Peaklight malware is an information stealer designed to collect sensitive data from compromised endpoints. It is frequently distributed through underground channels and, in some cases, offered as a Malware-as-a-Service...
Maintaining the security of containerized environments is an important part of modern IT infrastructure. Vulnerabilities in container images and runtime environments expose organizations to significant risks, which makes proactive vulnerability scanning an essential practice. Trivy is an open source vulnerability scanner designed for containers, filesystems, and software dependencies. It supports a range of targets including […]
Read more
Container image security with Wazuh and Trivy
Maintaining the security of containerized environments is an important part of modern IT infrastructure. Vulnerabilities in container images and runtime environments expose organizations to significant risks, which makes proactive vulnerability scanning an essential practice. Trivy is an open source vulnerability scanner designed for containers, filesystems, and software dependencies. It supports a range of targets including […]
Read moreLynx ransomware is a sophisticated malware threat that has been active since mid-2024, with over 20 victims across various industries. It primarily targets Windows operating systems, encrypting files using the Advanced Encryption Standard (AES) with a 128-bit key in CTR mode, and employs double extortion, threatening to leak stolen data. Operated by the Lynx ransomware […]
Read more
Detecting Lynx ransomware with Wazuh
Lynx ransomware is a sophisticated malware threat that has been active since mid-2024, with over 20 victims across various industries. It primarily targets Windows operating systems, encrypting files using the Advanced Encryption Standard (AES) with a 128-bit key in CTR mode, and employs double extortion, threatening to leak stolen data. Operated by the Lynx ransomware […]
Read moreWe are excited to announce the release of Wazuh 4.11.0. This release introduces a modified vulnerability detection process for CVE Numbering Authority (CNA) and updates to the Wazuh AMI and OVA base operating system. It also introduces an enhanced Wazuh Syscollector module for more accurate system inventory reports. Additionally, this release includes enhancements to FIM […]
Read more
/ Releases
Introducing Wazuh 4.11.0
We are excited to announce the release of Wazuh 4.11.0. This release introduces a modified vulnerability detection process for CVE Numbering Authority (CNA) and updates to the Wazuh AMI and OVA base operating system. It also introduces an enhanced Wazuh Syscollector module for more accurate system inventory reports. Additionally, this release includes enhancements to FIM […]
Read moreWazuh and Citaf Tech Announce Partnership to Enhance Cybersecurity for Small and Medium Businesses
/ News
San Jose, California, February 2025 – Wazuh, the leading provider of open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, has partnered with Citaf Tech, a cybersecurity firm specializing in information security services. This collaboration strengthens Citaf Tech’s ability to provide Small and Medium Businesses with advanced threat detection and […]
Read more
/ News
Wazuh and Citaf Tech Announce Partnership to Enhance Cybersecurity for Small and Medium Businesses
San Jose, California, February 2025 – Wazuh, the leading provider of open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, has partnered with Citaf Tech, a cybersecurity firm specializing in information security services. This collaboration strengthens Citaf Tech’s ability to provide Small and Medium Businesses with advanced threat detection and […]
Read moreOrganizations face challenges connecting Cyber Threat Intelligence (CTI) and Digital Forensics and Incident Response (DFIR) efforts. Effective collaboration between these domains is necessary for addressing threats proactively and efficiently. Yeti (Your Everyday Threat Intelligence) is an open source Forensics Intelligence platform that helps bridge the gap between CTI and DFIR efforts. It provides DFIR teams […]
Read more
Integrating Wazuh with Yeti platform
Organizations face challenges connecting Cyber Threat Intelligence (CTI) and Digital Forensics and Incident Response (DFIR) efforts. Effective collaboration between these domains is necessary for addressing threats proactively and efficiently. Yeti (Your Everyday Threat Intelligence) is an open source Forensics Intelligence platform that helps bridge the gap between CTI and DFIR efforts. It provides DFIR teams […]
Read moreWazuh and Rint Bilgi Teknolojileri Announce Partnership to Strengthen Cybersecurity and Compliance Solutions
/ News
San Jose, California, January 2025 – Wazuh, the leading provider of open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, has partnered with Rint Bilgi Teknolojileri, Turkey’s premier cloud service and managed services provider. This collaboration enhances Rint’s ability to deliver robust cybersecurity and compliance solutions to organizations across various […]
Read more
/ News
Wazuh and Rint Bilgi Teknolojileri Announce Partnership to Strengthen Cybersecurity and Compliance Solutions
San Jose, California, January 2025 – Wazuh, the leading provider of open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, has partnered with Rint Bilgi Teknolojileri, Turkey’s premier cloud service and managed services provider. This collaboration enhances Rint’s ability to deliver robust cybersecurity and compliance solutions to organizations across various […]
Read moreBrain Cipher is a ransomware strain that surfaced in the middle of 2024, rapidly making its presence felt across various sectors worldwide. Its popularity skyrocketed following a high-profile attack on Indonesia’s National Data Center, which disrupted over 200 government agencies and critical public services, including immigration systems. Built on the leaked LockBit 3.0 builder, Brain […]
