January 2016 – Ukraine Power – Cyber Attack

On the 23rd December 2015 Ukraine suffered what is believed to be the first successful cyber-attack on an electricity distribution network cutting the power at 17 substations and leaving 225,000 people without power for several hours. In this blog we review the events leading up to and during the attack and what additional security controls Read more about January 2016 – Ukraine Power – Cyber Attack[…]

Cisco

Cisco patches ASA IKE VPN vulnerability

Cisco has patched a ‘critical’ buffer overflow vulnerability affecting the Internet Key Exchange (IKE) implementation in Cisco ASA.  The company published a security advisory for CVE-2016-1287 on Wednesday the 10th Feb.    The flaw, originally discovered by researchers at Exodus Intelligence, means that the ASA devices connected to the Internet could be completely compromised. […]

New version of OpenSSL to address critical vulnerability out soon

OpenSSL update due soonThe OpenSSL Project team announced on Monday the 6th of July that OpenSSL versions 1.0.2d and 1.0.1p will be released shortly to address a serious security bug.  According to the developers of the popular open-source toolkit for SSL/TLS, OpenSSL 1.0.2d and 1.0.1p will be released on Thursday, July 9, and they will fix a single high severity vulnerability. […]