Wazuh and Graybox Security Announce Partnership to Deliver Advanced Cybersecurity Services
San Jose, California, July 2025 – Wazuh, the leading provider of...
San Jose, California, July 2025 – Wazuh, the leading provider of...
ESET PROTECT Hub allows administrators to manage identities, licenses, and users across various ESET services from a single location. These services, including ESET PROTECT, ESET Inspect, and ESET Cloud Office Security, are designed to provide threat detection and endpoint protection solutions for businesses and individuals. Wazuh is an open source security platform designed for threat […]
Read moreESET PROTECT Hub allows administrators to manage identities, licenses, and users across various ESET services from a single location. These services, including ESET PROTECT, ESET Inspect, and ESET Cloud Office Security, are designed to provide threat detection and endpoint protection solutions for businesses and individuals. Wazuh is an open source security platform designed for threat […]
Read moreMamona is a lightweight ransomware strain that is widely available and primarily targets Windows endpoints. Unlike more sophisticated ransomware families, it operates entirely offline, encrypting files locally without any command-and-control (C2) communication or data exfiltration. This absence of network activity makes it harder to detect using network traffic analysis alone. Mamona ransomware uses custom encryption […]
Read moreMamona is a lightweight ransomware strain that is widely available and primarily targets Windows endpoints. Unlike more sophisticated ransomware families, it operates entirely offline, encrypting files locally without any command-and-control (C2) communication or data exfiltration. This absence of network activity makes it harder to detect using network traffic analysis alone. Mamona ransomware uses custom encryption […]
Read moreThe DOGE Big Balls is a sophisticated ransomware variant linked to the Fog ransomware group, first observed in early 2025. It has affected organizations across various sectors, such as technology, education, and finance, by combining technical exploits with psychological manipulation. Delivered primarily through phishing campaigns containing malicious ZIP archives, the ransomware uses PowerShell scripts to […]
Read moreThe DOGE Big Balls is a sophisticated ransomware variant linked to the Fog ransomware group, first observed in early 2025. It has affected organizations across various sectors, such as technology, education, and finance, by combining technical exploits with psychological manipulation. Delivered primarily through phishing campaigns containing malicious ZIP archives, the ransomware uses PowerShell scripts to […]
Read moreCybersecurity frameworks are structured standards, guidelines, and best practices for managing and reducing cybersecurity risks. Some examples include NIST, HIPAA Security Rule, PCI DSS, and CMMC. These frameworks provide a foundational blueprint for securing sensitive data and strengthening cyber resilience, especially in regulated industries. Wazuh, an open source Security Information and Event Management (SIEM) and […]
Read moreCybersecurity frameworks are structured standards, guidelines, and best practices for managing and reducing cybersecurity risks. Some examples include NIST, HIPAA Security Rule, PCI DSS, and CMMC. These frameworks provide a foundational blueprint for securing sensitive data and strengthening cyber resilience, especially in regulated industries. Wazuh, an open source Security Information and Event Management (SIEM) and […]
Read moreSan Jose, California, June 2025 – Wazuh, the leading provider of open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, has partnered with Jupiter Technology Corp., a leading Japanese supplier of network security, syslog management, and network management solutions. This partnership aims to provide organizations across Japan with cost-effective and […]
Read moreSan Jose, California, June 2025 – Wazuh, the leading provider of open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, has partnered with Jupiter Technology Corp., a leading Japanese supplier of network security, syslog management, and network management solutions. This partnership aims to provide organizations across Japan with cost-effective and […]
Read moreXWorm is a .NET-based Remote Access Trojan (RAT) that initially emerged in early 2022 and resurfaced in 2025 with enhanced capabilities and renewed activity in targeted cyberattacks. Designed to compromise Windows endpoints, XWorm is widely adopted by threat actors due to its modular design and low detection rates when obfuscated, making it a persistent threat […]
Read moreXWorm is a .NET-based Remote Access Trojan (RAT) that initially emerged in early 2022 and resurfaced in 2025 with enhanced capabilities and renewed activity in targeted cyberattacks. Designed to compromise Windows endpoints, XWorm is widely adopted by threat actors due to its modular design and low detection rates when obfuscated, making it a persistent threat […]
