Phishing Mail
285 views
Skip to first unread message
Vyom Thaker
Oct 4, 2022, 4:24:59 AM10/4/22
to Wazuh mailing list
I want to monitor phishing mails on wazuh is it possible and if yes then please guide through this.
Marcos Javier Bonacci
Oct 4, 2022, 7:03:58 AM10/4/22
to Wazuh mailing list
Hello Vyom!
Thank you for using Wazuh!
You can use any of the following modules so that when the user, executes/downloads any file with rasomware, the alert is triggered to take actions according to the following modules:
- Scanless vulnerability detection: Identifies vulnerable systems and applications correlating inventory data with well known CVEs.
- Security Configuration Assessment: Used to expose poorly configured systems. It runs configuration checks periodically, enforcing good practices by following standards such as CIS (Center of Internet Security).
- File integrity monitoring: Monitors changes to the file system, and can be used to detect the presence of malicious files (see, for example, our integration with VirusTotal).
Regards,
Javier
Vyom Thaker
Oct 4, 2022, 7:13:26 AM10/4/22
to Marcos Javier Bonacci, Wazuh mailing list
Thank you sir for your kind response but I am searching for mail integration so the wazuh can monitor the incoming mail. Do you have anything related to this
Best Regards,
Vyom Thaker
Trainee - Cyber Security Analyst
+91 7949006565 [ext :469]
Acute Informatics Pvt. Ltd.
CONFIDENTIALITY NOTICE: The information transmitted in this email and any attachments herein is confidential and is intended for the addressee(s) only. If you have received this email in error, please notify us immediately, delete the message from your computer system and destroy hard copies if any . If you are not the intended recipient, any unauthorized disclosure, copying, distribution, dissemination, publication, use of or access to the information contained herein is strictly prohibited. The obligation of confidentiality is a binding legal obligation, a proven breach of which will result in the imposition of damages. Although every effort has been made to ensure that this email is virus-free, it is recommended that you scan this email and any attachments thereto for viruses and Acute Informatics Pvt. Ltd. accepts no responsibility for any damage to the recipient’s system caused by this email and/or its attachments. Please note that messages to or from Acute Informatics Pvt. Ltd. may be monitored to ensure compliance with our policies.
--
You received this message because you are subscribed to the Google Groups "Wazuh mailing list" group.
To unsubscribe from this group and stop receiving emails from it, send an email to wazuh+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/wazuh/9a08dfd7-2a0f-4c3f-83b0-f7054c013500n%40googlegroups.com.
Marcos Javier Bonacci
Oct 5, 2022, 3:45:54 AM10/5/22
to Wazuh mailing list
Hello Vyom.
Sorry for misunderstanding your ask.
At this momment, we are testing/developing integrations with 3rd parts tools. By this time active response, will check and take action if some ransomware/file change, happens.
At this momment, we are testing/developing integrations with 3rd parts tools. By this time active response, will check and take action if some ransomware/file change, happens.
Best Regards,
Javier
Vyom Thaker
Oct 6, 2022, 12:12:20 AM10/6/22
to Marcos Javier Bonacci, Wazuh mailing list
Got it, Thanks
Best Regards,
Vyom Thaker
Trainee - Cyber Security Analyst
Acute Informatics Pvt. Ltd.
CONFIDENTIALITY NOTICE: The information transmitted in this email and any attachments herein is confidential and is intended for the addressee(s) only. If you have received this email in error, please notify us immediately, delete the message from your computer system and destroy hard copies if any . If you are not the intended recipient, any unauthorized disclosure, copying, distribution, dissemination, publication, use of or access to the information contained herein is strictly prohibited. The obligation of confidentiality is a binding legal obligation, a proven breach of which will result in the imposition of damages. Although every effort has been made to ensure that this email is virus-free, it is recommended that you scan this email and any attachments thereto for viruses and Acute Informatics Pvt. Ltd. accepts no responsibility for any damage to the recipient’s system caused by this email and/or its attachments. Please note that messages to or from Acute Informatics Pvt. Ltd. may be monitored to ensure compliance with our policies.
To view this discussion on the web visit https://groups.google.com/d/msgid/wazuh/bd22514e-57af-4727-a855-0151e1e42932n%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages