Blog Entries

20. 02. 2024 Massimo Giaimo SOCnews

SOC News | Feb 20 – Lockbit Infrastructure Seizure

On 19 February, through an operation coordinated by the National Crime Agency (NCA), a large part of the infrastructure of the Lockbit ransomware gang was seized. The ransomware gang, active since 2019, is undoubtedly best known within the field of double extortion ransomware attacks, having published claims relating to 2,591 attacked organizations over the years….

Read More
16. 02. 2024 Reinhold Trocker Log-SIEM, NetEye

Enabling Elastic Agents Upgrades in Restricted or Closed Networks

In this article, we’ll explore how to configure the “Agent Binary Download” setting and set up your own artifact registry for binary downloads within a NetEye cluster. Prerequisites Before we begin, ensure you have the following prerequisites in place: Configuring the “Agent Binary Download” Setting Hosting Your Own Artifact Registry If routing traffic through a proxy server…

Read More
15. 02. 2024 Damiano Chini Bug Fixes, NetEye

Bug Fixes for NetEye 4.34

We fixed a bug in the SLM module that was causing an error when trying to create a Resource Contract in case any SLM Customer had an associated role with no permissions on the analytics module. Updated packages We updated the following packages:

Read More
14. 02. 2024 Marco Berlanda Bug Fixes, NetEye

Bug Fixes for NetEye 4.34

Updated packages We fixed a bug in the Elasticsearch action of Tornado UI that prevented the rule to be saved when either data or auth fields were edited. We updated the following packages:

Read More
13. 02. 2024 Tobias Goller NetEye, Unified Monitoring

SNMP Trap Archiving in Elastic via Tornado

First of all, I’ll briefly explain what the “Tornado” in NetEye actually is. Tornado is a Complex Event Processor that receives reports of events from data sources such as monitoring, email, and SNMP Traps, matches them against rules you’ve configured, and executes the actions associated with those rules, which can include sending notifications, logging to…

Read More
13. 02. 2024 Davide Sbetti Bug Fixes, NetEye

Bug Fixes for NetEye 4.34

We fixed a bug in the El Proxy DPO configuration for which the verification logs were never cleaned up. With the fix, it is now possible to specify, for each blockchain, a limit for the accumulated size for the logs. By default, the value is set to 1GB. Updated packages We updated the following packages:…

Read More
12. 02. 2024 Alessandro Mizzaro Bug Fixes, NetEye

NetEye 4 – Security Advisory

Important: Icinga Director Security Update Type/Severity Security Advisory: High Topic An update for the package icingaweb2-module-director is now available for NetEye 4. NetEye Product Security has rated this update as having a security impact of High. Common Vulnerability Scoring System (CVSS) base scores provide additional guidance about a vulnerability, and give a detailed severity rating….

Read More
09. 02. 2024 Massimo Giaimo SOCnews

SOC News | Feb 07 – FortiOS Critical Vulnerabilities

On February 8, 2024, Fortinet disclosed 2 critical vulnerabilities which could allow remote code or command execution. The vulnerabilities are as follows: FortiOS – Format String Bug in fgfmd, with CVSS severity 9.8 The versions prone to this vulnerability are: Version Affected Solution FortiOS 7.4 7.4.0 through 7.4.2 Upgrade to 7.4.3 or above FortiOS 7.2…

Read More
07. 02. 2024 Valentina Da Rold Bug Fixes, NetEye

Bug Fixes for NetEye 4.34

We fixed a bug in the Director module that caused the creation of a long list of created and deleted actions in the activity log, when a Tornado Smart Monitoring Action had been executed and the Icinga API returned an error. Now, if the Tornado action cannot correctly connect to the Icinga API, no log…

Read More
03. 02. 2024 Massimo Giaimo SOCnews

SOC News | Feb 04 – AnyDesk Compromise

Starting February 1st, rumors regarding a possible compromise of AnyDesk began to circulate online. These rumors became more insistent as the contents of the January 29 Release Notes were noted. What initially appeared to be just normal maintenance activity on Anydesk’s infrastructure was later revealed to actually be a compromise. AnyDesk has in fact made…

Read More
01. 02. 2024 Mattia Codato Downloads / Release Notes, NetEye, Unified Monitoring

NetEye 4.34 Release Notes

Welcome to version 4.34 of our NetEye v4 Unified Monitoring Solution. Spring is slowly approaching and the first plants awake from their winter slumber and peek through the snow. One of the earliest to bloom is the Crocus from the family of the Iridaceae. It’s native to Europe, North Africa, and Central Asia up to…

Read More
01. 02. 2024 Emil Fazzi Bug Fixes, NetEye

Bug Fixes for NetEye 4.33

We fixed several bugs in multiple NetEye modules. Following, you can find the details of the various bug fixes released! General Setup of a new RPM mirror Previously missing ansible collections, which prevented the configuration of new RPM mirrors, are now shipped. Wrong link on 404 page We fixed the 404 link problem that was…

Read More
01. 02. 2024 Davide Sbetti Bug Fixes

Bug Fixes for NetEye 4.32

We fixed the following issues in the integration between NetEye and Alyvix. Test Case file selection dropdown We fixed an issue in the Test Cases view for which, when switching between the Test Cases of different nodes, the wrong Test Case file name was shown in the relative dropdown menu. Hidden Nodes session workflow status…

Read More
01. 02. 2024 Davide Sbetti Bug Fixes

Bug Fixes for NetEye 4.31

We fixed the following issues in the integration between NetEye and Alyvix. Test Case file selection dropdown We fixed an issue in the Test Cases view for which, when switching between the Test Cases of different nodes, the wrong Test Case file name was shown in the relative dropdown menu. Hidden Nodes session workflow status…

Read More
01. 02. 2024 Davide Sbetti Bug Fixes

Bug Fixes for NetEye 4.30

We fixed the following issues in the integration between NetEye and Alyvix. Test Case file selection dropdown We fixed an issue in the Test Cases view for which, when switching between the Test Cases of different nodes, the wrong Test Case file name was shown in the relative dropdown menu. Hidden Nodes session workflow status…

Read More

Archive