Soon after we released Cortex-Analyzers 2.4.0, Jérôme noticed that something was definitely wrong. And that something was plural.
As he set to retest a few things here and there, he realised that many docker images, for the latest and greatest analyzers and responders, were not automatically built. The code factory wasn’t working 😰
So he started digging. And the more he dug, the more bugs he discovered. Our user community also reported a few issues. He thought it was about time he opens that bottle of Aloxe-Corton, put a Makaya McCraven album to play on his turntable, and rolls his sleeves to address all these problems headfirst 🍷
After a few hours of intense work, he managed to fix the docker build process and release Cortex-Analyzers 2.4.1, a hotfix that corrects the following issues:
- [#545] Message extraction using FileInfo doesn’t always work
- [#610] The VirusTotal analyzer contains a typo which prevents it from running
- [#614] Many analyzers fail to run due to incorrect permissions
- [#619] Abuse Finder not working with docker after force usage of python3
- [#620] Missing library prevented the build of the docker image corresponding to the new MalwareClustering analyzer
Finally, he took the opportunity to rename Palo Alto AUTOFOCUS analyzers to Autofocus, for consistency purposes.
Please refer to our previous blog post, pertaining to Cortex-Analyzers 2.4.0, for update instructions.
Thank you in advance for your understanding and happy cyberfighting! 💪🏼
TheHive Project 