Bug Fixes for NetEye 4.22
We fixed security vulnerabilities related to the file permissions. icingaweb2-module-assetmanagement-autosetup, icingaweb2-module-assetmanagement to 1.21.2-1
Read MoreWe fixed security vulnerabilities related to the file permissions. icingaweb2-module-assetmanagement-autosetup, icingaweb2-module-assetmanagement to 1.21.2-1
Read MoreWe fixed a problem that did not allow special characters to be displayed correctly in the monitoring section. We fixed security vulnerabilities also related to the file permissions. icinga2, icinga2-autosetup, icinga2-bin, icinga2-ido-mysql, icinga2-neteye-config, icinga2-resources, icinga2-common, icinga2-selinux to version 2.11.9_neteye1.48.4-1 icingaweb2-module-assetmanagement-autosetup, icingaweb2-module-assetmanagement to 1.21.2-1
Read MoreWe fixed security vulnerabilities related to the file permissions. For NetEye 4.22 we updated the following packages: icingaweb2-module-auditlog and icingaweb2-module-auditlog-autosetup to 1.9.1.3
Read MoreWe fixed security vulnerabilities related to the file permissions. For NetEye 4.23 we updated the following packages: icingaweb2-module-auditlog and icingaweb2-module-auditlog-autosetup to 1.9.1.3
Read MoreBoth Microsoft and Google will terminate within summer/autumn 2022 the possibility of accessing POP and IMAP mailboxes using usernames and passwords! In the course of the year 2022 Microsoft and Google will terminate support for Basic Auth (the authentication with username and password) for some web services and pass to a more secure method, often…
Read MoreThe Cyber Apocalypse CTF is back with the 2022 edition. It’s a Jeopardy-style competition organized by Hack The Box and is open to everyone. Together as a security-focused guild (a concept taken from the Spotify model) we here at Würth Phoenix participated in this challenge and in particular I focused on the web challenges. After…
Read MoreOn May 12th, the CSIRT (Computer Security Incident Response Team – Italia) published a list of the CVEs most exploited by threat actors. The list also contains an indication of the TTPs used by these attackers. The objective of this article is to make information available relating to detection rules that are already available within…
Read MoreStarting from a static analysis done by Cyble Research Lab (https://blog.cyble.com/2022/05/06/rebranded-babuk-ransomware-in-action-darkangels-ransomware-performs-targeted-attack/) of ransomware called Dark Angels, we gained evidence about the activities of the Dark Angels ransomware group. An OSINT analysis carried out by our Würth Phoenix team helped to reach the Ransom Operator blog and one of the victim pages. Based on the evidence…
Read MoreWe fixed a bug that was setting an incorrect target version during the upgrade. For NetEye 4.22 we updated the following package: neteye-upgrade-manager to version 0.12.24-1
Read MoreWe fixed a bug which could cause Icinga 2 to not behave correctly when the Smart Director was enabled. This bug was occurring when Icinga 2 started before the DRBD of Icinga Web 2 was started. For NetEye 4.23 we updated the following packages: icinga2, icinga2-autosetup, icinga2-bin, icinga2-ido-mysql, icinga2-neteye-config, icinga2-resources, icinga2-common, icinga2-selinux to version 2.11.9_neteye1.48.3-1
Read MoreWe fixed a bug which could cause Icinga 2 to not behave correctly when the Smart Director was enabled. This bug was occurring when Icinga 2 started before the DRBD of Icinga Web 2 was started. For NetEye 4.22 we updated the following packages: icinga2, icinga2-autosetup, icinga2-bin, icinga2-ido-mysql, icinga2-neteye-config, icinga2-resources, icinga2-common, icinga2-selinux to version 2.11.9_neteye1.48.3-1
Read MoreIn Tornado we lowered the default values for the retries of the Smart Monitoring action. The previous default values was leading to a too long waiting time during the block of Smart Monitoring actions performed before the Icinga 2 restarts and Icinga Director deployments. The icinga-director.service systemd watchdog timeout was raised from 10 seconds to…
Read MoreIn Tornado we lowered the default values for the retries of the Smart Monitoring action. The previous default values was leading to a too long waiting time during the block of Smart Monitoring actions performed before the Icinga 2 restarts and Icinga Director deployments. The icinga-director.service systemd watchdog timeout was raised from 10 seconds to…
Read MoreDuring our implementation of the NetEye migration to Red Hat 8 we decided to drop our internal mirror for system packages and instead rely on Red Hat’s official repositories. Our goal was to improve reliability, speed up the delivery of updates, and alleviate the development team’s workload. But it also introduced a new issue: we…
Read MoreWe fixed a bug in the grafana-panel-renderer and SLM which prevented silently the generation of resource reports if one of the corresponding requests to Grafana exceeded a certain timeout. For NetEye 4.22 we updated the following packages: grafana-panel-renderer to version 1.3.2-1 icingaweb2-module-slm, icingaweb2-module-slm-autosetup to version 4.19.2-1
Read More