RECENT POSTS
- AIL Project version 5.7 released with many improvements with 2FA support, multi-organisation support, improved chat monitoring and more.
- AIL Project version 5.6 released with many improvements in the OCR and correlation functions and many updates.
- AIL Framework 5.5 Released: New OCR Module for Images, Report Generator for Tracker Module, and Numerous Improvements.
- AIL framework 5.4 released with many semantic improvements in chat channels, new Tor vanity domain explorer, Favicon Correlations and various improvements.
- AIL framework 5.3 released with chat explorer, Discord and Telegram monitoring, automatic translation, new features and various bugs fixed
- Streamlining AIL & Lacus Deployment: An Automated Installer for LXD
- AIL framework 5.2 released with new features and various bugs fixed
- AIL framework 5.1 released with new features and many bugs fixed
- AIL Framework version 5.0 released - Major Rewrite, Kvrocks Database, and Lacus Crawler Migration
- AIL Framework version 4.2 released including typo squatting tracker, improved AIL2AIL sync, zerobinz fetcher and many bugs fixed
- All posts ...
AIL Project version 5.7 released with many improvements with 2FA support, multi-organisation support, improved chat monitoring and more.
Sep 18, 2024 • Team CIRCL
AIL Framework v5.7 Released!
We are thrilled to announce the release of AIL Framework version 5.7. This update brings a host of new features, improvements, and bug fixes designed to enhance performance, security, and user experience.
Highlights
- Two-Factor Authentication (2FA): Enhance your account security with new TOTP and HOTP authentication methods.
- Organizational Support: Introduced organization-level access controls and management for users, trackers, retro hunts, investigations, and cookie jars.
- Improved Chat Monitoring: Added support for new chat types, placeholders, and enhanced message viewing with usernames and relationships.
- Dashboard Enhancements: Real-time updates with event streams replacing interval requests for a smoother experience.
- User Management Overhaul: Refactored user creation and editing processes, including organization assignments and session management.
What’s New
Security Enhancements
- Two-Factor Authentication (2FA):
- Implemented TOTP and HOTP methods for additional account security.
- Users and admins can manage 2FA settings directly from their profiles.
- User Session Management:
- Administrators can now manually log out users or terminate user sessions.
- Added metadata for users, including creation date, last edit, last login, last seen, and login status.
Organizational Features
- Organization-Level Access Control:
- Introduced organizations to structure data and access.
- Trackers, retro hunts, investigations, and cookie jars now support organization-specific ACLs.
- Users can view their organization information in their profiles.
- User Roles Update:
- Renamed the “coordinator” role to “org_admin” for clarity.
- Refactored user roles to better align with organizational structures.
Chat and Messaging Improvements
- Chat Monitoring:
- Added support for additional chat types and placeholders.
- Chats now display usernames for better context.
- Implemented chat monitoring requests in the chats explorer.
- Message Relationships:
- Enhanced relationships by adding message mentions linking chats and user accounts.
- Introduced chord diagrams to visualize message flow between chats and users.
User Interface and Experience
- Dashboard Updates:
- Replaced interval-based requests with event streams for real-time updates.
- Improved performance and reduced server load.
- Error Handling:
- Enhanced UI to gracefully handle 403 and 404 errors.
- Refined logs to filter out unnecessary SSL errors when clients disconnect.
- Visualization Tools:
- Updated D3.js to the latest version.
- Migrated heatmap to version 7 with improved tooltips.
- Circos graphs now display the number of inbound and outbound messages in tooltips.
Other Notable Additions
- Crawler Management:
- Added functions to delete schedules and manually clear queues.
- Improved crawler statistics with monthly domain-type stats.
- Export and Import:
- Filtered out non-MISP objects during MISP exports.
- Updated MISP taxonomies and galaxies to the latest versions.
Bug Fixes
- Crawler Queue Statistics:
- Resolved multiple issues causing inaccurate crawler queue stats.
- User Management:
- Fixed role editing and user validation processes.
- Corrected issues with users changing their own passwords.
- Trackers and Retro Hunts:
- Addressed ACL issues for global trackers.
- Fixed webhook exports and post-filter selectors.
- Cookie Jar:
- Resolved problems when adding cookies with UUIDs.
- Object Handling:
- Fixed errors when retrieving objects with
Nonevalues. - Corrected display issues in the object subtype dashboard.
- Fixed errors when retrieving objects with
- User Accounts:
- Fixed tooltips in chord graphs.
- Corrected last username timestamp displays.
Upgrading to v5.7
To upgrade to the latest version:
- Pull the Latest Changes: Update your local repository to include the latest commits.
- Restart Services: Restart the AIL Framework services to apply the new changes. The update script is started automatically.
For a detailed list of changes, visit our GitHub repository.
Funding
MISP-LEA, a collaborative endeavor between Shadowserver and CIRCL, is a 24-month initiative funded by the European Union. The project’s central aim is to establish operational and enduring MISP and AIL instances dedicated specifically to law enforcement agencies. This setup will facilitate a smoother exchange of evidence between law enforcement agencies and improve the onset of collaborative investigations. For this purpose, the system will ingest data from Shadowserver’s ransomware and C2 infrastructure tracking.
Law enforcement agencies willing to discover and leverage the MISP-LEA platform can apply on the misp-lea.org website.
Stay Connected:
- Website: ail-project.org
- GitHub: github.com/ail-project/ail-framework
- Mastodon @ail_project
- Twitter/X/N*zi platform: @AIL_Project
Thank you for your continued support. We look forward to your feedback!