How to configure Rsyslog client to send events to Wazuh
Learn how to configure a Rsyslog client to send event messages to the Wazuh manager step by step.
All results for 'Eva Lopez'
Showing 12 of 61 resultsHow to integrate external software using Integrator
We will learn how to configure Wazuh to communicate with external APIs. Integrator is a tool which easily connects Wazuh with external software.
Integrating Amazon Macie in Wazuh
Learn how to monitor the data stored in your S3 with Amazon Macie and Wazuh.
Detecting Metasploit attacks
We are going to attack a vulnerable server using Metasploit and then we will see how to use Wazuh to detect various of its attacks. This framework is the most used penetration testing framework in the world. It contains a suite of tools that you can use to test security vulnerabilities, enumerate networks, execute attacks, and evade […]
Introducing Wazuh 4.10.0
We are excited to announce the release of Wazuh 4.10.0. This release introduces integration with Microsoft Intune, enhanced logging for cloud integration modules, and debug symbol generation for macOS, Linux, and Windows. It includes a new vulnerability evaluation status field and major updates to SCA policies for improved security compliance on monitored endpoints. We also […]
Detecting XWorm malware with Wazuh
XWorm is a .NET-based Remote Access Trojan (RAT) that initially emerged in early 2022 and resurfaced in 2025 with enhanced capabilities and renewed activity in targeted cyberattacks. Designed to compromise Windows endpoints, XWorm is widely adopted by threat actors due to its modular design and low detection rates when obfuscated, making it a persistent threat […]
Monitoring Hyper-V with Wazuh
Microsoft Hyper-V is a widely used virtualization platform in enterprise environments, powering everything from development labs to production workloads.
Detecting and responding to Lumma Stealer with Wazuh
Lumma Stealer, also known as LummaC2 Stealer, is a customizable malware written in C/C++ that allows for efficient and low-level access to system resources. It uses extensive obfuscation and anti-analysis features, making it highly effective and hard to detect. It is distributed as a Malware-as-a-Service (MaaS) model, with several plans available on underground forums and […]
Adversary emulation on AWS with Stratus Red Team and Wazuh
In our new blog post, we focus on adversary emulation on AWS with Stratus Red Team and using Wazuh security capabilities.
Snapekit detection with Wazuh
The Snapekit rootkit was reported by Gen Threat Labs on X (formerly Twitter) on October 2, 2024. They identified several behavioral patterns of the rootkit. At the time of writing, all publicly available Snapekit samples specifically target Arch Linux (6.10.2-arch1-1 x86_64). However, the rootkit can be easily adapted to impact other versions of Arch Linux […]
Ensuring NIS2 compliance with Wazuh
Network and Information Systems (NIS2) is a European Union (EU) legislation raising cybersecurity standards for businesses due to new cyber threats across the EU. It’s an update and expansion of the original NIS (Network and Information Systems) directive adopted in 2016. NIS2 broadens the scope to include energy, transport, banking, public administration, and space sectors. […]
Detecting data exfiltration using Living Off the Land tools with Wazuh
Detecting data exfiltration is an important aspect of maintaining cybersecurity, especially when attackers leverage native system tools to evade detection. This technique, known as Living Off the Land (LOTL), involves the misuse of legitimate utilities in the operating system, making malicious activities blend with normal operations. Advanced Persistent Threat (APT) groups commonly use LOTL techniques, […]
No results for 'Eva Lopez'
Please make sure that all words are spelled correctly.