This is a archive for News.

Wednesday, September 19, 2018 @ 05:09 PM gHale

By Gregory Hale
Like any of the major automation suppliers, Yokogawa is moving toward a stronger digital footprint. That became abundantly clear at last week’s 2018 Yokogawa Users Conference in Orlando, FL. But one of the things they didn’t really focus on, but is truly the backbone for that more digital environment is security. RELATED STORIES
ICSJWG: Solid Solutions ‘Not Rocket Science’
ICSJWG: ‘If it Isn’t Secure, it Isn’t Safe’
Black Hat: Breaking Down Safety System Attack
Lessons Learned One Year After Triton “IT-OT convergence needs business and domain knowledge,” said

Wednesday, September 19, 2018 @ 02:09 PM gHale

By Eric Byres
Schneider Electric issued a security notification last month regarding their Communications and Battery Monitoring devices for their Conext Solar Energy Monitoring Systems. It seems that these products had been shipped with malware-infected USB drives. Bravo to Schneider Electric for coming clean with their customers and explaining how to deal with the situation. Happily, Schneider notes the infected files won’t affect the devices themselves and the particular malware is easy to detect and remove by common virus scanning tools. RELATED STORIES
ICSJWG: Solid Solutions ‘Not Rocket Science’
ICSJWG: ‘If it Isn’t Secure, it

Wednesday, September 19, 2018 @ 01:09 PM gHale

Rosedale, MD-based Acadia Windows & Doors, Inc. has always thought about and acted upon safety, but it has now taken it to a new level and is reaping the rewards. Window and door manufacturer, Acadia, first learned about Maryland Occupational Safety and Health (MOSH) Consultation Services in March 2003 when a consultant was conducting a door-to-door promotion. Taking advantage of these services aligned with their principle of having a “Never Settle” culture. RELATED STORIES
AeroFab Earns SHARP Safety Award
PA Roll Forming Firm gets SHARP

QC Manufacturing Drops Injury Rates SHARPly

Wednesday, September 19, 2018 @ 12:09 PM gHale

IT and OT departments have traditionally been siloed and the resulting gaps between the two have created significant security voids attackers have been able to exploit. That makes convergence between IT and OT convergence critical to eliminate security gaps, increase cyber resiliency and reduce an organization’s cyber risk. RELATED STORIES
IT, OT Joining Together for Security
IIoT is Here, but Learn to Secure
Reliance Beyond Your System
Security, Connectivity: A Tight Balancing Act Along those lines, Nozomi Networks signed a pact to integrate its ICS security solution with the Cisco Security Technology

Wednesday, September 19, 2018 @ 10:09 AM gHale

As electric companies continued to restore power across the Carolinas after Hurricane Florence swept through the state, heavy rains were behind a collapse at a Duke Energy Corp. coal ash disposal site at the L.V. Sutton Power Station near Wilmington, NC. With part of the landfill washed away, coal ash escaped into Sutton Lake along the Cape Fear River. RELATED STORIES
EPA Must Apply Chem Safety Regulation: Court
Bipartisan Security Bill Passes House
House Passes ICS Security Bill
EPA Biofuel Quotas in Offing Duke issued a statement saying it does not believe

Wednesday, September 19, 2018 @ 09:09 AM gHale

The family of two men who watched their brother, and co-worker, die at Beaumont’s Exxon Mobil refinery two years ago should get $44 million, a Jefferson County jury decided last week. The verdict in the wrongful-death lawsuit, issued Thursday, should cause the industry “to take notice” and “tighten up their safety practices,” said Byron Alfred, an attorney for the victim’s family. RELATED STORIES
ICSJWG: Solid Solutions ‘Not Rocket Science’
ICSJWG: ‘If it Isn’t Secure, it Isn’t Safe’
Black Hat: Breaking Down Safety System Attack
Lessons Learned One Year After Triton Miguel Barron

Wednesday, September 19, 2018 @ 09:09 AM gHale

WECON has not released an update to mitigate a stack-based buffer overflow in its PLC Editor, according to a report with NCCIC. Successful exploitation of this remotely exploitable vulnerability could result in unauthorized code execution within the current process. RELATED STORIES
Honeywell Fixes Mobile Computer Hole
Siemens Fixes SCALANCE X Switches
Siemens Clears SIMATIC WinCC OA Hole
TD Keypad Designer Mitigation Plan PLC Editor 1.3.3U, a ladder logic software, suffers from the vulnerability, discovered by Natnael Samson (Natti) working with Trend Micro’s Zero Day Initiative. Additional versions may also be vulnerable. In

Tuesday, September 18, 2018 @ 01:09 PM gHale

The corporate parent of the Massachusetts natural gas utility that’s the focus of an investigation into explosions and fires that killed one person and injured about 25 others had links to three previous gas line blasts, a review of federal and state records and court filings shows. Columbia Gas of Massachusetts is still providing assistance and information to residents of Lawrence, North Andover and other Merrimack Valley communities after the Thursday incidents. RELATED STORIES
Gas Blasts Hit 3 MA Towns
2 Injured in Fire at KY Chemical Plant
Gas Leak at North Dakota Mill

Monday, September 17, 2018 @ 05:09 PM gHale

Indian Point nuclear power plant, Unit 2 and Unit 3, in Buchanan, NY, earned renewed operating licenses Monday, federal officials said. The renewed licenses enable the licensee to operate the reactors through April 30, 2024, for Unit 2, and April 30, 2025, for Unit 3, said officials at the Nuclear Regulatory Commission (NRC). RELATED STORIES
WV Firm Fined for Losing Nuclear Gauge
Questions Arise after CA Nuke Incident
Firms Face Trial for UK Nuke Incident
TN Nuke Faces Safety Fines Entergy Nuclear Operations Inc., applied for renewal of the licenses in April

Monday, September 17, 2018 @ 01:09 PM gHale

A Nigerian man got 60 months in federal prison for his role in fraudulent business email compromise (BEC) scams. Onyekachi Emmanuel Opara, 30, of Lagos, Nigeria, ended up charged for defrauding thousands of victims of more than $25 million. He pleaded guilty to conspiracy to commit wire fraud and wire fraud in April. RELATED STORIES
Guilty: Botnet Creator Awaits Sentencing
Teen Pleads Guilty for Bomb Threats
Data Theft Suspect Extradited to U.S.
Secret Report Leaker gets Five Years In addition to the prison sentence, Opara was sentenced to two years of supervised