Bug Fixes for NetEye 4.22
We fixed security vulnerabilities related to the file permissions. icingaweb2-module-assetmanagement-autosetup, icingaweb2-module-assetmanagement to 1.21.2-1
Read More
Blog Entries
Bug Fixes for NetEye 4.23
We fixed a problem that did not allow special characters to be displayed correctly in the monitoring section. We fixed security vulnerabilities also related to the file permissions. icinga2, icinga2-autosetup, icinga2-bin, icinga2-ido-mysql, icinga2-neteye-config, icinga2-resources, icinga2-common, icinga2-selinux to version 2.11.9_neteye1.48.4-1 icingaweb2-module-assetmanagement-autosetup, icingaweb2-module-assetmanagement to 1.21.2-1
Read MoreBug Fixes for NetEye 4.22
We fixed security vulnerabilities related to the file permissions. For NetEye 4.22 we updated the following packages: icingaweb2-module-auditlog and icingaweb2-module-auditlog-autosetup to 1.9.1.3
Read MoreBug Fixes for NetEye 4.23
We fixed security vulnerabilities related to the file permissions. For NetEye 4.23 we updated the following packages: icingaweb2-module-auditlog and icingaweb2-module-auditlog-autosetup to 1.9.1.3
Read MoreOffice365/Google Mail Users: Migrate Your EriZone/OTRS Mail Accounts to OAuth2 Authentication NOW!
Both Microsoft and Google will terminate within summer/autumn 2022 the possibility of accessing POP and IMAP mailboxes using usernames and passwords! In the course of the year 2022 Microsoft and Google will terminate support for Basic Auth (the authentication with username and password) for some web services and pass to a more secure method, often…
Read MoreCyber Apocalypse CTF 2022 – Red Island Writeup
The Cyber Apocalypse CTF is back with the 2022 edition. It’s a Jeopardy-style competition organized by Hack The Box and is open to everyone. Together as a security-focused guild (a concept taken from the Spotify model) we here at Würth Phoenix participated in this challenge and in particular I focused on the web challenges. After…
Read MoreCorrelation Between the Most Exploited CVEs and Detection Rules
On May 12th, the CSIRT (Computer Security Incident Response Team – Italia) published a list of the CVEs most exploited by threat actors. The list also contains an indication of the TTPs used by these attackers. The objective of this article is to make information available relating to detection rules that are already available within…
Read MoreA Look Inside Dark Angels Negotiation and Some Details about Their TTP
Starting from a static analysis done by Cyble Research Lab (https://blog.cyble.com/2022/05/06/rebranded-babuk-ransomware-in-action-darkangels-ransomware-performs-targeted-attack/) of ransomware called Dark Angels, we gained evidence about the activities of the Dark Angels ransomware group. An OSINT analysis carried out by our Würth Phoenix team helped to reach the Ransom Operator blog and one of the victim pages. Based on the evidence…
Read MoreBug Fixes for NetEye 4.22
We fixed a bug that was setting an incorrect target version during the upgrade. For NetEye 4.22 we updated the following package: neteye-upgrade-manager to version 0.12.24-1
Read MoreBug Fixes for NetEye 4.23
We fixed a bug which could cause Icinga 2 to not behave correctly when the Smart Director was enabled. This bug was occurring when Icinga 2 started before the DRBD of Icinga Web 2 was started. For NetEye 4.23 we updated the following packages: icinga2, icinga2-autosetup, icinga2-bin, icinga2-ido-mysql, icinga2-neteye-config, icinga2-resources, icinga2-common, icinga2-selinux to version 2.11.9_neteye1.48.3-1
Read MoreBug Fixes for NetEye 4.22
We fixed a bug which could cause Icinga 2 to not behave correctly when the Smart Director was enabled. This bug was occurring when Icinga 2 started before the DRBD of Icinga Web 2 was started. For NetEye 4.22 we updated the following packages: icinga2, icinga2-autosetup, icinga2-bin, icinga2-ido-mysql, icinga2-neteye-config, icinga2-resources, icinga2-common, icinga2-selinux to version 2.11.9_neteye1.48.3-1
Read MoreBug Fixes for NetEye 4.22
In Tornado we lowered the default values for the retries of the Smart Monitoring action. The previous default values was leading to a too long waiting time during the block of Smart Monitoring actions performed before the Icinga 2 restarts and Icinga Director deployments. The icinga-director.service systemd watchdog timeout was raised from 10 seconds to…
Read MoreBug Fixes for NetEye 4.23
In Tornado we lowered the default values for the retries of the Smart Monitoring action. The previous default values was leading to a too long waiting time during the block of Smart Monitoring actions performed before the Icinga 2 restarts and Icinga Director deployments. The icinga-director.service systemd watchdog timeout was raised from 10 seconds to…
Read MorePinning a Module to a Specific Kernel Release
During our implementation of the NetEye migration to Red Hat 8 we decided to drop our internal mirror for system packages and instead rely on Red Hat’s official repositories. Our goal was to improve reliability, speed up the delivery of updates, and alleviate the development team’s workload. But it also introduced a new issue: we…
Read MoreBug Fixes for NetEye 4.23
We fixed a bug in the grafana-panel-renderer and SLM which prevented silently the generation of resource reports if one of the corresponding requests to Grafana exceeded a certain timeout. For NetEye 4.22 we updated the following packages: grafana-panel-renderer to version 1.3.2-1 icingaweb2-module-slm, icingaweb2-module-slm-autosetup to version 4.19.2-1
Read More