Wazuh and Securious Limited Announce Partnership to Enhance Managed SOC and Threat Detection Services

Wazuh and Securious Limited Announce Partnership to Enhance Managed SOC and Threat Detection Services

Post icon
/ News
By

San Jose, California, November 2024 – Wazuh, a leading provider of open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, has partnered with Securious Limited, a UK-based PCI QSA and cybersecurity compliance firm. This collaboration aims to strengthen Securious’ ability to deliver managed Security Operations Center (SOC) and advanced threat […]

Read more
Post icon
/ News

Wazuh and Securious Limited Announce Partnership to Enhance Managed SOC and Threat Detection Services

By

San Jose, California, November 2024 – Wazuh, a leading provider of open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, has partnered with Securious Limited, a UK-based PCI QSA and cybersecurity compliance firm. This collaboration aims to strengthen Securious’ ability to deliver managed Security Operations Center (SOC) and advanced threat […]

Read more
Integrating Bitdefender GravityZone with Wazuh

Integrating Bitdefender GravityZone with Wazuh

Post icon
/ Engineering
By

Organizations face increasingly sophisticated threats that require a proactive and multi-layered defense strategy. Organizations often leverage multiple security solutions to improve their security posture. Centralized visibility for organizations that use multiple security solutions is essential for operational efficiency. Wazuh, an open source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) platform […]

Read more
Post icon
/ Engineering

Integrating Bitdefender GravityZone with Wazuh

By

Organizations face increasingly sophisticated threats that require a proactive and multi-layered defense strategy. Organizations often leverage multiple security solutions to improve their security posture. Centralized visibility for organizations that use multiple security solutions is essential for operational efficiency. Wazuh, an open source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) platform […]

Read more
Detecting malicious URLs using Wazuh and URLhaus

Detecting malicious URLs using Wazuh and URLhaus

Post icon
/ Engineering
By and

URLhaus is a project operated by abuse.ch. The purpose of the project is to collect, track, and share malware URLs, to help network administrators and security analysts protect their networks from cyber threats. URLhaus also offers an API to query information about malicious URLs. Integrating this API with Wazuh can help organizations improve their ability […]

Read more
Post icon
/ Engineering

Detecting malicious URLs using Wazuh and URLhaus

By and

URLhaus is a project operated by abuse.ch. The purpose of the project is to collect, track, and share malware URLs, to help network administrators and security analysts protect their networks from cyber threats. URLhaus also offers an API to query information about malicious URLs. Integrating this API with Wazuh can help organizations improve their ability […]

Read more
Snapekit detection with Wazuh

Snapekit detection with Wazuh

Post icon
/ Engineering
By

The Snapekit rootkit was reported by Gen Threat Labs on X (formerly Twitter) on October 2, 2024. They identified several behavioral patterns of the rootkit. At the time of writing, all publicly available Snapekit samples specifically target Arch Linux (6.10.2-arch1-1 x86_64). However, the rootkit can be easily adapted to impact other versions of Arch Linux […]

Read more
Post icon
/ Engineering

Snapekit detection with Wazuh

By

The Snapekit rootkit was reported by Gen Threat Labs on X (formerly Twitter) on October 2, 2024. They identified several behavioral patterns of the rootkit. At the time of writing, all publicly available Snapekit samples specifically target Arch Linux (6.10.2-arch1-1 x86_64). However, the rootkit can be easily adapted to impact other versions of Arch Linux […]

Read more
Detecting and responding to Lumma Stealer with Wazuh

Detecting and responding to Lumma Stealer with Wazuh

Post icon
/ Engineering
By

Lumma Stealer, also known as LummaC2 Stealer, is a customizable malware written in C/C++ that allows for efficient and low-level access to system resources. It uses extensive obfuscation and anti-analysis features, making it highly effective and hard to detect. It is distributed as a Malware-as-a-Service (MaaS) model, with several plans available on underground forums and […]

Read more
Post icon
/ Engineering

Detecting and responding to Lumma Stealer with Wazuh

By

Lumma Stealer, also known as LummaC2 Stealer, is a customizable malware written in C/C++ that allows for efficient and low-level access to system resources. It uses extensive obfuscation and anti-analysis features, making it highly effective and hard to detect. It is distributed as a Malware-as-a-Service (MaaS) model, with several plans available on underground forums and […]

Read more
Ransomware protection on Windows with Wazuh

Ransomware protection on Windows with Wazuh

Post icon
/ Engineering
By

Providing Ransomware protection on our endpoints is important as these attacks have become one of the most prevalent and damaging cyber threats faced by organizations and individuals. These types of attacks continue to rise due to the lucrative nature of ransom payments. Ransomware attacks adopt sophisticated techniques, such as advanced encryption algorithms and social engineering […]

Read more
Post icon
/ Engineering

Ransomware protection on Windows with Wazuh

By

Providing Ransomware protection on our endpoints is important as these attacks have become one of the most prevalent and damaging cyber threats faced by organizations and individuals. These types of attacks continue to rise due to the lucrative nature of ransom payments. Ransomware attacks adopt sophisticated techniques, such as advanced encryption algorithms and social engineering […]

Read more
Wazuh and NewNet Announce Strategic Partnership to Enhance Cybersecurity Services

Wazuh and NewNet Announce Strategic Partnership to Enhance Cybersecurity Services

Post icon
/ News
By

San Jose, California, September 2024 – Wazuh, a leading provider of open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, is pleased to announce its partnership with NewNet, a specialist in risk management services for information security, cybersecurity, and cloud solutions. This collaboration enhances NewNet’s Security Operations Center (SOC) capabilities […]

