The daily monitoring activities that we carry out within our Security Operation Center Attacker Centric have allowed us to identify the spread of a new infostealer type malware. Log (or information) stealer malware is a type of Trojan that gathers data in order to send it to the attacker. Typical targets are credentials saved in…
Read MoreWe fixed a bug that did not allow the RHEL version to be set correctly when the automatic subscription was disabled. For NetEye 4.27 we updated the following packages:
Read MoreSynopsis Important: grafana-panel-renderer security update Type/Severity Security Advisory: Important Topic An update for the package grafana-panel-renderer is now available for NetEye 4. NetEye Product Security has rated this update as having a security impact of High. Common Vulnerability Scoring System (CVSS) base scores provide additional guidance about a vulnerability and give a detailed severity rating….
Read MoreGuidelines for data-driven models for managing data complexity and designing robust systems that might be considered both a single-source-of-truth and a single-point-of-contact. In the last few decades the world has truly turned into a data jungle: digital evolutions expose people and companies to dealing with data complexity management, a topic which has rapidly turned into…
Read MoreIn my previous blog post, we had a long discussion about how Icinga 2 manages its configuration in a Distributed Monitoring environment and how this can lead to unwanted disclosure of sensitive data, be it Secrets or Personal Data. The post ended with a set of recommendations/best practices that can be summarized in the statement…
Read MoreWhen upgrading NetEye 4 from version 4.22 to version 4.23, the main focus is the upgrade/change of the operating system from CentOS 7 to the new RHEL 8 operating system. Normally you can proceed as explained in the Upgrade section of the user guide since NetEye 4 uses the “normal” BIOS boot sector with grub….
Read MoreIn a previous article, we used NetEye and Elasticsearch to train a machine learning model able to classify documents about some collected radar signals, separating them into two categories (good vs bad), starting from an existing dataset. Afterwards, we applied it to new incoming documents using an Ingest Pipeline and the Inference Processor. Taking as…
Read MoreBefore deploying El Proxy in production we, the R&D Team, carried out numerous benchmarks and reproduced real life scenarios to ensure that the real-time log signing performed by El Proxy would not represent a bottleneck in environments where logs that must respect the Italian “Garante Privacy” regulations are generated with data rates of around 2,000…
Read MoreAs you have surely read from the release notes of NetEye 4.27, we have integrated ClickHouse to be able to use the historical flows and alerts feature of ntopng. What is ClickHouse? Directly from the official website: ClickHouse is a column-oriented database management system (DBMS) for online analytical processing of queries (OLAP). ClickHouse’s performance exceeds…
Read MoreSending an SMS requires time, between 5-7 seconds. This means that if you have to write a lot of SMS’s, you have to attach more than one SMS gateway to your server to be able to send them within a certain time frame. This is possible using the USB connection of the SMS gateway. As…
Read MoreScenario Veeam Backup & Replication product is widely used for backuping virtual machines, primary hosted on VMware vSphere infrastructure. It could also backup physical machines through dedicated agents. It’s very important to keep the backup status monitored: it would be nice to get the backup status through the Icinga2 agent in an easy way. PowerShell…
Read MoreOn December 2 we participated, as platinum sponsors, in the second edition of the HackInBo Business event. For 10 years, HackInBo has been one of the most important IT security conferences in Italy, and for this edition too we wanted to give our contribution by participating with a 40-minute talk. The formula of the event…
Read MoreIntro This post continues the analysis of a bug I had to deal with recently. If you missed the first part, I suggest you go take a look at it before continuing with this. If, on the other hand, you’ve been anxiously waiting for this post XD, we’re ready to get into the thick of…
Read MoreWelcome to version 4.27 of our NetEye v4 Unified Monitoring Solution. This time, NetEye arrives at the same time as one of the most magical periods of the year. It’s, in fact, during the Christmas period that dozens of squares in the South-Tyrolean land are decked out to welcome thousands of people and give them…
Read MoreWe fixed a bug where an older version of nginx was installed on the RHEL8 machines. Now nginx will be updated to 1.20.1. We also introduced a logrotate configuration for the neteye nginx logs. For NetEye 4.26 and 4.25 we updated the following packages:
Read More