News

This is a archive for News.

Thursday, May 25, 2017 @ 06:05 PM gHale

A Chinese national pleaded guilty to economic espionage and theft of trade secrets from his former employer in the U.S. Xu Jiaqiang pleaded guilty to three counts of economic espionage, and three counts of theft of a trade secret, from the U.S. company where he worked as a developer between November 2010 and May 2014. RELATED STORIES
Malware Growth Plan Thwarted
Two Plead Guilty in UK Hacking Case
Russian Man Charged in Botnet Scheme
Russian Man to do 27 Years for Hacking The defendant, formerly of Beijing, had access to proprietary software

Thursday, May 25, 2017 @ 02:05 PM gHale

Indicators associated with the WannaCry ransomware released to raise awareness of the ICS community and to identify affected ICS and medical device vendors that have contacted ICS-CERT to report their vendor-issued recommendations to mitigate the risk associated with the WannaCry ransomware, according to a report with ICS-CERT. WannaCry ransomware hit over 200,000 computers, from the manufacturing to medical industries, in at least 174 countries starting Friday and through the beginning of this week. The malicious code relied on victims opening a zip file emailed to them and from there the ransomware package used a patched flaw in the Microsoft operating

Wednesday, May 24, 2017 @ 06:05 PM gHale

By Gregory Hale
Safety and security do go hand in hand and while the industry keeps moving forward to a more connected environment, the need to ensure secure safety systems continues to grow. “There is a growing connectivity of safety instrumented systems,” said Marc Risser of BASF during is talk Wednesday at the 2017 27th Annual Triconex User Group meeting in Lake Forest, CA. “There is an increased risk of security incidents.” RELATED STORIES
WannaCry: Time to Implement Holistic Security
How to Protect Against ‘WannaCry’
WannaCry from a Safety Perspective
Secrets

Wednesday, May 24, 2017 @ 09:05 AM gHale

Twenty people ended up arrested for being part of a plan to move a criminal operation into a larger part of Europe after they were able to pilfer from local banks in Russia, officials said. Police raids also stopped plans to take the Cron malware campaign to other countries, including the UK, Germany, France, Turkey, Singapore, Australia, and the United States, said Russian security firm Group IB. RELATED STORIES
Two Plead Guilty in UK Hacking Case
Russian Man Charged in Botnet Scheme
Russian Man to do 27 Years for Hacking
NY

Tuesday, May 23, 2017 @ 03:05 PM gHale

Moxa recommended mitigations to clear multiple vulnerabilities in its OnCell product line, according to a report with ICS-CERT. The remotely exploitable vulnerabilities, discovered by independent researcher Maxim Rupp, include an improper restriction of excessive authentication attempts, plaintext storage of a password, and cross-site request forgery. RELATED STORIES
Rockwell Fixes MicroLogix Holes
B. Braun Medical Fixes Redirect Issue
Miele Professional Patches Vulnerability
Schneider Clears Web Studio Hole The following versions of OnCell, a high-speed industrial-grade IP gateway, suffer from the issues:
• OnCell G3110-HSPA Version 1.3 build 15082117 and previous versions

Tuesday, May 23, 2017 @ 03:05 PM gHale

Rockwell Automation released a new firmware version for the Allen-Bradley MicroLogix 1400 Series B controllers, and created compensating controls for its MicroLogix 1100 or MicroLogix 1400 Series A controllers, according to a report with ICS-CERT. These remotely exploitable vulnerabilities came to ICS-CERT by Rockwell Automation, David Formby and Raheem Beyah of Georgia Tech and Fortiphyd Logic, Inc. Rockwell Automation also reported a vulnerability initially identified by Ilya Karpov of Positive Technologies. RELATED STORIES
B. Braun Medical Fixes Redirect Issue
Miele Professional Patches Vulnerability
Schneider Clears Web Studio Hole
Detcon SiteWatch Gateway Vulnerability

Tuesday, May 23, 2017 @ 02:05 PM gHale

B. Braun Medical created a software update for its SpaceCom module to mitigate an open redirect vulnerability, according to a report with ICS-CERT. Marc Ruef and Rocco Gagliardi of scip AG found the remotely exploitable vulnerability in its SpaceCom module, which is integrated into the SpaceStation docking station. RELATED STORIES
Miele Professional Patches Vulnerability
Schneider Clears Web Studio Hole
Detcon SiteWatch Gateway Vulnerability
Schneider Fixes SoMachine HVAC Issue The following versions of the SpaceCom module, used with the SpaceStation docking station, suffer from the issue:
• SpaceStation with SpaceCom module (integrated

Tuesday, May 23, 2017 @ 02:05 PM gHale

NGK Spark Plugs (USA), Inc. (NGK) of Sissonville, West Virginia, is a spark plug and oxygen sensor manufacturing company that designs and sells spark plugs, oxygen sensors, and other related products to various automotive manufacturers worldwide. The company’s customer list includes the big hitters in the auto industry like Ford, Chrysler, General Motors, and Honda. RELATED STORIES
Central Machining & Pump Stays SHARP
Safety Pays for OK Manufacturer
US Drop Forge Continues its SHARP Edge
Safety Stays SHARP at SCI In addition to the Sissonville location, NGK has distribution facilities in Irvine,

Friday, May 19, 2017 @ 09:05 AM gHale

Miele Professional released patches to mitigate a path traversal vulnerability in its PG 85 Series, according to a report with ICS-CERT. Successful exploitation of this remotely exploitable vulnerability, discovered by Jens Regel of Schneider & Wulf who publicly disclosed it without ICS-CERT coordination, could allow a remote attacker to read or modify sensitive data or files, execute unauthorized code or commands, and possibly cause a system crash. RELATED STORIES
Schneider Clears Web Studio Hole
Detcon SiteWatch Gateway Vulnerability
Schneider Fixes SoMachine HVAC Issue
Schneider Fills VAMPSET Hole Miele Professional said the following

Friday, May 19, 2017 @ 08:05 AM gHale

Schneider Electric released an update to mitigate an incorrect default permissions vulnerability in its Wonderware InduSoft Web Studio, according to a report with ICS-CERT. Wonderware InduSoft Web Studio v8.0 Patch 3 and prior versions suffers from the issue, discovered by Karn Ganeshen. RELATED STORIES
Detcon SiteWatch Gateway Vulnerability
Schneider Fixes SoMachine HVAC Issue
Schneider Fills VAMPSET Hole
Hanwha Techwin Clears Vulnerability Successful exploitation of this vulnerability could allow an authenticated user to escalate his or her privileges. No known public exploits specifically target this vulnerability. This vulnerability is not remotely exploitable. However,