Oznet sign a partnership agreement

By

San Jose, California, April 2024 – Wazuh, a leader in open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, announces a new partnership with Oznet, a cybersecurity firm dedicated to safeguarding clients’ digital assets through comprehensive cyberdefense strategies. Oznet operates with a clear mission to protect clients’ digital assets by […]

Read more
Integrating Mimecast with Wazuh

Integrating Mimecast with Wazuh

Post icon
/ Engineering
By

Mimecast is an email security and management platform that protects emails against cyber threats such as malware, phishing, and spam. Email remains one of the most prevalent attack vectors for cybercriminals seeking to infiltrate organizations and spread malware. Its widespread use makes it a top target for various malicious activities. Mimecast provides organizations with features […]

Read more
Post icon
/ Engineering

Integrating Mimecast with Wazuh

By

Mimecast is an email security and management platform that protects emails against cyber threats such as malware, phishing, and spam. Email remains one of the most prevalent attack vectors for cybercriminals seeking to infiltrate organizations and spread malware. Its widespread use makes it a top target for various malicious activities. Mimecast provides organizations with features […]

Read more
Datasec upgrades to Wazuh Platinum partnership

Datasec upgrades to Wazuh Platinum partnership

Post icon
/ News
By

San Jose, California, April 2024 – Wazuh, a leader in open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, announces the renewal and upgraded agreement from Gold to Platinum partnership with Datasec, a seasoned player with over 35 years of experience in the cybersecurity arena. Datasec boasts a rich legacy […]

Read more
Post icon
/ News

Datasec upgrades to Wazuh Platinum partnership

By

San Jose, California, April 2024 – Wazuh, a leader in open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, announces the renewal and upgraded agreement from Gold to Platinum partnership with Datasec, a seasoned player with over 35 years of experience in the cybersecurity arena. Datasec boasts a rich legacy […]

Read more
Filtering security data with the Wazuh Query Language

Filtering security data with the Wazuh Query Language

Post icon
/ Engineering
By

The Wazuh Query Language (WQL) simplifies security data filtering in the Wazuh dashboard with its user-friendly format. With the use of a specialized querying language like Wazuh Query Language, security analysts can analyze and query security log data, enabling effective detection and response to security threats. WQL provides a solution for navigating complex datasets, allowing […]

Read more
Post icon
/ Engineering

Filtering security data with the Wazuh Query Language

By

The Wazuh Query Language (WQL) simplifies security data filtering in the Wazuh dashboard with its user-friendly format. With the use of a specialized querying language like Wazuh Query Language, security analysts can analyze and query security log data, enabling effective detection and response to security threats. WQL provides a solution for navigating complex datasets, allowing […]

Read more
Wazuh signs a partnership agreement with Actarvs

Wazuh signs a partnership agreement with Actarvs

Post icon
/ News
By

San Jose, California, March 2024 – Wazuh, a global leader in open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, announces its strategic partnership with Actarvs, a provider of innovative cybersecurity solutions. Actarvs utilizes Wazuh for individual infrastructure host monitoring as a SIEM and XDR solution. The company provides consulting […]

Read more
Post icon
/ News

Wazuh signs a partnership agreement with Actarvs

By

San Jose, California, March 2024 – Wazuh, a global leader in open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, announces its strategic partnership with Actarvs, a provider of innovative cybersecurity solutions. Actarvs utilizes Wazuh for individual infrastructure host monitoring as a SIEM and XDR solution. The company provides consulting […]

Read more
Detecting Living Off the Land attacks with Wazuh

Detecting Living Off the Land attacks with Wazuh

Post icon
/ Engineering
By

Living Off the Land (LOTL) attacks are a cyber threat technique in which attackers leverage existing, legitimate tools and features within an environment to conduct malicious activities. This approach allows attackers to blend in with normal system activity, making detection by conventional security measures more challenging.  The solution to LOTL attacks is to use a […]

