UAC-0125 Attack Detection: Hackers Use Fake Websites on Cloudflare Workers to Exploit the “Army+” Application
Hard on the heels of the cyber-espionage campaign by UAC-0099 via the phishing attack vector, another hacking collective has evolved…
Threats
Understanding OpenSearch Routing Allocation Settings
OpenSearch, a powerful open-source search and analytics engine, provides robust cluster management features to ensure efficient data distribution and availability.…
Using Ruby Code in Logstash for Translating Text from HEX
In Elasticsearch pipelines, you might encounter scenarios where fields contain hexadecimal-encoded text. To decode this text into its original readable…
Fluentd: Work With Multiple Log Sources Within a Single Instance by Using @label
@label is a feature that defines multiple processing pipelines within a single instance. Labels allow you to route log data…
DarkGate Malware Attack Detection: Voice Phishing via Microsoft Teams Leads to Malware Distribution
Researchers have uncovered a new malicious campaign using voice phishing (vishing) to spread the DarkGate malware. In this attack, adversaries…
Monitoring Index Size Trends in Elasticsearch: Monthly and Daily Statistics
Tracking the growth or reduction in index sizes is crucial for effective cluster management in Elasticsearch. It helps administrators optimize…
Understanding Key OpenSearch Dashboard Logging Settings
OpenSearch Dashboards is a powerful tool for visualizing and interacting with your OpenSearch data. However, to make the most of…
JVM GC Monitor Service Overhead: Root Cause and Recommendations
Problem Description: The JvmGcMonitorService overhead warnings indicate that the Java Virtual Machine (JVM) is performing Old Generation Garbage Collection (GC).…
UAC-0099 Attack Detection: Cyber-Espionage Activity Against Ukrainian State Agencies Using WinRAR Exploit and LONEPAGE Malware
The UAC-0099 hacking collective, which has been launching targeted cyber-espionage attacks against Ukraine since the second half of 2022, resurfaces…
How to Deal with the Warning: “No ‘Basic Authorization’ header, send 401 and ‘WWW-Authenticate Basic’”
If you’ve worked with OpenSearch or Elasticsearch and encountered "No 'Basic Authorization' header, send 401 and 'WWW-Authenticate Basic'" warning in…