Posts tagged "wazuh"

dev English

How to Upgrade Wazuh on Ubuntu 24.04 and Fix a wazuh-manager Timeout During the Process

0 Comment read
How to Upgrade Wazuh on Ubuntu 24.04 and Fix a wazuh-manager Timeout During the Process

Upgrading Wazuh on Ubuntu 24.04 can look successful at first, only to stall at the final step when wazuh-manager fails to complete its post-install process. In this guide, I walk through a real upgrade from Wazuh 4.13.1 to 4.14.4, explain why the dashboard may still load while the API remains unavailable, and show how a simple systemd override can allow the manager to start cleanly and complete the upgrade.

Continue reading
dev English

Shellshock Attack, Detection, Analysis, and Why Wazuh Proved Its Power

0 Comment read
Shellshock Attack, Detection, Analysis, and Why Wazuh Proved Its Power

Overview At 02:04:43 UTC, 7 November 2025, our Wazuh SIEM raised a critical level-15 alert, Rule 31168, “Shellshock attack detected” This alert originated from an Nginx access log on agent, proxy-sg2-deb-12-pro-proxy-xxxx (IP 1xx.xxx.xxx.xxx). The source of the request was 193.26.115.195 (Netherlands). Wazuh immediately identified the payload as an active Shellshock exploit attempt (CVE-2014-6271). But here’s… Continue reading