Blog Entries

28. 03. 2024 Valentina Da Rold Bug Fixes, NetEye

NetEye 4 – Security Advisory

Important: GLPI Security Update Type/Severity Security Advisory: High Topic An update for the package glpi is now available for NetEye 4. NetEye Product Security has rated this update as having a security impact of High. Common Vulnerability Scoring System (CVSS) base scores provide additional guidance about a vulnerability, and give a detailed severity rating. Description…

Read More
28. 03. 2024 Mirko Ioris SOCnews

SOC News | Mar 28 – New Vulnerabilities Added To The KEV

On March 25, 2024, the Cybersecurity & Infrastructure Security Agency (CISA) added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The catalog is updated regularly and contains the vulnerabilities that are most likely to be used in attacks. Organizations should monitor and review it periodically and prioritize their patching efforts based on it. We…

Read More
25. 03. 2024 Franco Federico APM, NetEye, Visual Synthetic Monitoring

Migration from Alyvix Server to Alyvix Service

Beginning with NetEye version 4.26, Alyvix has been fully integrated into NetEye. Currently Alyvix within NetEye is implemented as the neteye-alyvix module, and is part of our Application Performance Monitoring (APM) world. We have Elastic with all the functionality of traditional APM, and then for synthetic monitoring we have Alyvix. In the past few weeks…

Read More
25. 03. 2024 Mattia Codato Development, DevOps, NetEye

Boosting NetEye CI Speed Post-FOSDEM ’24

On February 3rd and 4th, 2024, we attended FOSDEM, a major event where thousands of free and open-source software developers from around the world gather to exchange ideas and collaborate. This year I dedicated much of the second day to the Testing and Continuous Delivery room. Continuous testing is essential for ensuring the safe and…

Read More
21. 03. 2024 Massimo Giaimo SOCnews

SOC News | Mar 21 – IABs and Bulk Sales

Much has already been said about Initial Access Brokers (IABs) so I will limit myself to a brief description and then delve into the main theme of this article. The theme of Initial Access Brokers was summarized fantastically in the Initial Access Broker Landscape project by Curated Intelligence, reported in this link, which I recommend…

Read More
20. 03. 2024 Attilio Broglio Unified Monitoring

How to Monitor the TOP N RAM-Using Processes

After developing a custom check for monitoring the most CPU demanding processes on Windows servers, we implemented a similar check for RAM usage. Like I described in that previous post, we built this command via PowerShell. PowerShell provides the cmdlet: Get-Counter that gets performance counter data directly from the performance monitoring instrumentation in the Windows…

Read More
20. 03. 2024 Attilio Broglio Unified Monitoring

How to Monitor the TOP N CPU-Using Processes

During my last session with a customer, I faced an interesting and challenging issue in the Windows environment. The question was: “How can I monitor the list of the most CPU-demanding processes?” The request immediately looked like one that’s very simple to understand, but hard to implement. We look for something out of the box…

Read More
15. 03. 2024 Luca Zeni Blue Team, SEC4U

SATAYO and SOC: in the New Midlands

This article explains how the Cyber Threat Intelligence platform SATAYO serves as a powerful resource to optimize processes and strengthen threat coverage within the Würth Phoenix Attacker Centric SOC. We will analyze the utilization of SATAYO’s internal resources for creating Detection Rules and managing SOC alerts. Additionally, we will examine how the logs in SIEM…

Read More
15. 03. 2024 Matteo Cipolletta APM, Log-SIEM, NetEye

Unleashing Elastic APM: Containerized Scalability Explored

Introduction: Unveiling Elastic APM in Containerized Environments In today’s dynamic digital landscape, where every interaction matters, understanding the intricacies of application performance has become paramount. Elastic APM is a powerful toolset within the Elastic Stack included in the NetEye SIEM Module, and designed to provide unparalleled insights into the performance of your applications. As organizations…

Read More
15. 03. 2024 Gianluca Piccolo Bug Fixes, NetEye

Bug Fixes for NetEye 4.34

We resolved a bug in the NetEye PDF exporting module that causes the reporting scheduler to stop working. Updated packages We updated the following packages:

Read More
14. 03. 2024 Attilio Broglio NetEye, Unified Monitoring

How to Control Remote Devices from NagVis Maps via Tornado

This article stems from a project on the remote control of devices using NagVis maps. The main purpose is to find an easy way to actuate a remote device through a click on an interface. To do this, we implemented a method that uses Nagvis’ context menu by adding links. Clicking on them sends a…

Read More
12. 03. 2024 Emil Fazzi Bug Fixes, NetEye

Bug Fixes for NetEye 4.34

We resolved a bug in the NetEye Satellite installation and update procedures that previously resulted in an error when the Elastic Agent package was manually installed on the Satellite. Updated packages We updated the following packages:

Read More
11. 03. 2024 Mirko Ioris SOCnews

SOC News | Mar 11 – JetBrains TeamCity Authentication Bypass Vulnerabilities

On March 4, 2024, JetBrains released TeamCity version 2023.11.4, which patches two authentication bypass vulnerabilities in the web component of TeamCity. These vulnerabilities were discovered in February by Rapid7’s vulnerability research team and allow a remote unauthenticated attacker to perform a complete compromise of a vulnerable TeamCity installation, including unauthenticated RCE (remote code execution). CVE…

Read More
05. 03. 2024 Tobias Goller Unified Monitoring

nBox Mini

Every now and then I like to keep you up to date about news in the ntop environment. This time it’s not news about analysis methods or software, but about a new hardware solution. If you’re someone looking for a hardware-based, scalable, optimized, and purpose-built solution, without the hassle of software installation, chances are you’re…

Read More
01. 03. 2024 Charles Callaway Documentation

Turning Videos into Animated GIFs

So how’s your website doing? Did you set it up, and then leave it alone? It’s not that I’m trying to shame you, but we should all be thinking regularly about how to stay at the top of our game. You know, be agile. I was updating one of our websites last month, and we…

Read More

Archive