This is a archive for News.

Wednesday, July 26, 2017 @ 07:07 PM gHale

By Gregory Hale
There has been plenty of discussion around the attacks over the past two years on the Ukraine power grid, along with some fear mongering, but the reality is those attacks, while a big threat, are not designed to have a large-scale impact. “The way Crashoverride is configured today, it can cause some small event, but it will not scale into a ‘We just lost New York City,’ or ‘We just lost the state of Texas,’” said Ben Miller, director of the threat operations center at Dragos, during a Wednesday presentation entitled “Industroyer/Crashoverride: Zero Things Cool about

Wednesday, July 26, 2017 @ 05:07 PM gHale

By Gregory Hale
Security is doing a fine job of maintaining and keeping organizations up and running against a constant threat of attack, but like all jobs, companies and industries, it is time to change. “In the security world, we still focus on the sexy areas,” said Alex Stamos, chief security officer at Facebook during his keynote address Wednesday at Black Hat USA 2017 in Las Vegas, NV. “There is very little time spent on how to handle the main types of attacks that go on more frequently.” RELATED STORIES

Summit: Security Needs Hands on

Wednesday, July 26, 2017 @ 09:07 AM gHale

An underwater robot entered a badly damaged reactor at Japan’s crippled Fukushima nuclear plant last Wednesday, capturing images of the harsh impact of its meltdown, including key structures that were torn and knocked out of place. Plant operator Tokyo Electric Power Co. (TEPCO) said the robot, nicknamed “the Little Sunfish,” completed the day’s work inside the primary containment vessel of the Unit 3 reactor at Fukushima, which ended up destroyed by a massive March 2011 earthquake and tsunami. RELATED STORIES
Swimming Robot Eyes Fuel Meltdown
Another Reactor Restarts in Japan
Japan to Decommission 5

Wednesday, July 26, 2017 @ 09:07 AM gHale

NXP mitigated multiple vulnerabilities for i.MX Devices used on logic boards, according to a report from ICS-CERT. Successful exploitation of these vulnerabilities, discovered by Quarkslab, could allow an attacker to cause a denial of service on the device due to a buffer overflow condition. RELATED STORIES
Schneider Updates PowerSCADA Anywhere, Citect Anywhere
Rockwell Fixes MicroLogix Controller
Siemens Updates SIPROTEC 4, SIPROTEC Compact
GE Releases New Version of Communicator When the device is placed in security-enabled mode it is possible for an attacker to exploit memory or a certificate to load an unauthorized

Tuesday, July 25, 2017 @ 04:07 PM gHale

A manufacturer’s safety plan worked to a “T” after broken pipe leaked a toxic chemical that leaked and formed a vapor cloud as workers arrived at an Attleboro, MA, city manufacturing plant last Wednesday, officials said. Between 50 to 60 gallons of hydrochloric acid leaked from a 700-gallon tank at Engineered Materials Solutions at 39 Perry Ave., Attleboro Deputy Fire Chief Dennis Perkins said. RELATED STORIES
Gas Leak at ME Biorefinery Forces Evac
Chem Leak Forces Plant Evac
Orange Smoke Leads to Evac in PA
Workers Hurt in OH Plant Chem Reaction

Monday, July 24, 2017 @ 05:07 PM gHale

Phishing brought on a whole new meaning at a casino, researchers said. That is because a casino in the United States ended up compromised after hackers broke into its network and stole data after first breaking into a “smart” fish tank connected to the Internet. RELATED STORIES
Summit: Security Needs Hands on Training
Ransomware Attack Part II
Monitoring Network Could Help Find Attack
Grid Attack: Understand ‘What We Will See Tomorrow’ The connected fish tank exposed the casino to hackers, as an unnamed group of attackers managed to infiltrate into the network

Monday, July 24, 2017 @ 04:07 PM gHale

A UK man pleaded guilty in a German court to launching a cyberattack that resulted in more than one million customers of telecommunications provider Deutsche Telekom suffering Internet failures. Daniel Kaye, 29, who the German media identified as “Peter Parker” and “Spiderman,” online monikers linked to domains used to coordinate some attacks powered by the Mirai malware. RELATED STORIES
2 Iranians Face Federal Charges
Dark Web Market Shut Down
U.S. Citizen from Russia gets 9 Years for Hacking
UK Man Admits Stealing Satellite Data A blog post published earlier this month by

Thursday, July 20, 2017 @ 05:07 PM gHale

Safety measures implemented after a fire last winter was one of the elements that prevented a second major magnesium-fueled blaze at a Northern Michigan die cast factory late Saturday, officials said. Firefighters from the Resort/Bear Creek Fire Department got the call at 10:30 p.m. Saturday to ZD Metal Products on Fochtman Industrial Drive northeast of Petoskey, MI, to a report of a magnesium fire in the plant, said Fire Chief Al Welsheimer. RELATED STORIES
Fire Guts WI Packaging Firm
PA Fireworks Plant Blast Injures Worker
One Hurt in KY Pet Food Plant Blast

Thursday, July 20, 2017 @ 04:07 PM gHale

One Dark Web market shut down a week ago and another went dark Thursday, law enforcement officials said. Just after dark web market Alpha Bay shut down, one of its competitors, Hansa Market, also shut down. RELATED STORIES
Dark Web Market Shut Down
U.S. Citizen from Russia gets 9 Years for Hacking
UK Man Admits Stealing Satellite Data
Crime Network Busted Immediately after Alpha Bay went offline, users quickly jumped over to Hansa Market. Europol, however, had other ideas. “The capability of drug traffickers and other serious criminals around the world has

Thursday, July 20, 2017 @ 03:07 PM gHale

Waterfall Security Solutions signed a partnership pact with FireEye Inc. to integrate the FireEye cloud-based Threat Analytics Platform (TAP) with industrial networks using Waterfall’s Unidirectional CloudConnect. This joint program allows FireEye users to monitor and protect their ICS networks using the cloud-based Helix service, while eliminating the threat of remote cyberattacks entering the monitored ICS environment. RELATED STORIES
IT-OT Partnership Pact
Rapid7 Deals for Security Automation Firm
Symantec Deals for Mobile Security Firm
Honeywell Deals for Nextnine Industrial businesses who previously refrained from using any cloud or IIoT services due to security concerns, can