Detecting DNS tunneling attacks with Wazuh
DNS tunneling allows attackers to hide malicious data and commands within legitimate Domain Name System (DNS) traffic, bypassing firewalls and security controls. Attackers exploit the fact...
Wazuh and Infocean Technology Announce Partnership to Strengthen Wazuh Engagement Throughout APAC Region.
/ News
San Jose, California, February 2026 – Wazuh, the leading open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solution, announced a partnership with Infocean Technology Company Limited, a cybersecurity provider across the APAC region. Through this partnership, Infocean Technology delivers a cost-effective SIEM solution designed to address the security needs of […]
Salat stealer is a rapidly emerging Go-based information stealer offered under a Malware-as-a-Service (MaaS) model, enabling widespread access to the malware for threat actors. The malware leverages dedicated command and control (C2) infrastructure to manage infected endpoints and exfiltrate stolen data at scale. It primarily targets Windows endpoints to collect browser credentials, Telegram sessions, and […]
It is essential to log and audit Kubernetes cluster events. Check our new blog post to learn how to audit Kubernetes events with Wazuh.
Endpoint hardening is a continuous process for securing modern IT environments against vulnerabilities and misconfigurations. It reduces the attack surface of endpoints and strengthens defenses against cyber threats by enforcing standardized security configurations. Organizations typically rely on established guidelines such as the Center for Internet Security (CIS) Benchmarks and frameworks like NIST, which provide best […]
San José, California, February 2026 – Wazuh, an open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solution, announced a partnership with eBD, Chilean specialists in the integration of technology solutions for multiple tech and communications industries. Through this partnership, eBD reinforces its customer service and support capabilities, providing ongoing assistance […]
Access control protects the confidentiality, integrity, and availability of systems and data. It is important because attackers frequently exploit legitimate accounts, excessive permissions, and weak policy enforcement to blend into normal operations. While access control systems are designed to prevent unauthorized actions, the decisions they generate, such as denied requests, privilege escalations, or anomalous authorization […]
Incident management involves detecting, responding to, and resolving unplanned events efficiently across systems and teams. It is important for organizations aiming to reduce downtime, mitigate risks, and maintain operational resilience. Incident management platforms like Rootly are designed to streamline and automate response workflows for engineering, operations, and security teams. Integrating Rootly with Wazuh connects Wazuh […]
San Jose, California, January 2026 – Wazuh, the leading open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) platform, announced a partnership with Blue Networks, a cybersecurity consulting boutique and managed security services provider specializing in regulated and high-performance environments. Through this partnership, Blue Networks leverages Wazuh as a core XDR […]
Rhadamanthys Stealer is a credential-harvesting malware sold as Malware-as-a-Service (MaaS). It is known for its modular architecture, data-stealing capabilities, and continuous updates driven by criminal marketplaces. Attackers distribute Rhadamanthys stealer via phishing emails, cracked software, malicious ads, and fake installers. The stealer primarily targets Windows endpoints to extract browser passwords, crypto wallets, system metadata, autofill […]
Wazuh architecture is designed to support agentic AI integration through its existing APIs and programmatic interfaces. Julio Casal (Wazuh) recently shared an early preview of this direction, demonstrating how AI agents can interact with Wazuh deployments to automate workflows, coordinate responses, and reduce manual operational overhead. One Example: Automated Log Integration The video above demonstrates […]
The Wazuh Ambassadors program brings together security practitioners who actively support the global Wazuh community. Ambassadors share hands-on knowledge, create educational resources, and help others adopt and maximize the benefits of Wazuh through collaboration and open source engagement. The program empowers ambassadors to promote open source security awareness. Their contributions help bridge the gap between […]
Open source software makes its source code publicly available, allowing anyone to inspect, audit, and improve it. This transparency creates verifiable trust, where security claims can be independently validated by a global community instead of taken on faith. Open source licenses give users full control to understand, customize, and extend the software to meet their […]
Cephalus ransomware surfaced in mid-August 2025 and quickly attracted attention for its stealth and operational precision. The threat actors demonstrate a clear financial motivation and rely on initial access vectors. They exploit weak or exposed Remote Desktop Protocol (RDP) configurations, particularly targeting accounts lacking Multi-Factor Authentication (MFA) protection, to gain unauthorized access. Cephalus ransomware targets […]
Keep up to date
with our digest of articles
with our digest of articles