https://live.paloaltonetworks.com/t5/general-topics/new-logjam-attack/m-p/51052#M37564 <HTML><HEAD></HEAD><BODY><P>how about a threat signature update to alert on logjam attempts... &lt;queue jeopardy music&gt;</P></BODY></HTML> Thu, 21 May 2015 14:16:48 GMT ulti 2015-05-21T14:16:48Z https://live.paloaltonetworks.com/t5/general-topics/new-logjam-attack/m-p/51050#M37562 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>a new leak was found in diffie hellmann...</P><P><A href="http://arstechnica.com/security/2015/05/https-crippling-attack-threatens-tens-of-thousands-of-web-and-mail-servers/" title="http://arstechnica.com/security/2015/05/https-crippling-attack-threatens-tens-of-thousands-of-web-and-mail-servers/">http://arstechnica.com/security/2015/05/https-crippling-attack-threatens-tens-of-thousands-of-web-and-mail-servers/</A></P><P><A href="https://threatpost.com/new-logjam-attack-on-diffie-hellman-threatens-security-of-browsers-vpns/112916" title="https://threatpost.com/new-logjam-attack-on-diffie-hellman-threatens-security-of-browsers-vpns/112916">https://threatpost.com/new-logjam-attack-on-diffie-hellman-threatens-security-of-browsers-vpns/112916</A></P><P>(german) <A href="http://www.heise.de/newsticker/meldung/Logjam-Attacke-Verschluesselung-von-zehntausenden-Servern-gefaehrdet-2657502.html" title="http://www.heise.de/newsticker/meldung/Logjam-Attacke-Verschluesselung-von-zehntausenden-Servern-gefaehrdet-2657502.html">http://www.heise.de/newsticker/meldung/Logjam-Attacke-Verschluesselung-von-zehntausenden-Servern-gefaehrdet-2657502.html</A></P><P></P><P>Is PaloAlto also affected? And is PaloAlto working on a threat signature?</P></BODY></HTML> Thu, 21 May 2015 08:16:48 GMT https://live.paloaltonetworks.com/t5/general-topics/new-logjam-attack/m-p/51050#M37562 Hithead 2015-05-21T08:16:48Z https://live.paloaltonetworks.com/t5/general-topics/new-logjam-attack/m-p/51051#M37563 <HTML><HEAD></HEAD><BODY><P>Palo Alto is Aware of this , Engineering is researching on this and once there is an update it will be provided publicly .</P></BODY></HTML> Thu, 21 May 2015 11:52:51 GMT https://live.paloaltonetworks.com/t5/general-topics/new-logjam-attack/m-p/51051#M37563 BATMANi 2015-05-21T11:52:51Z https://live.paloaltonetworks.com/t5/general-topics/new-logjam-attack/m-p/51052#M37564 <HTML><HEAD></HEAD><BODY><P>how about a threat signature update to alert on logjam attempts... &lt;queue jeopardy music&gt;</P></BODY></HTML> Thu, 21 May 2015 14:16:48 GMT https://live.paloaltonetworks.com/t5/general-topics/new-logjam-attack/m-p/51052#M37564 ulti 2015-05-21T14:16:48Z https://live.paloaltonetworks.com/t5/general-topics/new-logjam-attack/m-p/51053#M37565 <HTML><HEAD></HEAD><BODY><P>We have signature for CVE-2015-4000. The threat ID number is 37756 (Export Diffie-Hellman Cipher Suite Found). This was released with the content update 502.&nbsp; </P><P></P><P>The attack is only effective when DHE_EXPORT cipher suite is effective.&nbsp; </P><P>PAN-OS doesn't use DHE_EXPORT. So PAN-OS is not vulnerable to this CVE.</P></BODY></HTML> Thu, 25 Jun 2015 20:54:11 GMT https://live.paloaltonetworks.com/t5/general-topics/new-logjam-attack/m-p/51053#M37565 kattaullah 2015-06-25T20:54:11Z https://live.paloaltonetworks.com/t5/general-topics/new-logjam-attack/m-p/51054#M37566 <HTML><HEAD></HEAD><BODY><P>Do you know what method for key exchange else DH to access mgmt web ?</P></BODY></HTML> Mon, 29 Jun 2015 06:28:09 GMT https://live.paloaltonetworks.com/t5/general-topics/new-logjam-attack/m-p/51054#M37566 KiCheon.Lee 2015-06-29T06:28:09Z