During the last week of April, our Attacker Centric SOC detected multiple new cyber attacker group websites in the Dark Web. They are called Dedicated Leak Site (DLS) and are widely used by ransomware gangs to publish stolen confidential data when the victim refuses to pay the ransom. Usually, after an attack is claimed, a small…
Read MoreNetEye installations can be either in Standalone (Single Node) or in Cluster configuration, and for each one there’s the possibility to extend monitoring in segregated portions of the network or remote locations, or simply to be able to lighten the load of the master through the use of one or more satellites (the number of…
Read MoreSynopsis Important: GLPI security update Type/Severity Security Advisory: High Topic An update for the package glpi is now available for NetEye 4. NetEye Product Security has rated this update as having a security impact of High. Common Vulnerability Scoring System (CVSS) base scores provide additional guidance about a vulnerability and give a detailed severity rating….
Read MoreCisco Talos identified a previously unknown state-sponsored actor behind ArcaneDoor, a sophisticated cyber espionage campaign targeting the perimeter network devices of several vendors. This actor is now tracked as UAT4356 by Talos and STORM-1849 by the Microsoft Threat Intelligence Center. The initial attack vector is still unknown, but the attacker exploited two previously unknown vulnerabilities. An…
Read MoreUsing our CTI SATAYO platform, we identified an artifact belonging to AMMEGA’s data breach. AMMEGA is a multinational manufacturing company based in the Netherlands with revenues of $1.2 billion. It was the victim of an attack carried out by the Cactus ransomware gang in early March. The ransomware operators exfiltrated 3 TB of data and…
Read MoreSynopsis Important: geomap security update Type/Severity Security Advisory: High Topic An update for the package geomap is now available for NetEye 4. NetEye Product Security has rated this update as having a security impact of High. Common Vulnerability Scoring System (CVSS) base scores provide additional guidance about a vulnerability and give a detailed severity rating….
Read MoreResolved an issue in the NetEye Alyvix module where the dashboard’s loading state would persist indefinitely if no nodes were configured. Furthermore we fixed a bug where Monitoring Objects could not be created over the live-creation if its name contained the percentage symbol Updated packages We updated the following packages:
Read MoreScenario NetEye 4 is a comprehensive monitoring platform which natively supports Business Processes. A Business Process is an abstract view of a customer’s business from the Application point of view. Usually, it’s a collection of Icinga 2 checks aggregated by “AND, OR, At Least” logic in order to monitor whether a Business Application is really…
Read MoreType/Severity Security Advisory: High Topic There is a security update for GLPI Agent Description This version specifically fixes 2 critical security issues related to MSI packaging on Windows: For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the links listed below in the References…
Read MoreWelcome to version 4.35 of our NetEye v4 Unified Monitoring Solution. NetEye 4.35 is welcoming you with a breathtaking view of the Lago di Carezza (Karersee). It is also called “Rainbow Lake”. The lake is unique as it gleams with all colors of the rainbow, which makes it a favorite destination for professional photographers and…
Read MoreImportant: GLPI Security Update Type/Severity Security Advisory: High Topic An update for the package glpi is now available for NetEye 4. NetEye Product Security has rated this update as having a security impact of High. Common Vulnerability Scoring System (CVSS) base scores provide additional guidance about a vulnerability, and give a detailed severity rating. Description…
Read MoreOn March 25, 2024, the Cybersecurity & Infrastructure Security Agency (CISA) added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The catalog is updated regularly and contains those vulnerabilities most likely to be used in attacks. Organizations should monitor and review it periodically, and prioritize their patching efforts based on it. I’ll provide a…
Read MoreBeginning with NetEye version 4.26, Alyvix has been fully integrated into NetEye. Currently Alyvix within NetEye is implemented as the neteye-alyvix module, and is part of our Application Performance Monitoring (APM) world. We have Elastic with all the functionality of traditional APM, and then for synthetic monitoring we have Alyvix. In the past few weeks…
Read MoreOn February 3rd and 4th, 2024, we attended FOSDEM, a major event where thousands of free and open-source software developers from around the world gather to exchange ideas and collaborate. This year I dedicated much of the second day to the Testing and Continuous Delivery room. Continuous testing is essential for ensuring the safe and…
Read MoreMuch has already been said about Initial Access Brokers (IABs) so I will limit myself to a brief description and then delve into the main theme of this article. The theme of Initial Access Brokers was summarized fantastically in the Initial Access Broker Landscape project by Curated Intelligence, reported in this link, which I recommend…
Read More