Read more
Post icon
/ Engineering

Detecting Living Off the Land attacks with Wazuh

By

Living Off the Land (LOTL) attacks are a cyber threat technique in which attackers leverage existing, legitimate tools and features within an environment to conduct malicious activities. This approach allows attackers to blend in with normal system activity, making detection by conventional security measures more challenging.  The solution to LOTL attacks is to use a […]

Read more
Wazuh and Diamatix Forge Strategic Partnership to Bolster Cybersecurity Solutions

Wazuh and Diamatix Forge Strategic Partnership to Bolster Cybersecurity Solutions

Post icon
/ News
By

San Jose, California, February 2024 – Wazuh, a global leader in open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, proudly announces a strategic partnership with Diamatix, an esteemed provider of innovative cybersecurity solutions and services. Diamatix specializes in delivering comprehensive cybersecurity solutions tailored to safeguard businesses. As a leading […]

Read more
Post icon
/ News

Wazuh and Diamatix Forge Strategic Partnership to Bolster Cybersecurity Solutions

By

San Jose, California, February 2024 – Wazuh, a global leader in open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, proudly announces a strategic partnership with Diamatix, an esteemed provider of innovative cybersecurity solutions and services. Diamatix specializes in delivering comprehensive cybersecurity solutions tailored to safeguard businesses. As a leading […]

Read more
Kuiper ransomware detection and response with Wazuh

Kuiper ransomware detection and response with Wazuh

Post icon
/ Engineering
By

The Kuiper ransomware is a strain of ransomware written in Golang that encrypts data on various endpoints such as Windows, macOS, and Linux in exchange for money.  It utilizes a combination of RSA, ChaCha20, and AES encryption algorithms to encrypt files on infected endpoints. Specifically, it employs RSA for key exchange, ChaCha20 for initial encryption, […]

Read more
Post icon
/ Engineering

Kuiper ransomware detection and response with Wazuh

By

The Kuiper ransomware is a strain of ransomware written in Golang that encrypts data on various endpoints such as Windows, macOS, and Linux in exchange for money.  It utilizes a combination of RSA, ChaCha20, and AES encryption algorithms to encrypt files on infected endpoints. Specifically, it employs RSA for key exchange, ChaCha20 for initial encryption, […]

Read more
Wazuh and Wattle Tech sign a partnership agreement

Wazuh and Wattle Tech sign a partnership agreement

Post icon
/ News
By

San Jose, California, March 2024 – Wazuh, a leader in open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, has established a new partnership with Wattle Tech, a provider of innovative cybersecurity solutions. Wattle Tech specializes in delivering advanced cybersecurity solutions, leveraging Wazuh’s capabilities of Threat Detection and Incident Response, […]

Read more
Post icon
/ News

Wazuh and Wattle Tech sign a partnership agreement

By

San Jose, California, March 2024 – Wazuh, a leader in open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, has established a new partnership with Wattle Tech, a provider of innovative cybersecurity solutions. Wattle Tech specializes in delivering advanced cybersecurity solutions, leveraging Wazuh’s capabilities of Threat Detection and Incident Response, […]

Read more
Detecting XZ Utils vulnerability (CVE-2024-3094) with Wazuh

Detecting XZ Utils vulnerability (CVE-2024-3094) with Wazuh

Post icon
/ Engineering
By and

XZ Utils is a widely utilized suite of command-line tools for lossless data compression on virtually all Unix-like operating systems, including Linux. Among its prominent components are xz and lzma, useful in compressing files, distributing packages, and managing backups.  Andres Freund discovered a backdoor within XZ Utils, specifically in the liblzma library, and reported it […]

Read more
Post icon
/ Engineering

Detecting XZ Utils vulnerability (CVE-2024-3094) with Wazuh

By and

XZ Utils is a widely utilized suite of command-line tools for lossless data compression on virtually all Unix-like operating systems, including Linux. Among its prominent components are xz and lzma, useful in compressing files, distributing packages, and managing backups.  Andres Freund discovered a backdoor within XZ Utils, specifically in the liblzma library, and reported it […]

Read more
Keep up to date
with our digest of articles