This is a archive for News.

Friday, July 20, 2018 @ 05:07 PM gHale

An oilfield worker was killed and another injured after a WPX Energy tank battery caught fire Wednesday off U.S. Refinery Road near Loving, NM. The fire was believed to have started at about 12:45 p.m., said WPX Energy spokesperson, Kelly Swan. RELATED STORIES
Recyclables Fire Forces Evac, Power Loss
Chem Leak at OR Brewery Forces Evac
Paint Shop Blast Injures 4 at PA Army Depot
TX Chem Plant Fire Forces Evac He said a safety perimeter was immediately established for emergency response activities.  At about 4 p.m., Swan said the fire was

Friday, July 20, 2018 @ 01:07 PM gHale

By Alessandro Di Pinto and Younes Dragoni
Triton, also known as Trisis and HatMan, is one of only a few known malware frameworks that resulted in a direct physical impact on critical infrastructure. In 2017, Triton was used to attack a Saudi Arabian gas facility, directly interacting with, and remotely controlling, its Safety Instrumented System (SIS). Given the significance of this attack, Nozomi Networks conducted research on the malware to better understand how its multistage injection techniques work. RELATED STORIES
Safety, Connectivity and IIoT
PAS: Safety System Attack Preventable
SANS: ‘Unique’ Safety System

Thursday, July 19, 2018 @ 02:07 PM gHale

An entire village of Caledonia, IL, was forced to evacuate for a few hours Tuesday afternoon following a gas leak, officials said. The incident ended up contained around 4 p.m. and was no longer considered a threat to the public and all roads were reopened, according to the Boone County Sheriff’s Department. The gas leak occurred at 1:40 p.m. RELATED STORIES
PA Ammonia Leak Forces Evac
Fire Damages WV Aluminum Plant
Crews Fight Metal Shredder Fire
Corrosive Chem Spill at DE Poultry Plant The gas leak occurred near a grainery and crews

Thursday, July 19, 2018 @ 02:07 PM gHale

Moxa has new firmware to mitigate a resource exhaustion vulnerability in its NPort 5210, 5230, 5232 products, according to a report with NCCIC. Successful exploitation of this vulnerability, discovered by Mikael Vingaard, could allow a remote attacker to send TCP SYN packages, causing a resource exhaustion condition that would cause the device to become unavailable. RELATED STORIES
Echelon Fixes Multiple Vulnerabilities
AVEVA InTouch Updates Available
AVEVA Hotfix for Stack-Based Buffer Overflow
ABB Looking to Fix Panel Builder 800 A serial network interface, NPort 5210, 5230, and 5232 Versions 2.9 build 17030709 and

Thursday, July 19, 2018 @ 02:07 PM gHale

Echelon has updated software to mitigate multiple vulnerabilities in its SmartServer 1, SmartServer 2, i.LON 100, and i.LON 600 products, according to a report with NCCIC. The vulnerabilities include an information exposure, authentication bypass using an alternate path or channel, unprotected storage of credentials, and a cleartext transmission of sensitive information. RELATED STORIES
AVEVA InTouch Updates Available
AVEVA Hotfix for Stack-Based Buffer Overflow
ABB Looking to Fix Panel Builder 800
WAGO Fixes e!DISPLAY Holes Successful exploitation of these remotely exploitable vulnerabilities, discovered by Echelon who worked with Daniel Crowley and IBM’s X-Force

Thursday, July 19, 2018 @ 02:07 PM gHale

AVEVA Software, LLC. (AVEVA) has updated software to mitigate a stack-based buffer overflow in its InTouch, according to NCCIC. Successful exploitation of this remotely exploitable vulnerability, discovered by George Lashenko of CyberX, could allow an unauthenticated user to remotely execute code with the same privileges as those of the InTouch View process which could lead to a compromise of the InTouch HMI. Systems are only vulnerable if the operating system locales do not use a dot floating point separator. RELATED STORIES
AVEVA Hotfix for Stack-Based Buffer Overflow
ABB Looking to Fix Panel Builder 800

Thursday, July 19, 2018 @ 01:07 PM gHale

AVEVA Software, LLC (AVEVA) has a hotfix to handle a stack-based buffer overflow in its InduSoft Web Studio and InTouch Machine Edition, according to a report with NCCIC. The listed products are vulnerable only if the TCP/IP Server Task is enabled. A remote attacker could send a carefully crafted packet during a tag, alarm, or event related action such as read and write, which may allow remote code execution. Tenable Research reported this vulnerability to AVEVA. RELATED STORIES
ABB Looking to Fix Panel Builder 800
WAGO Fixes e!DISPLAY Holes
PEPPERL+FUCHS Releases Vulnerability Guidelines

Thursday, July 19, 2018 @ 01:07 PM gHale

North Carolina-based LabCorp Diagnostics, one of the largest clinical laboratories in the U.S., was forced to shut down its network Sunday after hackers were able to get in. Over the weekend of July 14, hackers got into LabCorp’s network. Company officials immediately took certain systems offline as part of its breach response policy to contain the hack. As a result, test processing and customer access to test results was temporarily impacted. RELATED STORIES
Summit: How to Keep Security Balanced
Digital Disruption: The Race is On
HUG: Cybersecurity Plan of Action
Age of

Wednesday, July 18, 2018 @ 02:07 PM gHale

Process unit startups and shutdowns are significantly more hazardous than normal oil refinery or chemical facility operations. A startup is a planned series of steps to take a process from an idle, at rest, state to normal operation. A shutdown is the reverse sequence. The Center for Chemical Process Safety (CCPS), an industry-sponsored membership organization that identifies and addresses process safety needs within the chemical, pharmaceutical, and petroleum industries, determined that a majority of process safety incidents occur during a plant startup, even though it represents only a small portion of the operating life of a plant. Process safety incidents

Wednesday, July 18, 2018 @ 01:07 PM gHale

EDITOR’S NOTE: While digital technologies will support cost efficiency in a growing gas industry, greater connectivity can raise cyber risk. Oil and gas quality assurance and risk management company, DNV GL, released a recommendation on how to manage cyber threats to the operational technology of gas networks. The spread of digital technologies in the oil and gas industry is generating new opportunities to improve performance, profitability and sustainability, but it also brings new safety and security challenges in operations, including gas networks. Gas transmission system operators are looking at artificial intelligence, the Industrial Internet of Things (IIoT), machine learning and