As you may know, I do ntopng consulting, and support companies in their implementation of ntop solutions. For some time now, ntopng users have noticed a high amount of QUIC traffic in their respective networks. Most people don’t really know what QUIC is, which is why I’d like to take this as an opportunity to…
Read MoreWe fixed a bug in the neteye update and neteye upgrade commands that was causing the NetEye default Logstash plugins to be installed from the Internet on passive cluster nodes. In particular this was causing the commands to fail in case these nodes did not have access to rubygems.org. Updated packages We updated the following…
Read MoreWe fixed a bug in the neteye update and neteye upgrade commands that was causing the NetEye default Logstash plugins to be installed from the Internet on passive cluster nodes. In particular this was causing the commands to fail in case these nodes did not have access to rubygems.org. Updated packages We updated the following…
Read MoreIn this series I’ve given you lots of advice on making your own tutorial-style IT videos for YouTube as a single DIY “maker”: writer, lighting, director, cameraman, editor, audio specialist, etc. But these posts weren’t written in the order of my “workflow”, i.e. the sequence I actually go through when making a new video. So…
Read MoreIn the R&D Team, it’s imperative to stay ahead of the curve when it comes to emerging technologies. One such innovation that has been making waves in the frontend community is Tailwind CSS, and we decided to adopt it in the development of the Wuerth Phoenix CTF 2024 website. In this blog post, we’ll dive…
Read MoreA customer last week asked me to implement the following use case: When a production PLC device (programmable logic controller) goes offline, any associated service must be automatically switched off, since it needs to connect to the PLC in order to exchange data from the source server, and for that the PLC must be active….
Read MoreDuring the last week of April, our Attacker Centric SOC detected multiple new cyber attacker group websites in the Dark Web. Called Dedicated Leak Sites (DLS), they are widely used by ransomware gangs to publish stolen confidential data when the victim refuses to pay the ransom. Usually, after an attack is claimed, a small amount of…
Read MoreNetEye installations can be either in Standalone (Single Node) or in Cluster configuration, and for each one there’s the possibility to extend monitoring in segregated portions of the network or remote locations, or simply to be able to lighten the load of the master through the use of one or more satellites (the number of…
Read MoreSynopsis Important: GLPI security update Type/Severity Security Advisory: High Topic An update for the package glpi is now available for NetEye 4. NetEye Product Security has rated this update as having a security impact of High. Common Vulnerability Scoring System (CVSS) base scores provide additional guidance about a vulnerability and give a detailed severity rating….
Read MoreCisco Talos identified a previously unknown state-sponsored actor behind ArcaneDoor, a sophisticated cyber espionage campaign targeting the perimeter network devices of several vendors. This actor is now tracked as UAT4356 by Talos and STORM-1849 by the Microsoft Threat Intelligence Center. The initial attack vector is still unknown, but the attacker exploited two previously unknown vulnerabilities. An…
Read MoreUsing our CTI SATAYO platform, we identified an artifact belonging to AMMEGA’s data breach. AMMEGA is a multinational manufacturing company based in the Netherlands with revenues of $1.2 billion. It was the victim of an attack carried out by the Cactus ransomware gang in early March. The ransomware operators exfiltrated 3 TB of data and…
Read MoreSynopsis Important: geomap security update Type/Severity Security Advisory: High Topic An update for the package geomap is now available for NetEye 4. NetEye Product Security has rated this update as having a security impact of High. Common Vulnerability Scoring System (CVSS) base scores provide additional guidance about a vulnerability and give a detailed severity rating….
Read MoreResolved an issue in the NetEye Alyvix module where the dashboard’s loading state would persist indefinitely if no nodes were configured. Furthermore we fixed a bug where Monitoring Objects could not be created over the live-creation if its name contained the percentage symbol Updated packages We updated the following packages:
Read MoreScenario NetEye 4 is a comprehensive monitoring platform which natively supports Business Processes. A Business Process is an abstract view of a customer’s business from the Application point of view. Usually, it’s a collection of Icinga 2 checks aggregated by “AND, OR, At Least” logic in order to monitor whether a Business Application is really…
Read MoreType/Severity Security Advisory: High Topic There is a security update for GLPI Agent Description This version specifically fixes 2 critical security issues related to MSI packaging on Windows: For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the links listed below in the References…
Read More