A few months ago while navigating through our NetEye User Guide we noticed that it had a small bug that caused some words in the right-side menu to be slightly truncated in the particular case where that menu contained some monospace characters. Well, since this was quite annoying, we fixed it on the fly with…
Read MoreRecently (in September 2023) NetEye integrated version 8.8 of the Elastic Stack, which is just one of many Elastic updates brought into NetEye 4. Since this Elastic update there was a major upgrade (from version 7.17) coming with many breaking changes, so we, as the NetEye R&D team, wanted to make this important upgrade as…
Read MoreSEC Consult researchers showed that some software allows a bad actor to inject a specially crafted email message concealing a second message hidden inside the body of the original message. This passes into the inbound SMTP server, which interprets the text as a separate second message. The attack relies on incorrect handling of the <CR><LF>.<CR><LF> sequence of…
Read MoreHostgroups are a grouping of hosts with similar characteristics such as geographical location, type, severity, environment, operating system, applications and much more. Hostgroups can be created for multiple purposes such as: The default Host Group view is undoubtedly one of the most comfortable and useful ones in NetEye because, for each group, it immediately shows…
Read MoreDo you have a SIEM installation based on Elasticsearch (like the NetEye 4 SIEM Module) and are you sending data to it from your hosts? Then you’ll surely want to know whether your host is actually sending data, or if nothing is coming out at all. For this I made available a simple icinga/nagios plugin…
Read MoreDuring WP-CTF 2023 hosted at Würth Phoenix headquarters, a fresh set of CTF challenges were unveiled. These challenges spanned various fields, including OSINT, Digital Forensics, and Blockchain investigations. In this article, I’m going to delve into the solutions for some challenges presented by the Würth-Phoenix security team. THE FIRST CHALLENGE The first challenge, titled “There…
Read MoreWhen deploying new features, releasing your code into a production environment might not be as easy as it seems. To ensure the minimal amount of service disruption, we might want to easily roll back to a previous configuration or to gradually migrate traffic to a new one. That’s where blue-green deployment comes to our aid….
Read MoreSometimes in NetEye 4 it happens that we need to understand why the system behaves in a certain way. Since a lot of the NetEye 4 GUI is still based on PHP, we use the most powerful tool to debug PHP: Xdebug. Xdebug is an extension of PHP which mainly provides a debugger and profiler….
Read MoreThe Exploit Prediction Scoring System (EPSS) is a data-driven effort for estimating the likelihood (probability) that a software vulnerability will be exploited in the wild , as my colleague Beatrice Dall’Omo has already had the opportunity to talk about in this article. EPSS was developed by FIRST (https://www.first.org/epss/) with the aim of assisting those responsible…
Read MoreIn this bug fix we fixed a problem that could have occurred during the upgrade phase to NetEye 4.33. More specifically, we expanded compatibility with older versions of some Elastic Agent integrations when loading them into the preconfigured NetEye policies. Updated packages We updated to version 8.10.2_neteye3.57.3-1 the following packages:
Read MoreImportant: NagVis Security Update Type/Severity Security Advisory: Important Topic An update for the package nagvis is now available for NetEye 4. NetEye Product Security has rated this update as having a security impact of Important. Common Vulnerability Scoring System (CVSS) base scores provide additional guidance about a vulnerability and give a detailed severity rating. Description…
Read MoreWe are continuously expanding our VueJs integration in NetEye, and we believe that having the opportunity to attend a dedicated conference, not far from home, was an opportunity not to be missed. So on the 10th of November, we joined the Vueday conference in Verona. Vueday is the main international conference in Italy that’s dedicated…
Read MoreHow to leverage some Jira features to lighten the workload through automation, replacing manual tasks of low added value that can be frustrating and tedious for those performing them Introduction: What’s the idea behind how to live better Mondays? How many times have you had the feeling that most of the heaviness and stress when…
Read MoreWe have released a fix for a problem in the Tornado UI, that didn’t allow to pass multiple arguments to the script action in a rule. Updated packages We updated to version 2.4.1-1 the following packages:
Read MoreI don’t really know the reason behind it, maybe because the typical scenario for notifications is just “send all events to this mailing list”, or as we say: set it and forget it. But we shouldn’t use this as an excuse: monitoring projects now consist of tens of thousands of objects (hosts plus services), and…
Read More