Kasseika Threat Actor has joined the club of Threat Actors that currently use Bring Your Own Vulnerable Driver (BYOVD) tactics to disable antivirus/EDR software before carrying out malicious activities, such as encrypting files. Kasseika abuses the Martini driver, part of the TG Soft’s VirIT Agent System. By using BYOVD attacks, the malware gains privileges it…
Read MoreWe fixed a bug in Icinga2 that caused a huge increment of the InfluxDB disk usage. Updated packages We updated the following packages:
Read MoreWe fixed a bug in Icinga2 that caused a huge increment of the InfluxDB disk usage. Another bug that was fixed was causing smsd configuration to be lost during the upgrade. Finally, in Tornado it is now possible to correctly insert conditions of type regex in node filters. Updated packages We updated the following packages:
Read MoreToday I want to present an Icinga 2-based monitoring use case where concepts of the powerful Icinga 2 DSL functional language come into play. The use case is based on mapping the status of a Host/Service Object via passive check results only. For this kind of use case, any accidental active status check could potentially…
Read MoreIndex Lifecycle Management (ILM) policies constitute a fundamental component in Elasticsearch index management. They enable users to define the life stages of an index, determining when and how specific actions, such as transitioning from a “hot” to a “cold” state or deleting obsolete indices, should occur. ILM policies empower users to ensure the optimal distribution…
Read MoreWe fixed a bug in the NetEye Update and Upgrade procedures that was causing the procedure itself to stop with a timeout error in environments where the Elasticsearch APIs and/or Kibana APIs are particularly slow to respond. Updated packages We updated the following packages:
Read MoreWe fixed a bug in the NetEye Update and Upgrade procedures that was causing the procedure itself to stop with a timeout error in environments where the Elasticsearch APIs and/or Kibana APIs are particularly slow to respond. Updated packages We updated the following packages:
Read MoreA Security Operation Center (SOC) is a service where the customer is an active participant. Establishing a good relationship with the customer is an important requirement for handling security incidents more efficiently. Our SOC analysts produce and deliver several reports, most of them on a monthly basis. They are usually presented to clients during a…
Read MorePerhaps your first question is, “What is B-Roll”? Great question. After reading the next paragraph, feel free to throw around the term at your next cocktail party. No need to cite me. The easy definition is that it’s any video, animation, or dynamic graphic that doesn’t count as A-Roll. Yes, I love these kinds of…
Read MoreIn this bugfix, we fixed a problem for which, on single node installation, setting the correct replica number for all Elasticsearch indices could lead to an error related to system indices and the permissions needed to change their settings. Updated packages We updated to version 8.10.2_neteye3.57.4-1 the following packages:
Read More