Read more
Detecting Brain Cipher ransomware with Wazuh
Brain Cipher is a ransomware strain that surfaced in the middle of 2024, rapidly making its presence felt across various sectors worldwide. Its popularity skyrocketed following a high-profile attack on Indonesia’s National Data Center, which disrupted over 200 government agencies and critical public services, including immigration systems. Built on the leaked LockBit 3.0 builder, Brain […]
Read moreData breaches and leaked credentials have become a recurring threat in the cybersecurity landscape, exposing sensitive information such as usernames, passwords, and email addresses. When attackers gain access to this data, they can exploit it for unauthorized access, phishing attacks, or identity theft. The risk to businesses and individuals is significant, whether leaked credentials from […]
Read more
Detecting compromised accounts with HIBP and Wazuh
Data breaches and leaked credentials have become a recurring threat in the cybersecurity landscape, exposing sensitive information such as usernames, passwords, and email addresses. When attackers gain access to this data, they can exploit it for unauthorized access, phishing attacks, or identity theft. The risk to businesses and individuals is significant, whether leaked credentials from […]
Read moreCriminal IP is a threat intelligence platform that provides insights into IP addresses, domains, and other network components. It provides the necessary information to assess risks and identify potential threats, enabling security teams to react to malicious activity proactively. Integrating Wazuh with Criminal IP creates a synergy that enhances security monitoring, network management, and system […]
Read more
Enhancing threat intelligence with Wazuh and Criminal IP integration
Criminal IP is a threat intelligence platform that provides insights into IP addresses, domains, and other network components. It provides the necessary information to assess risks and identify potential threats, enabling security teams to react to malicious activity proactively. Integrating Wazuh with Criminal IP creates a synergy that enhances security monitoring, network management, and system […]
Read moreRazr is a highly destructive ransomware that compromises systems by encrypting files, effectively rendering them inaccessible to users. This ransomware commonly propagates through phishing emails containing malicious attachments or by exploiting vulnerabilities in software and operating systems. Once infected, the Razr ransomware scans for valuable data, including documents, images, and databases. It activates its payload […]
Read more
Detecting Razr ransomware with Wazuh
Razr is a highly destructive ransomware that compromises systems by encrypting files, effectively rendering them inaccessible to users. This ransomware commonly propagates through phishing emails containing malicious attachments or by exploiting vulnerabilities in software and operating systems. Once infected, the Razr ransomware scans for valuable data, including documents, images, and databases. It activates its payload […]
Read moreSan Jose, California, January 2025 – Wazuh, the leading provider of open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, has partnered with Grupo Intelector, a cybersecurity company with 25 years of experience and a leader in support and customer service throughout Latin America. This collaboration enables Grupo Intelector to […]
Read more
/ News
Wazuh and Grupo Intelector Announce Partnership to Enhance SOC Services Across LATAM
San Jose, California, January 2025 – Wazuh, the leading provider of open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solutions, has partnered with Grupo Intelector, a cybersecurity company with 25 years of experience and a leader in support and customer service throughout Latin America. This collaboration enables Grupo Intelector to […]
Read moreWe are excited to announce the release of Wazuh 4.10.0. This release introduces integration with Microsoft Intune, enhanced logging for cloud integration modules, and debug symbol generation for macOS, Linux, and Windows. It includes a new vulnerability evaluation status field and major updates to SCA policies for improved security compliance on monitored endpoints. We also […]
Read more
/ Releases
Introducing Wazuh 4.10.0
We are excited to announce the release of Wazuh 4.10.0. This release introduces integration with Microsoft Intune, enhanced logging for cloud integration modules, and debug symbol generation for macOS, Linux, and Windows. It includes a new vulnerability evaluation status field and major updates to SCA policies for improved security compliance on monitored endpoints. We also […]
Read moreA Large Language Model (LLM) is an Artificial Intelligence (AI) program that recognizes, processes, and generates human-like texts. Claude Haiku is an LLM model designed by Antropic that can perform code completion, interactive chatbots, and content moderation tasks. The Claude Haiku model can be integrated as a chatbox feature in the Wazuh dashboard. Performing this […]
Read more
Leveraging Claude Haiku in the Wazuh dashboard for LLM-powered insights
A Large Language Model (LLM) is an Artificial Intelligence (AI) program that recognizes, processes, and generates human-like texts. Claude Haiku is an LLM model designed by Antropic that can perform code completion, interactive chatbots, and content moderation tasks. The Claude Haiku model can be integrated as a chatbox feature in the Wazuh dashboard. Performing this […]
Read more
Keep up to date
with our digest of articles
with our digest of articles
Wazuh will not sell, trade, lease, or rent your personal data to third parties. By subscribing, I agree to the use of my personal data in accordance with Wazuh Privacy Policy.