Important: GLPI security update Type/Severity NetEye Product Security has rated this update as having a high security impact. Topic An update for the GLPI packages is now available for NetEye 4. Security Fix for NetEye 4.46 CVEs The CVEs include an authenticated SQL injection and a session stealing on externally authenticated user change. For a detailed overview of…
Read MoreOn September 18th, we hosted the NetEye Conference DACH 2025 at the Ofenwerk Nuremberg – a key event for NetEye users across the DACH region. The conference centered on the three pillars of modern IT – Observability, Cybersecurity, and Service Management – highlighting how closely these disciplines are intertwined in building resilient, data-driven IT operations….
Read More
There’s been a lot of talk in recent days about the seizure of the underground forum RAMP. There’s little to add to this issue, which has already been extensively written about. An excellent summary is available in this BleepingComputer article. What I’d like to highlight in this article, however, is how the main players in…
Read MoreWelcome to version 4.46 of our NetEye v4 Unified Monitoring Platform. As you log in, you’ll be greeted by the iconic bell tower of Curon rising from the frozen surface of Lake Resia (Reschensee). The tower stands alone amid the wide expanse of winter ice, where fine cracks and muted textures hint at the water…
Read MoreFix unnecessary action retries in Tornado’s Smart Monitoring component We fixed a bug affecting Tornado in NetEye 4.45 for a specific edge case in Tornado’s Smart Monitoring component that was causing unnecessary system overhead and log bloat. Specifically, when Tornado attempted to perform a “check result” in Icinga2 for a host that had been disabled…
Read MoreThis is the first article in the RTO series The Problem Red team and penetration testing activities are full of repetition: the network scans, reconnaissance, OSINT collection, and routine validation tasks are all necessary, but they’re also time-consuming and error-prone when executed manually. Over time, most teams end up with a zoo of scripts, half-maintained…
Read MoreFix contract list option wrongly disabled in SLM reports We fixed a bug affecting the SLM reporting in NetEye 4.45. The issue occurred during the modification of a report, when one of the contracts in the list could not be selected because the corresponding report would have been empty. In that case, the selection of…
Read MoreBug Fix We updated the version of GLPI in order to fix some relevant vulnerabilities. List of updated packages The following packages have been updated for NetEye 4.45:
Read MoreNetEye’s SLM module is tightly coupled to Icinga 2’s legacy monitoring backend, which was removed upstream with the introduction of IcingaDB. Official documentation exists that describes how to migrate configuration files written using the old syntax, but it’s incomplete and – more importantly – it doesn’t explain how to migrate PHP code that depends on…
Read MoreBug Fix in Tornado Module We solved an issue in Tornado’s rule configuration where the action_name field in director actions was being cleared after saving and deploying. When users created a rule with a director action and filled in both action_name and action_payload, the action_name value would disappear upon returning to the rule configuration. This…
Read MoreIf you’ve been in the Vue ecosystem for a while, you know that the jump from Vue 2 to Vue 3 is more than just a version bump – it’s a significant architectural evolution. It promises better performance, a more powerful Composition API, and a first-class TypeScript experience. Getting there from an old Vue 2…
Read MoreImportant: Elastic Stack security update Type/Severity NetEye Product Security has rated this update as having a High security impact. Topic An update for the elastic-stack packages (elasticsearch, kibana, filebeat, logstash and elastic-agent) is now available for NetEye 4. Security Fix for NetEye 4.45 CVEs The CVEs include an Information Disclosure vulnerability, a Server-Side Request Forgery and 5 Denial…
Read MoreIn modern security programs the silos between offensive and defensive teams is no longer sustainable: attackers iterate faster, tooling evolves daily, and detection gaps are exploited in minutes, not months. In this environment purple teaming is not an optional maturity enhancement, but it becomes a foundational requirement for organizations that take risk management seriously. Purple…
Read MoreElastic Enterprise license renewal Previously, the Elastic Enterprise license was scheduled to expire on February 28, 2026.With this update, the Elastic Enterprise license has been renewed and will now expire on December 31, 2026. In the case the health-check light/01004_elastic_license_check.sh is preventing you from updating your NetEye Installation you can run the following command: neteye update –skip-tags check_health….
Read More
As 2025 comes to a close, we can make some observations regarding the evolution of the double-extortion ransomware attack landscape. The data shown is the result of the enrichment performed within SATAYO starting from the data made available by the Ransomfeed project. The URLs of the Data Leak Sites (DLS) of the various ransomware gangs…
Read More