Open source SIEM with Wazuh and elastic stack

“Wazuh is a free, open source and enterprise-ready security monitoring solution for threat detection, integrity monitoring, incident response and compliance” which when integrated with elastic stack enhances visualization and reporting. If you are looking for open source Siem solution and struggling with installation, feel free to use the guide  Wazuh with elastic stack Guide.  This guide has been prepared following official Wazuh installation documentation.

FAKE NEWS: WhatsApp Scam “FREE Internet Recharge From WHO”

The Bhutan Computer Incident Response Team  recommends individuals to remain vigilant for scams related to Coronavirus Disease 2019 (COVID-19). The recent post on WhatsApp regarding “Free Internet Recharge from World Health Organization ” is FAKE. BtCIRT encourages individuals to remain vigilant and take the following precautions. • Avoid clicking on links in unsolicited emails and be wary of email attachments. • Use trusted sources—such as legitimate, www.health.gov.bt —for up-to-date, fact-based information about COVID-19. • Do not reveal personal or financial information in email, and do not respond to email solicitations for this information. As per recent Notification from Media Council […]

Coronavirus Scams and Malware

The threat actors are weaponizing the tremendous urge for coronavirus related  information people have, as it spreads across the globe to drop malware through various channels including Phishing email , Malicious websites and social engineering.  Therefore, BtCIRT urges everyone to Think before you click on any links received via email, instant messaging apps or shared via other social media platforms. For any updates,  please visit trusted sources of information: WHO  for global statistics and advisories and  Ministry of Health for any information related to Bhutan.  

Mailvelope Manual

Mailvelope is a browser add-on or a plugin that extends its   capability in encrypting email contents and is based on OpenPGP cryptography standards. To be able to send, receive or digitally sign emails securely using OpenPGP based services like Mailvelope, users first have to create public, private key pair and share the public key. For detailed manual please visit: Mailvelope manual

GandCrab Ransomware

BtCIRT has been recently reported of few instance of system files being encrypted by a ransomware family called GandCrab, therefore we urge all users to be alerted and take precaution. 1. Description: GandCrab is a Ransomware   that encrypts almost all file types on affected system with a ransom message displayed insisting to make payment using crypto currency to decrypt the data. 2.  Distribution mechanism:   Email attachment , cracked softwares, websites, fake software updaters, trojans, exploit kits  and untrustworthy software download sites are some of the means used to infect and then exploit vulnerabilities in installed, outdated softwares of the […]