Read more
Post icon
/ News

Wazuh and NewNet Announce Strategic Partnership to Enhance Cybersecurity Services

By

San Jose, California, September 2024 – Wazuh, a leading provider of open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, is pleased to announce its partnership with NewNet, a specialist in risk management services for information security, cybersecurity, and cloud solutions. This collaboration enhances NewNet’s Security Operations Center (SOC) capabilities […]

Read more
Detecting and responding to Latrodectus malware with Wazuh

Detecting and responding to Latrodectus malware with Wazuh

Post icon
/ Engineering
By

Latrodectus malware is a sophisticated malware loader that has emerged as a significant threat in recent cyberattacks targeting Windows operating systems. Latrodectus is designed to deliver payloads and execute arbitrary commands on infected systems. Its distribution has been linked to threat actors TA577 and TA578, who have employed it in various threat campaigns. It is […]

Read more
Post icon
/ Engineering

Detecting and responding to Latrodectus malware with Wazuh

By

Latrodectus malware is a sophisticated malware loader that has emerged as a significant threat in recent cyberattacks targeting Windows operating systems. Latrodectus is designed to deliver payloads and execute arbitrary commands on infected systems. Its distribution has been linked to threat actors TA577 and TA578, who have employed it in various threat campaigns. It is […]

Read more
Wazuh Announces Partnership with  iG2 Group Inc

Wazuh Announces Partnership with  iG2 Group Inc

Post icon
/ News
By

San Jose, California, October 2024 – Wazuh, a leading provider of open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, announces its partnership with iG2 Group Inc., a Canadian enterprise security provider specializing in Unified Intelligent Security Solutions. This collaboration is aimed at simplifying cybersecurity management and enhancing threat detection […]

Read more
Post icon
/ News

Wazuh Announces Partnership with  iG2 Group Inc

By

San Jose, California, October 2024 – Wazuh, a leading provider of open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, announces its partnership with iG2 Group Inc., a Canadian enterprise security provider specializing in Unified Intelligent Security Solutions. This collaboration is aimed at simplifying cybersecurity management and enhancing threat detection […]

Read more
Wazuh Announces Strategic Partnership with Wowrack

Wazuh Announces Strategic Partnership with Wowrack

Post icon
/ News
By

San Jose, California, September 2024 – Wazuh, a leading provider of open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, is pleased to announce its partnership with Wowrack, a global managed IT infrastructure provider with over two decades of expertise in cloud, data center, network, and security services. Since 2001, […]

Read more
Post icon
/ News

Wazuh Announces Strategic Partnership with Wowrack

By

San Jose, California, September 2024 – Wazuh, a leading provider of open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, is pleased to announce its partnership with Wowrack, a global managed IT infrastructure provider with over two decades of expertise in cloud, data center, network, and security services. Since 2001, […]

Read more
Detecting CUPS remote code execution vulnerability with Wazuh

Detecting CUPS remote code execution vulnerability with Wazuh

Post icon
/ Engineering
By and

CUPS (Common Unix Printing System) is a widely used printing system for Unix-like operating systems. It allows users to share printers over a network and provides a web-based interface for managing print jobs and configurations. However, in September 2024, several vulnerabilities were discovered in CUPS by Simone Margaritelli that could grant an attacker remote code […]

Read more
Post icon
/ Engineering

Detecting CUPS remote code execution vulnerability with Wazuh

By and

CUPS (Common Unix Printing System) is a widely used printing system for Unix-like operating systems. It allows users to share printers over a network and provides a web-based interface for managing print jobs and configurations. However, in September 2024, several vulnerabilities were discovered in CUPS by Simone Margaritelli that could grant an attacker remote code […]

Read more
How Wazuh detects and responds to Mint Stealer

How Wazuh detects and responds to Mint Stealer

Post icon
/ Engineering
By

Mint Stealer is a Python-based malware that steals data from web browsers, cryptocurrency wallets, VPN clients, mail clients, game applications, and more. Mint Stealer is sold as a malware-as-a-service (MaaS), designed to covertly exfiltrate sensitive information from infected Windows endpoints to a command and control (C2) server. Mint Stealer uses encryption and obfuscation techniques to […]

Read more
Post icon
/ Engineering

How Wazuh detects and responds to Mint Stealer

By

Mint Stealer is a Python-based malware that steals data from web browsers, cryptocurrency wallets, VPN clients, mail clients, game applications, and more. Mint Stealer is sold as a malware-as-a-service (MaaS), designed to covertly exfiltrate sensitive information from infected Windows endpoints to a command and control (C2) server. Mint Stealer uses encryption and obfuscation techniques to […]

Read more
Detecting PureHVNC malware with Wazuh

Detecting PureHVNC malware with Wazuh

Post icon
/ Engineering
By

PureHVNC is a Remote Access Trojan (RAT) that focuses specifically on the stealthy remote control of Windows endpoints. The HVNC in PureHVNC stands for “Hidden Virtual Network Computing.” This means attackers can manipulate an endpoint remotely without the user’s awareness.  PureHVNC malware is usually distributed through phishing campaigns that use urgent messaging to deceive victims […]

Read more
Post icon
/ Engineering

Detecting PureHVNC malware with Wazuh

By

PureHVNC is a Remote Access Trojan (RAT) that focuses specifically on the stealthy remote control of Windows endpoints. The HVNC in PureHVNC stands for “Hidden Virtual Network Computing.” This means attackers can manipulate an endpoint remotely without the user’s awareness.  PureHVNC malware is usually distributed through phishing campaigns that use urgent messaging to deceive victims […]

Read more
Keep up to date
with our digest of articles