Kasseika Threat Actor has joined the club of Threat Actors that currently use Bring Your Own Vulnerable Driver (BYOVD) tactics to disable antivirus/EDR software before carrying out malicious activities, such as encrypting files. Kasseika abuses the Martini driver, part of the TG Soft’s VirIT Agent System. By using BYOVD attacks, the malware gains privileges it…
Read MoreWe fixed a bug in Icinga2 that caused a huge increment of the InfluxDB disk usage. Updated packages We updated the following packages:
Read MoreWe fixed a bug in Icinga2 that caused a huge increment of the InfluxDB disk usage. Another bug that was fixed was causing smsd configuration to be lost during the upgrade. Finally, in Tornado it is now possible to correctly insert conditions of type regex in node filters. Updated packages We updated the following packages:
Read MoreToday I want to present an Icinga 2-based monitoring use case where concepts of the powerful Icinga 2 DSL functional language come into play. The use case is based on mapping the status of a Host/Service Object via passive check results only. For this kind of use case, any accidental active status check could potentially…
Read MoreIndex Lifecycle Management (ILM) policies constitute a fundamental component in Elasticsearch index management. They enable users to define the life stages of an index, determining when and how specific actions, such as transitioning from a “hot” to a “cold” state or deleting obsolete indices, should occur. ILM policies empower users to ensure the optimal distribution…
Read MoreWe fixed a bug in the NetEye Update and Upgrade procedures that was causing the procedure itself to stop with a timeout error in environments where the Elasticsearch APIs and/or Kibana APIs are particularly slow to respond. Updated packages We updated the following packages:
Read MoreWe fixed a bug in the NetEye Update and Upgrade procedures that was causing the procedure itself to stop with a timeout error in environments where the Elasticsearch APIs and/or Kibana APIs are particularly slow to respond. Updated packages We updated the following packages:
Read MoreA Security Operation Center (SOC) is a service where the customer is an active participant. Establishing a good relationship with the customer is an important requirement for handling security incidents more efficiently. Our SOC analysts produce and deliver several reports, most of them on a monthly basis. They are usually presented to clients during a…
Read MorePerhaps your first question is, “What is B-Roll”? Great question. After reading the next paragraph, feel free to throw around the term at your next cocktail party. No need to cite me. The easy definition is that it’s any video, animation, or dynamic graphic that doesn’t count as A-Roll. Yes, I love these kinds of…
Read MoreIn this bugfix, we fixed a problem for which, on single node installation, setting the correct replica number for all Elasticsearch indices could lead to an error related to system indices and the permissions needed to change their settings. Updated packages We updated to version 8.10.2_neteye3.57.4-1 the following packages:
Read MoreOver the course of the last few years, we’ve introduced more and more features in NetEye 4. This fact has had a side effect that’s not directly visible to customers, namely that we keep adding more and more tests to the testing phase of the NetEye 4 Continuous Integration pipelines. While this ensures that regression…
Read MoreHow to survive managing the IT asset purchase cycle in your company with just a few key elements that ensure a just-in-time approach and decreased waiting time What are the goals and benefits of automating the procurement process? Sooner or later, it’s going to be time to change and evolve. It’s usually better to choose…
Read MoreDuring the process of developing and improving the official NetEye user guide, some bugs regarding the display of the guide on mobile devices gave us the opportunity to innovate the development process of our product, extending the testing phase prior to the release of new versions of the NetEye user guide. In this blog post,…
Read MoreIn the last few weeks the NetEye development team and the Alyvix development team have been collaborating to achieve support for Time Periods in Alyvix. In this blog post, we’d like to share some interesting challenges that this feature has brought to the developers. Disclaimer: as of the 28th of December, 2023 the Alyvix Time…
Read MoreWith the latest version of NetEye 4.33, the Fleet Server and ElasticAgent officially join the NetEye Elastic Stack (see NetEye 4.33 Release Notes ) Related to this new big feature, within the NetEye Extension Packs project we have provided new monitoring checks that can help customers and consultants who use NetEye to keep these new…
Read More