In this blog post, we successfully demonstrated the capability of Wazuh to detect and remove BlackCat ransomware on a Windows endpoint.
Detecting and blocking Cacti remote code execution vulnerability (CVE-2022-46169) with Wazuh
By Farouk Musa
In this blog post, we demonstrated how to detect the Cacti CVE-2022-46169 vulnerability and block exploitation attempts with Wazuh.
Read more
Detecting and blocking Cacti remote code execution vulnerability (CVE-2022-46169) with Wazuh
By Farouk Musa
In this blog post, we demonstrated how to detect the Cacti CVE-2022-46169 vulnerability and block exploitation attempts with Wazuh.
Read moreOur new blog post shows how we successfully use Wazuh to detect Vidar infostealer on an infected Windows endpoint.
Read more
Detecting Vidar infostealer with Wazuh
Our new blog post shows how we successfully use Wazuh to detect Vidar infostealer on an infected Windows endpoint.
Read moreOur new blog post shows how Wazuh can help organizations to monitor USB drives plugged into monitored Windows endpoints in real-time
Read more
Monitoring USB drives in Windows using Wazuh
Our new blog post shows how Wazuh can help organizations to monitor USB drives plugged into monitored Windows endpoints in...
Read moreOur new blog post shows how to detect common Linux persistence techniques with Wazuh by covering several common techniques.
Read more
Detecting common Linux persistence techniques with Wazuh
Our new blog post shows how to detect common Linux persistence techniques with Wazuh by covering several common techniques.
Read more
In this blog post, we use Sysmon integration and the Wazuh security configuration assessment module to detect RedLine infostealer.
Read more
How to detect RedLine Infostealer with Wazuh
In this blog post, we use Sysmon integration and the Wazuh security configuration assessment module to detect RedLine infostealer.
Read moreIn our new blog post, we focus on adversary emulation on AWS with Stratus Red Team and using Wazuh security capabilities.
Read more
Adversary emulation on AWS with Stratus Red Team and Wazuh
In our new blog post, we focus on adversary emulation on AWS with Stratus Red Team and using Wazuh security...
Read moreIn this blog post, we continue showing how Wazuh can detect some common Active Directory attacks using Windows security logs.
Read more
How to detect Active Directory attacks with Wazuh [Part 2 of 2]
In this blog post, we continue showing how Wazuh can detect some common Active Directory attacks using Windows security logs.
Read moreThe global pandemic in 2020 gave rise to more companies adopting remote working tools, services, and collaboration solutions. But organizations that utilize remote work services...
Read more
Monitoring remote OpenVPN connections with GeoIP and Wazuh XDR
The global pandemic in 2020 gave rise to more companies adopting remote working tools, services, and collaboration solutions. But organizations...
Read more
This blog shows how Wazuh can detect some common Active Directory attacks using Windows security logs and events captured on Sysmon.
Read more
How to detect Active Directory attacks with Wazuh [Part 1 of 2]
This blog shows how Wazuh can detect some common Active Directory attacks using Windows security logs and events captured on...
Read moreBy Openime Oniagbi and Dario Menten
Our new blog post shows how Wazuh can detect generic and obfuscated hoaxshell payloads and other attacks that abuse PowerShell.
Read more
Detecting hoaxshell with Wazuh
By Openime Oniagbi and Dario Menten
Our new blog post shows how Wazuh can detect generic and obfuscated hoaxshell payloads and other attacks that abuse PowerShell.
Read moreKeep up to date with
our digest of articles
Wazuh will not sell, trade, lease, or rent your personal data to third parties. By subscribing, I agree to the use of my personal data in accordance with Wazuh Privacy Policy.