News

This is a archive for News.

Wednesday, October 17, 2018 @ 03:10 PM gHale

By Gregory Hale
Only three entities know all the facts about the Triton attack affecting the Schneider Electric Triconex safety system: The victim, the attacker and the forensics team, and that means most everyone else is working on speculation or unverified facts. Schneider is a perfect case of showing how a company not only pays for a cyber attack on their equipment, but it is also paying in secondary, or “slow burn” factors as Gary Williams, cybersecurity services offer leader discussed during his session Tuesday at the Triconex User Group (TUG) conference in Galveston, TX. RELATED STORIES
More

Wednesday, October 17, 2018 @ 10:10 AM gHale

Omron has an update to mitigate multiple vulnerabilities in its CX-Supervisor, according to a report with NCCIC. The vulnerabilities include improper restriction of operations within the bounds of a memory buffer, out-of-bounds read, use-after-free, incorrect type conversion or cast. RELATED STORIES
LCDS Mitigates Vulnerabilities
NUUO Clears Video Recorder Holes
NUUO Fixes CMS Vulnerabilities
Delta Fixes Industrial Automation TPEditor Successful exploitation of these vulnerabilities could allow an attacker to execute code under the context of the application, corrupt objects, and force the application to read a value outside of an array. CX-Supervisor Versions

Wednesday, October 17, 2018 @ 07:10 AM gHale

By Gregory Hale
Critical infrastructures are under cyber attack, and that is not new news, but the same entities are also facing the potential for electromagnetic pulse attacks (EMP). Does that sound like science fiction or like something from Hollywood? Or maybe it sounds more like Chicken Little yelling, “the sky is falling, the sky is falling.” Think again. RELATED STORIES
GSX: Integrate All Security
ICS/IIoT Taxonomy Needed for Effective Communication
ICSJWG: Solid Solutions ‘Not Rocket Science’
ICSJWG: ‘If it Isn’t Secure, it Isn’t Safe’ “Cyber and electromagnetic attacks go after

Tuesday, October 16, 2018 @ 06:10 PM gHale

LCDS – Leão Consultoria e Desenvolvimento de Sistemas LTDA ME has a new version to mitigate multiple vulenrabilities in its LAquis SCADA, according to a report from NCCIC. The vulnerabilities are an untrusted pointer dereference, out-of-bounds read, integer overflow to buffer overflow, path traversal, out-of-bounds write, and stack-based buffer overflow. RELATED STORIES
NUUO Clears Video Recorder Holes
NUUO Fixes CMS Vulnerabilities
Delta Fixes Industrial Automation TPEditor
Vulnerabilities in XMeye P2P Cloud Server Successful exploitation of these remotely exploitable vulnerabilities, discovered by Mat Powell of Trend Micro Zero Day Initiative, rgod of 9SG

Tuesday, October 16, 2018 @ 05:10 PM gHale

Grass America, Incorporated, makes functional movement hardware and accessories, such as hinge systems, soft close drawer systems, and drawer slides, for kitchens, baths, and offices. The Kernersville, North Carolina, facility employs 154 employees and it operates in 263,000 square feet. RELATED STORIES
MD Window Maker Sees SHARP Benefits
AeroFab Earns SHARP Safety Award
PA Roll Forming Firm gets SHARP

QC Manufacturing Drops Injury Rates SHARPly
Grass America first worked with North Carolina Department of Labor (NCDoL), Safety and Health Consultation Program in 2007 and had good results with their Total

Tuesday, October 16, 2018 @ 12:10 PM gHale

A Newton, MA, got 17.5 yars behind bars after pleading guilty for multiple counts of cyberstalking a former female housemate, computer hacking, aggravated identity theft, and hoax bomb threats. Ryan S. Lin, 25, engaged in a cyberstalking campaign against a 25-year old former female housemate between May 2016 through Oct. 5, 2017, hacking into her online accounts and stealing personally identifiable information, as well as private information such as photos, diary entries, medical details, and more. RELATED STORIES
CA Man Pleads Guilty for Website Hacking
7 Russians Indicted for Hacking: DoJ
Ex-NSA Worker gets

Tuesday, October 16, 2018 @ 12:10 PM gHale

A California man pleaded guilty to two counts of computer fraud for causing damage to a protected computer. Billy Ribeiro Anderson, also known by his online names of AlfabetoVirtual and Anderson Albuquerque, faces possible maximum sentence of 10 years for each count. RELATED STORIES
7 Russians Indicted for Hacking: DoJ
Ex-NSA Worker gets Over 5 Years
Counter AV Service Provider gets 14 Years
Mirai Authors Avoid Hard Time “Billy Anderson hacked the websites of the New York City Comptroller and West Point, one of the most prestigious military academies in the world,”

Monday, October 15, 2018 @ 07:10 PM gHale

A criminal indictment ended up unsealed Thursday that charges seven Russian citizens and residents with computer hacking, wire fraud, identity theft and money laundering, said officials at the Department of Justice (DoJ). The indictment by a grand jury in the Western District of Pennsylvania accuses the men of perpetrating “persistent and sophisticated computer intrusions” against multiple targets in the U.S. and abroad meant to promote the strategic interests of the Russian government. RELATED STORIES
Ex-NSA Worker gets Over 5 Years
Counter AV Service Provider gets 14 Years
Mirai Authors Avoid Hard Time
More

Monday, October 15, 2018 @ 06:10 PM gHale

Gas and electricity provider FortisBC asked British Columbia, Canada, residents to turn down their thermostats and reduce natural gas use on other appliances following Tuesday’s Enbridge gas line explosion near Prince George. Puget Sound Energy, a U.S. energy company, is also asking customers in Washington state to help conserve natural gas and electricity because of B.C.’s pipeline rupture and the impact it has on the U.S. gas supply. RELATED STORIES
Irving Oil Looks for Cause of Refinery Blast
Chemical Tank Lid Blows, Starts Fire
CT Heat Treating Plant Blaze Accidental
Fire at

Monday, October 15, 2018 @ 06:10 PM gHale

A malfunction in a diesel-treating unit is believed to be the source of a blast and fire at Irving Oil’s refinery in Saint John, New Brunswick, Canada, last Monday, a company officials said. WorkSafeNB, the Department of Environment and Emergency Measures Organization (EMO) officials will try to “understand what happened” and decide on next steps, said Irving Oil’s chief refining and supply officer Kevin Scott. RELATED STORIES
Chemical Tank Lid Blows, Starts Fire
CT Heat Treating Plant Blaze Accidental
Fire at CT Heat Treating Plant
TX Feed Mill Fire Involves Ammonium Nitrate