News

This is a archive for News.

Tuesday, April 24, 2018 @ 01:04 PM gHale

By Gregory Hale
Process plants must remain safe, but budgets are tight and getting tighter, so that means safety professionals have to learn to more with less people and money. That is where three safety professionals come in and suggested ideas during their presentations at the 14th GCPS at the 2018 AIChE Spring Meeting, Orlando, FL, to lower costs on various projects they worked on over the years. RELATED STORIES
AIChE: Safety ‘Underpins’ Industry
AIChE: Safety Obsession to the Core
PAS: Safety System Attack Preventable
PAS: Cyber a New Domain In

Tuesday, April 24, 2018 @ 07:04 AM gHale

By Gregory Hale
It is tough enough to launch a start up company, but to do it in an established chemical industry is a recipe for disaster. That is exactly what happened with The Chemours Company which spun out of DuPont in 2015. The startup faced huge financial and legal issues. But within two years it became a Fortune 500 company. RELATED STORIES
PAS: Safety System Attack Preventable
PAS: Cyber a New Domain
PAS: Avoid Unintended Consequences
Pipeline Firms Hit; Gas Still Flowing “We had two strikes against us and the

Monday, April 23, 2018 @ 02:04 PM gHale

Security issues regarding medical devices are becoming more visible and the Food and Drug Administration (FDA) wants to eradicate them. That is why the federal agency released a plan of action to help head off the emerging issue. RELATED STORIES
Abbott Updates Defibrillator
Biosense Fixes System Vulnerabilities
Philips Remediates iSite, IntelliSpace Holes
GE Working on Medical Device Vulnerability In the plan, the agency means to:
• Establish a robust medical device patient safety net in the U.S.
• Explore regulatory options to streamline and modernize timely implementation of postmarket mitigations
More

Monday, April 23, 2018 @ 01:04 PM gHale

A UK teenager who gained access to the email accounts of top U.S. intelligence and security officials ended up sentenced to two years in youth detention. Kane Gamble, 18, founder of Crackas With Attitude (CWA), will serve his sentence in a youth detention facility. RELATED STORIES
Guilty: British Teen a Social Engineer
Microsoft Engineer Charged with Money Laundering
Russian Man Extradited to U.S.
20 Busted for Phishing Attack “This was an extremely nasty campaign of politically motivated cyber terrorism,” said judge Charles Haddon-Cave at the sentencing at London’s Old Bailey criminal

Friday, April 20, 2018 @ 01:04 PM gHale

Siemens has a mitigation plan to take care of a file and directory information exposure vulnerability in its Simatic WinCC OA iOS App, according to a report with ICS-CERT. Successful exploitation of this vulnerability, discovered by Alexander Bolshev of IOActive and Ivan Yushkevich of Embedi, could allow an attacker with physical access to read sensitive data located in the app’s directory. RELATED STORIES
Abbott Updates Defibrillator
Biosense Fixes System Vulnerabilities
Schneider Software Plan for InduSoft, InTouch Hole
Schneider Updates its Triconex Tricon Simatic WinCC OA Operator iOS App: All Versions suffer from

Friday, April 20, 2018 @ 12:04 PM gHale

A leak at the Delaware City Refining Co. led to the release of more than 100 pounds of hydrogen sulfide and sulfur dioxide, state environmental officials said. The release was reported at 2:15 p.m. on Wednesday at the refinery in Delaware City, DE, said officials at the Delaware Department of Natural Resources and Environmental Control (DNREC). RELATED STORIES
Chem Fire at Chicken Plant Forces Evac
Underground Coal Plant Fire
Workers Halt Ammonia Leak
Blaze at AL Auto Parts Plant The leak came from a process unit and was ongoing at the time

Thursday, April 19, 2018 @ 03:04 PM gHale

Microsoft engineer Raymond Uadiale is facing money laundering charges in his role in a series of ransomware attacks that generated $130,000, federal law enforcement officials said. Uadiale, 41, who has been a Microsoft employee since 2014, worked with an individual known as K!NG and based in the United Kingdom, between October 2012 and March 2013. K!NG was responsible for infecting computers with Reveton ransomware, while the now-Microsoft employee was in charge of obtaining prepaid debit cards used in the scheme, officials said. RELATED STORIES
Russian Man Extradited to U.S.
20 Busted for Phishing Attack

Wednesday, April 18, 2018 @ 02:04 PM gHale

Schneider Electric Software, LLC has a mitigation plan to address a stack-based buffer overflow in its InduSoft Web Studio, InTouch Machine Edition, according to a report with ICS-CERT. Successful exploitation of this vulnerability during tag, alarm, or event related actions could allow remote code execution that, under high privileges, could completely compromise the device. RELATED STORIES
Schneider Updates its Triconex Tricon
Rockwell Plan on Stratix Services Router Fix
Rockwell Updates Stratix, ArmorStratix Switches
Rockwell Mitigation Plan for Ethernet Switch Tenable Research reported this vulnerability to Schneider Electric Software, which then coordinated with

Wednesday, April 18, 2018 @ 02:04 PM gHale

Schneider Electric has an upgrade plan for its Triconex Tricon, model 3008 that mitigates improper restriction of operations within the bounds of a memory buffer vulnerabilities, according to a report with ICS-CERT. Successful exploitation of these vulnerabilities could misinform or control the Safety Instrumented System (SIS) which could result in arbitrary code execution, system shutdown, or the compromise of safety systems. RELATED STORIES
Rockwell Plan on Stratix Services Router Fix
Rockwell Updates Stratix, ArmorStratix Switches
Rockwell Mitigation Plan for Ethernet Switch
Moxa Clears Router Holes This vulnerability was discovered by NCCIC and