Important: GLPI Security Update Type/Severity Security Advisory: High Topic An update for the package glpi is now available for NetEye 4. NetEye Product Security has rated this update as having a security impact of High. Common Vulnerability Scoring System (CVSS) base scores provide additional guidance about a vulnerability, and give a detailed severity rating. Description…
Read MoreOn March 25, 2024, the Cybersecurity & Infrastructure Security Agency (CISA) added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The catalog is updated regularly and contains those vulnerabilities most likely to be used in attacks. Organizations should monitor and review it periodically, and prioritize their patching efforts based on it. I’ll provide a…
Read MoreBeginning with NetEye version 4.26, Alyvix has been fully integrated into NetEye. Currently Alyvix within NetEye is implemented as the neteye-alyvix module, and is part of our Application Performance Monitoring (APM) world. We have Elastic with all the functionality of traditional APM, and then for synthetic monitoring we have Alyvix. In the past few weeks…
Read MoreOn February 3rd and 4th, 2024, we attended FOSDEM, a major event where thousands of free and open-source software developers from around the world gather to exchange ideas and collaborate. This year I dedicated much of the second day to the Testing and Continuous Delivery room. Continuous testing is essential for ensuring the safe and…
Read MoreMuch has already been said about Initial Access Brokers (IABs) so I will limit myself to a brief description and then delve into the main theme of this article. The theme of Initial Access Brokers was summarized fantastically in the Initial Access Broker Landscape project by Curated Intelligence, reported in this link, which I recommend…
Read MoreAfter developing a custom check for monitoring the most CPU demanding processes on Windows servers, we implemented a similar check for RAM usage. Like I described in that previous post, we built this command via PowerShell. PowerShell provides the cmdlet: Get-Counter that gets performance counter data directly from the performance monitoring instrumentation in the Windows…
Read MoreDuring my last session with a customer, I faced an interesting and challenging issue in the Windows environment. The question was: “How can I monitor the list of the most CPU-demanding processes?” The request immediately looked like one that’s very simple to understand, but hard to implement. We look for something out of the box…
Read MoreThis article explains how the Cyber Threat Intelligence platform SATAYO serves as a powerful resource to optimize processes and strengthen threat coverage within the Würth Phoenix Attacker Centric SOC. We will analyze the utilization of SATAYO’s internal resources for creating Detection Rules and managing SOC alerts. Additionally, we will examine how the logs in SIEM…
Read MoreIntroduction: Unveiling Elastic APM in Containerized Environments In today’s dynamic digital landscape, where every interaction matters, understanding the intricacies of application performance has become paramount. Elastic APM is a powerful toolset within the Elastic Stack included in the NetEye SIEM Module, and designed to provide unparalleled insights into the performance of your applications. As organizations…
Read MoreWe resolved a bug in the NetEye PDF exporting module that causes the reporting scheduler to stop working. Updated packages We updated the following packages:
Read MoreThis article stems from a project on the remote control of devices using NagVis maps. The main purpose is to find an easy way to actuate a remote device through a click on an interface. To do this, we implemented a method that uses Nagvis’ context menu by adding links. Clicking on them sends a…
Read MoreWe resolved a bug in the NetEye Satellite installation and update procedures that previously resulted in an error when the Elastic Agent package was manually installed on the Satellite. Updated packages We updated the following packages:
Read MoreOn March 4, 2024, JetBrains released TeamCity version 2023.11.4, which patches two authentication bypass vulnerabilities in the web component of TeamCity. These vulnerabilities were discovered in February by Rapid7’s vulnerability research team and allow a remote unauthenticated attacker to perform a complete compromise of a vulnerable TeamCity installation, including unauthenticated RCE (remote code execution). CVE…
Read MoreEvery now and then I like to keep you up to date about news in the ntop environment. This time it’s not news about analysis methods or software, but about a new hardware solution. If you’re someone looking for a hardware-based, scalable, optimized, and purpose-built solution, without the hassle of software installation, chances are you’re…
Read MoreSo how’s your website doing? Did you set it up, and then leave it alone? It’s not that I’m trying to shame you, but we should all be thinking regularly about how to stay at the top of our game. You know, be agile. I was updating one of our websites last month, and we…
Read More