Read moreArtificial intelligence (AI) makes threat hunting in Wazuh more efficient and effective as it can process vast amounts of security data at high speeds. It can spot subtle patterns and anomalies that human analysts might miss. By leveraging AI in Wazuh threat hunting, security teams can be more efficient and focus their expertise where it’s […]
Read moreArtificial intelligence (AI) makes threat hunting in Wazuh more efficient and effective as it can process vast amounts of security data at high speeds. It can spot subtle patterns and anomalies that human analysts might miss. By leveraging AI in Wazuh threat hunting, security teams can be more efficient and focus their expertise where it’s […]
Read moreRecent articles have linked CVE-2025-24016, an old Wazuh server vulnerability, to botnet activity via remote code execution. This issue was fixed in October 2024 with version 4.9.1. Any instance running 4.9.1 or later is fully patched and secure. It’s also important to understand the nature of CVE-2025-24016. This is an authenticated vulnerability, meaning it can […]
Read moreRecent articles have linked CVE-2025-24016, an old Wazuh server vulnerability, to botnet activity via remote code execution. This issue was fixed in October 2024 with version 4.9.1. Any instance running 4.9.1 or later is fully patched and secure. It’s also important to understand the nature of CVE-2025-24016. This is an authenticated vulnerability, meaning it can […]
Read moreThe Wazuh Cyber Threat Intelligence (CTI) service is a publicly accessible platform that collects, analyzes, and disseminates actionable information on emerging cyber threats and vulnerabilities. The service launches with a focus on vulnerability intelligence, delivering timely updates on Common Vulnerabilities and Exposures (CVEs), severity scores, exploitability insights, and mitigation strategies. It aggregates and sanitizes data […]
Read moreThe Wazuh Cyber Threat Intelligence (CTI) service is a publicly accessible platform that collects, analyzes, and disseminates actionable information on emerging cyber threats and vulnerabilities. The service launches with a focus on vulnerability intelligence, delivering timely updates on Common Vulnerabilities and Exposures (CVEs), severity scores, exploitability insights, and mitigation strategies. It aggregates and sanitizes data […]
Read moreMicrosoft Hyper-V is a widely used virtualization platform in enterprise environments, powering everything from development labs to production workloads.
Read moreMicrosoft Hyper-V is a widely used virtualization platform in enterprise environments, powering everything from development labs to production workloads.
Read moreThe Linux operating system is widely deployed across various systems, from embedded devices to cloud infrastructure. Its popular use makes it a frequent target for threat actors, increasing the importance of enforced security mechanisms. Linux uses the Discretionary Access Control (DAC) permission model by default. In this model, the owner of a file or process […]
Read moreThe Linux operating system is widely deployed across various systems, from embedded devices to cloud infrastructure. Its popular use makes it a frequent target for threat actors, increasing the importance of enforced security mechanisms. Linux uses the Discretionary Access Control (DAC) permission model by default. In this model, the owner of a file or process […]
Read moreA newly disclosed zero-day vulnerability, tracked as CVE-2025-4664, has recently been discovered to affect Google Chrome and Chromium web browsers on Windows and Linux endpoints, respectively. This vulnerability affects the Loader component of the browser, causing serious implications for cross-origin data protection, especially in environments that rely on Chrome’s referrer policies for safeguarding sensitive information. […]
Read moreA newly disclosed zero-day vulnerability, tracked as CVE-2025-4664, has recently been discovered to affect Google Chrome and Chromium web browsers on Windows and Linux endpoints, respectively. This vulnerability affects the Loader component of the browser, causing serious implications for cross-origin data protection, especially in environments that rely on Chrome’s referrer policies for safeguarding sensitive information. […]
Read moreFrigidStealer is an information-stealing malware that emerged in January 2025. It targets macOS endpoints to steal sensitive user data through deceptive tactics. Unlike traditional malware, FrigidStealer exploits user trust in routine software updates, making it particularly insidious. As a significant threat, it underscores the need for extended security measures on macOS endpoints. The malware’s financial […]
Read moreFrigidStealer is an information-stealing malware that emerged in January 2025. It targets macOS endpoints to steal sensitive user data through deceptive tactics. Unlike traditional malware, FrigidStealer exploits user trust in routine software updates, making it particularly insidious. As a significant threat, it underscores the need for extended security measures on macOS endpoints. The malware’s financial […]
Read more