Detecting Windows Screensaver persistence attack with Wazuh
Screensaver is a feature on operating systems that lets users display a message or graphic animation after a certain amount of idle time has elapsed. Threat actors are known to...
Blog / Engineering / Detecting Windows Screensaver persistence attack with Wazuh
Screensaver is a feature on operating systems that lets users display a message or graphic animation after a certain amount of idle time has elapsed. Threat actors are known to...
Blog / Engineering / Responding to network attacks with Suricata and Wazuh XDR
Devices today exist in more varieties and numbers than ever before. With the continuously growing number of nodes and endpoints in a network, finding and responding to threats in real-time...
Blog / Engineering / Monitoring remote OpenVPN connections with GeoIP and Wazuh XDR
The global pandemic in 2020 gave rise to more companies adopting remote working tools, services, and collaboration solutions. But organizations that utilize remote work services expose themselves to a wider...
Blog / Releases / Introducing Wazuh 4.6.0
We are excited to announce the release of Wazuh 4.6.0, with new and enhanced capabilities, new use cases, and improved documentation. This marks a significant achievement for our project and...
Blog / Engineering / Monitoring network devices with Wazuh
A network device is a hardware or software component that facilitates the transfer of data and information between nodes within a network. Common types of network devices include routers, switches,...
Blog / Engineering / Detecting Living Off the Land attacks with Wazuh
Living Off the Land (LOTL) attacks are a cyber threat technique in which attackers leverage existing, legitimate tools and features within an environment to conduct malicious activities. This approach allows...
Blog / Engineering / Detecting compromised accounts with HIBP and Wazuh
Data breaches and leaked credentials have become a recurring threat in the cybersecurity landscape, exposing sensitive information such as usernames, passwords, and email addresses. When attackers gain access to this...
Please make sure that all words are spelled correctly.