Archive for the "RSS Feed" Category

Sort by:

Friday Free Forum

On this date in 1906 an earthquake and fire destroy much of San Francisco. On this date in 1912 the RMS Carpathia arrives in New York with 705 survivors of the April 15 sinking of the Titanic. On this date in 1983 a suicide bomber destroys much of the US Embassy in Beirut, killing sixty-three. [...]

Siemens SINEMA Vulnerabilities

OVERVIEWSiemens has identified vulnerabilities in SINEMA server. Siemens has produced a software update that mitigates these vulnerabilities.These vulnerabilities could be exploited remotely.AFFECTED PRODUCTSThe following Siemens product is affected:SI…

Situational Awareness Alert for OpenSSL Vulnerability (Update C)


Innominate mGuard OpenSSL HeartBleed Vulnerability (Update A)

OVERVIEWResearcher Bob Radvanovsky of Infracritical has notified NCCIC/ICS-CERT that Innominate has released a new firmware version that mitigates the OpenSSL HeartBleed vulnerability in the mGuard products.——— Begin Update A Part 1 of 4 ——–…

(UPDATE) FBI Snort Signatures (Heartbleed) — April 2014

FBI Private Industry Notice 140416-002 includes new Snort signatures vetted by FBI & DHS for mitigation regarding the OpenSSL “Heartbleed” vulnerability.

One person’s freedom fighter is another person’s…

On the anniversary of one great rebellion the commanders met secretly to advance their own rebellion. For several years they had operated mostly in the far north, but now gathered in the capital city. Just days before, their leader had taken direct — and highly symbolic — action against the regime. His shift from argument and [...]

Disengaging in order to more fully engage?

Two separate events, disconnected in any substantive way (as far as I know) but an interesting coincidence in terms of timing: Monday the Muslim Public Affairs Council held a press conference alongside notable Muslim community leaders at the National Press Club to announce a new campaign to actively prevent violent extremism. Called the Safe Spaces [...]

Progea Movicon SCADA Information Disclosure Vulnerability

OVERVIEW

Celil Ünüver of SignalSEC Ltd. has identified an information disclosure vulnerability in the Progea Movicon application. Progea has produced a new version that mitigates this vulnerability. The researcher has tested the new version to validate that it resolves the vulnerability.

This vulnerability could be exploited remotely.

AFFECTED PRODUCTS

The following Progea Movicon versions are affected:

Innominate mGuard OpenSSL HeartBleed Vulnerability

OVERVIEWResearcher Bob Radvanovsky of Infracritical has notified NCCIC/ICS-CERT that Innominate has released a new firmware version that mitigates the OpenSSL HeartBleed vulnerability in the mGuard products.This vulnerability could be exploited remotel…

Siemens Industrial Products OpenSSL HeartBleed Vulnerability

OVERVIEW

Siemens reported to NCCIC/ICS-CERT a list of products affected by the OpenSSL vulnerability (known as “Heartbleed”). Joel Langill of Infrastructure Defense Security Services reported to ICS-CERT and Siemens the OpenSSL vulnerability affecting the S7-1500.

Siemens has produced an update and Security Advisory (SSA-635659) that mitigates this vulnerability in eLAN and is currently working on updates for the other affected products.