Blog Entries

17. 06. 2024 Davide Sbetti Bug Fixes, NetEye

Bug Fixes for NetEye 4.36

We fixed a bug in the NetEye IDOReports module related to its installation process and in particular with an update of its database. We updated the following packages:

Read More
17. 06. 2024 Davide Sbetti Bug Fixes, NetEye

Bug Fixes for NetEye 4.35

We fixed a bug in the NetEye IDOReports module related to its installation process and in particular with an update of its database. We updated the following packages:

Read More
14. 06. 2024 Alessandro Valentini DevOps, NetEye

Automating the Full NetEye Release Procedure

One of the first issues we added more than 2 years ago to our DevOps backlog was automating the infrastructure preparation and release of NetEye, but we postponed it for a long time because it was too big to do. A bit of background Every 2 months we release a new NetEye version: this basically…

Read More
14. 06. 2024 Matteo Cipolletta APM, NetEye, Real User Experience, Visual Synthetic Monitoring

The Right Monitoring Tool: Elastic Synthetic Browser Monitor vs. Alyvix

In today’s digital landscape, ensuring optimal performance and availability of applications is critical. Monitoring tools like Elastic Synthetics Journey Monitor and Alyvix offer unique capabilities tailored to diverse needs. Understanding where each tool excels can help you choose the best solution for your requirements. Elastic Synthetic Browser Monitor: Strengths and Use Cases Elastic Synthetic Browser…

Read More
13. 06. 2024 Davide Sbetti Bug Fixes, NetEye

Bug Fixes for NetEye 4.36

We fixed a bug in the NetEye Alyvix module where an error was thrown when the super-admin would create a Test Case in a Tenant associated with a Time Period present in a different Tenant. We updated the following packages:

Read More
11. 06. 2024 Davide Sbetti Development, Events, NetEye

An XPerience: Discussing the Role of AI in the Agile World

Between the 4th and 7th of June this year, Bolzano had the opportunity to host XP 2024, the 25th edition of the premier international conference on Agile software development. The scenario was NOI Techpark and, as Würth Phoenix, we were there and had the chance to participate in the conference with two talks about SecDevOps…

Read More
11. 06. 2024 Gianluca Piccolo Bug Fixes, NetEye

Bug Fixes for NetEye 4.36

We fixed a bug that causes the kill of unrelated processes during the cluster resource relocation. Important: the NetEye update procedure in this case, in order to fix the existing configuration, will restart most of the PCS cluster resources and will cause a temporary service downtime. We updated the following packages:

Read More
10. 06. 2024 Emil Fazzi Bug Fixes, NetEye

Bug Fixes for NetEye 4.36

SIEM – Log Management JVM Configurations We fixed some bugs related to the Elastic JVM configurations, that was duplicating log files in the default directory. The JVM configurations are now up to date and the organization of configuration files has been improved. El Proxy We fixed a bug in El Proxy related to the retry…

Read More
10. 06. 2024 Emil Fazzi Bug Fixes, NetEye

Bug Fixes for NetEye 4.35

El Proxy We fixed a bug in El Proxy related to the retry strategy for sending signed logs to Elasticsearch. Previously, after a document has been rejected from the Elasticsearch ingest pipeline, all non-signed logs were deleted during the retry phase including the mandatory “timestamp” field. Our solution now ensures that all mandatory fields remain…

Read More
07. 06. 2024 Luca Zeni Blue Team, SEC4U

Akira Ransomware: How to Make an Efficient Detection Rule

In this article, we’re going to explore an example of the process used to perform the initial steps of creating ad hoc detection rules based on specific events that mark the world of cyber security. Specifically, starting from a real case, we’ll see the study and analysis carried out to create a rule to monitor…

Read More
03. 06. 2024 Mattia Codato Downloads / Release Notes, NetEye, Unified Monitoring

NetEye 4.36 Release Notes

Welcome to version 4.36 of our NetEye v4 Unified Monitoring Solution. Merano/Meran is welcoming you with its promenades and palms, gardens and parklands, castles and palaces, noble villas, and unique urbanscape. Always fascinating, Merano is a historical spa town where hospitality and tourism reside in its soul. Merano is about taking a morning walk through…

Read More
27. 05. 2024 Juergen Vigna NetEye

Check the Version of Your NetEye Cluster with Satellites

Whenever I upgrade a NetEye Cluster with all its Satellites, it’s important that no host is forgotten, and that all packages are installed (which can happen because an upgrade error occurred, for example if one forgot to call neteye_finalize_installation). So I thought it would be handy to have a script/plugin that shows the current version…

Read More
24. 05. 2024 Daniel Degasperi Blue Team, SEC4U

How To Detect a Chromium Browser Stealer With Elastic

In this blog, I’ll propose and describe a solution for detecting potential infostealers targeting Chromium-based browsers, taking a cue from the research exposed by Google’s Chrome Security Team (Detecting browser data theft using Windows Event Logs). Obviously a solution using Elastic 🙂 ! What is an Infostealer (in a nutshell) ? In the realm of…

Read More
24. 05. 2024 Alessandro Valentini DevOps

OpenShift: How to Check and Reset Ceph Storage in Warning State

Every so often it may happen (in particular after a cluster update or hardware issues) that you see your storage in a warning state on OpenShift. The first thing to do is to check what’s wrong with your cluster: sometimes you may have a real issue, in other cases it may just be a temporary…

Read More
24. 05. 2024 Mirko Ioris SOCnews

SOC News | May 24 – Patch This Veeam Critical Vulnerability Now

On May 21, Veeam published details about four different vulnerabilities detected in their product Veeam Backup Enterprise Manager (VBEM). One of them is critical and allows an unauthenticated attacker to log in to the Veeam Backup Enterprise Manager web interface as any user. CVE Number CVSS Score EPSS Score CVE-2024-29849 9.8 (Critical) 0.04% (Low) CVE-2024-29850…

Read More

Archive