Defense evasion techniques are methods that threat actors use to conceal their presence, bypass security mechanisms, and operate undetected on compromised systems. By evading detection, adversaries can maintain persistence and continue malicious activity even during active monitoring or security scans. Common defense evasion methods include disabling or uninstalling security tools, tampering with event logs, obfuscating […]
All results for 'Eva Lopez'
Showing 12 of 71 resultsLearn how to configure a Rsyslog client to send event messages to the Wazuh manager step by step.
We will learn how to configure Wazuh to communicate with external APIs. Integrator is a tool which easily connects Wazuh with external software.
Learn how to monitor the data stored in your S3 with Amazon Macie and Wazuh.
Cloud security posture management (CSPM) involves evaluating, enhancing, and maintaining an organization's cloud security posture.
With advanced threat hunting capabilities, security teams can stay proactive in identifying and eliminating emerging threats.
We are excited to announce the release of Wazuh 4.10.0. This release introduces integration with Microsoft Intune, enhanced logging for cloud integration modules, and debug symbol generation for macOS, Linux, and Windows. It includes a new vulnerability evaluation status field and major updates to SCA policies for improved security compliance on monitored endpoints. We also […]
We are going to attack a vulnerable server using Metasploit and then we will see how to use Wazuh to detect various of its attacks. This framework is the most used penetration testing framework in the world. It contains a suite of tools that you can use to test security vulnerabilities, enumerate networks, execute attacks, and evade […]
XWorm is a .NET-based Remote Access Trojan (RAT) that initially emerged in early 2022 and resurfaced in 2025 with enhanced capabilities and renewed activity in targeted cyberattacks. Designed to compromise Windows endpoints, XWorm is widely adopted by threat actors due to its modular design and low detection rates when obfuscated, making it a persistent threat […]
Microsoft Hyper-V is a widely used virtualization platform in enterprise environments, powering everything from development labs to production workloads.
In our new blog post, we focus on adversary emulation on AWS with Stratus Red Team and using Wazuh security capabilities.
The Snapekit rootkit was reported by Gen Threat Labs on X (formerly Twitter) on October 2, 2024. They identified several behavioral patterns of the rootkit. At the time of writing, all publicly available Snapekit samples specifically target Arch Linux (6.10.2-arch1-1 x86_64). However, the rootkit can be easily adapted to impact other versions of Arch Linux […]
No results for 'Eva Lopez'
Please make sure that all words are spelled correctly.