Blog Entries

27. 05. 2022 Alessandro Romboli ITOA, NetEye

The Flux Language Inside ITOA

ITOA ITOA is the NetEye component which represents time series data using the Grafana graphics engine. Data is usually collected by Telegraf agents and stored into an InfluxDB specialized non-relational database. Flux In order to manipulate the time series data, Grafana usually adopted a relational language: InfluxQL. The relational approach has had a number of…

Read More
26. 05. 2022 Ajay Sharma Bug Fixes, NetEye

Bug Fixes for NetEye 4.22

We fixed security vulnerabilities related to the file permissions. icingaweb2-module-assetmanagement-autosetup, icingaweb2-module-assetmanagement to 1.21.2-1

Read More
26. 05. 2022 Mattia Codato Bug Fixes, NetEye

Bug Fixes for NetEye 4.23

We fixed a problem that did not allow special characters to be displayed correctly in the monitoring section. We fixed security vulnerabilities also related to the file permissions. icinga2, icinga2-autosetup, icinga2-bin, icinga2-ido-mysql, icinga2-neteye-config, icinga2-resources, icinga2-common, icinga2-selinux to version 2.11.9_neteye1.48.4-1 icingaweb2-module-assetmanagement-autosetup, icingaweb2-module-assetmanagement to 1.21.2-1

Read More
24. 05. 2022 Ajay Sharma Bug Fixes, NetEye

Bug Fixes for NetEye 4.22

We fixed security vulnerabilities related to the file permissions. For NetEye 4.22 we updated the following packages: icingaweb2-module-auditlog and icingaweb2-module-auditlog-autosetup to 1.9.1.3

Read More
24. 05. 2022 Ajay Sharma Bug Fixes, NetEye

Bug Fixes for NetEye 4.23

We fixed security vulnerabilities related to the file permissions. For NetEye 4.23 we updated the following packages: icingaweb2-module-auditlog and icingaweb2-module-auditlog-autosetup to 1.9.1.3

Read More
23. 05. 2022 Mirko Morandini Cloud, Service Management

Office365/Google Mail Users: Migrate Your EriZone/OTRS Mail Accounts to OAuth2 Authentication NOW!

Both Microsoft and Google will terminate within summer/autumn 2022 the possibility of accessing POP and IMAP mailboxes using usernames and passwords! In the course of the year 2022 Microsoft and Google will terminate support for Basic Auth (the authentication with username and password) for some web services and pass to a more secure method, often…

Read More
19. 05. 2022 Mattia Codato ctf-writeups, Development

Cyber Apocalypse CTF 2022 – Red Island Writeup

The Cyber Apocalypse CTF is back with the 2022 edition. It’s a Jeopardy-style competition organized by Hack The Box and is open to everyone. Together as a security-focused guild (a concept taken from the Spotify model) we here at Würth Phoenix participated in this challenge and in particular I focused on the web challenges. After…

Read More
18. 05. 2022 Massimo Giaimo Blue Team

Correlation Between the Most Exploited CVEs and Detection Rules

On May 12th, the CSIRT (Computer Security Incident Response Team – Italia) published a list of the CVEs most exploited by threat actors. The list also contains an indication of the TTPs used by these attackers. The objective of this article is to make information available relating to detection rules that are already available within…

Read More
17. 05. 2022 Massimo Giaimo Blue Team, SEC4U

A Look Inside Dark Angels Negotiation and Some Details about Their TTP

Starting from a static analysis done by Cyble Research Lab (https://blog.cyble.com/2022/05/06/rebranded-babuk-ransomware-in-action-darkangels-ransomware-performs-targeted-attack/) of ransomware called Dark Angels, we gained evidence about the activities of the Dark Angels ransomware group. An OSINT analysis carried out by our Würth Phoenix team helped to reach the Ransom Operator blog and one of the victim pages. Based on the evidence…

Read More
17. 05. 2022 Mattia Codato Bug Fixes, NetEye

Bug Fixes for NetEye 4.22

We fixed a bug that was setting an incorrect target version during the upgrade. For NetEye 4.22 we updated the following package: neteye-upgrade-manager to version 0.12.24-1

Read More
11. 05. 2022 Damiano Chini Bug Fixes, NetEye

Bug Fixes for NetEye 4.22

We fixed a bug which could cause Icinga 2 to not behave correctly when the Smart Director was enabled. This bug was occurring when Icinga 2 started before the DRBD of Icinga Web 2 was started. For NetEye 4.22 we updated the following packages: icinga2, icinga2-autosetup, icinga2-bin, icinga2-ido-mysql, icinga2-neteye-config, icinga2-resources, icinga2-common, icinga2-selinux to version 2.11.9_neteye1.48.3-1

Read More
11. 05. 2022 Damiano Chini Bug Fixes, NetEye

Bug Fixes for NetEye 4.23

We fixed a bug which could cause Icinga 2 to not behave correctly when the Smart Director was enabled. This bug was occurring when Icinga 2 started before the DRBD of Icinga Web 2 was started. For NetEye 4.23 we updated the following packages: icinga2, icinga2-autosetup, icinga2-bin, icinga2-ido-mysql, icinga2-neteye-config, icinga2-resources, icinga2-common, icinga2-selinux to version 2.11.9_neteye1.48.3-1

Read More
11. 05. 2022 Damiano Chini Bug Fixes, NetEye

Bug Fixes for NetEye 4.22

In Tornado we lowered the default values for the retries of the Smart Monitoring action. The previous default values was leading to a too long waiting time during the block of Smart Monitoring actions performed before the Icinga 2 restarts and Icinga Director deployments. The icinga-director.service systemd watchdog timeout was raised from 10 seconds to…

Read More
11. 05. 2022 Damiano Chini Bug Fixes, NetEye

Bug Fixes for NetEye 4.23

In Tornado we lowered the default values for the retries of the Smart Monitoring action. The previous default values was leading to a too long waiting time during the block of Smart Monitoring actions performed before the Icinga 2 restarts and Icinga Director deployments. The icinga-director.service systemd watchdog timeout was raised from 10 seconds to…

Read More
06. 05. 2022 Alessandro Valentini Development, NetEye

Pinning a Module to a Specific Kernel Release

During our implementation of the NetEye migration to Red Hat 8 we decided to drop our internal mirror for system packages and instead rely on Red Hat’s official repositories. Our goal was to improve reliability, speed up the delivery of updates, and alleviate the development team’s workload. But it also introduced a new issue: we…

Read More

Archive