Blog / Engineering / Detecting Medusa ransomware with Wazuh
Medusa is a ransomware-as-a-service (RaaS) variant, first observed in June 2021. Its operators and affiliates have impacted over 300 organizations across multiple sectors, including healthcare, education, legal, insurance, technology, and manufacturing. The ransomware is primarily delivered through phishing campaigns and the exploitation of unpatched software vulnerabilities.
Blog / Engineering / Detecting BlackCat ransomware with Wazuh
In this blog post, we successfully demonstrated the capability of Wazuh to detect and remove BlackCat ransomware on a Windows endpoint.
Blog / Engineering / Deploying Wazuh agents using ManageEngine
Wazuh is an open source security platform that offers Extended Detection and Response (XDR) and Security Information and Event Management (SIEM) capabilities to organizations. It provides security to IT infrastructure through real-time monitoring, threat detection, log analysis, vulnerability detection, and automated incident response. By collecting and analyzing security data from endpoints, Wazuh enables organizations to […]
Blog / Engineering / Detecting Lynx ransomware with Wazuh
Lynx ransomware is a sophisticated malware threat that has been active since mid-2024, with over 20 victims across various industries. It primarily targets Windows operating systems, encrypting files using the Advanced Encryption Standard (AES) with a 128-bit key in CTR mode, and employs double extortion, threatening to leak stolen data. Operated by the Lynx ransomware […]