This is a archive for News.

Friday, May 24, 2019 @ 05:05 PM gHale

Over the past few years, there has been a series of derailments involving dangerous chemicals, but there have been some serious safety improvements. Along those lines, Norfolk Southern Railway (NS) recognized 58 of its chemical shipper customers with the Class I’s 2018 Thoroughbred Chemical Safety Award. RELATED STORIES
Corteva Agriscience Wins Safety Award
SHARP Boosts Bottom Line for WV Fabricator
Safety Pays Off: KIC Stays SHARP
SHARP Report: Lauren Concrete’s Lucky 13 The award is part of an NS initiative to promote safe rail-shipping practices in communities the railroad services, NS officials

Friday, May 24, 2019 @ 05:05 PM gHale

In a huge effort to increase the amount of cybersecurity professionals, 2,400 students were notified Wednesday they reached the Cyber FastTrack scholarship round where they compete for $2.5 million in scholarships for studies at their colleges and for advanced courses at SANS Institute. Twenty-five state governors launched the SANS Institute’s Cyber FastTrack April 5 as the first step in a national initiative to close the U.S. cybersecurity skills gap. RELATED STORIES
KU Garners Funding to Hike IoT Security
New Way to Advance Cybersecurity
AI Learns to Grow
AI Alert: Helping Robots Remember

Wednesday, May 22, 2019 @ 05:05 PM gHale

By Gregory Hale
Increased connectivity means more data is coming into manufacturing facilities, and all that data is great and important, but operators need to know the quality of that data within the proper context. “You can argue the industrial space is the new risk frontier,” said Leo Simonovich, vice president and global head of industrial and digital security at Siemens during Wednesday’s Spotlight on Innovation in Orlando, FL. “Our goal is to protect energy’s industrial infrastructure from increasingly sophisticated and malicious industrial threats.” RELATED STORIES
Manufacturing Report: Financial Attacks on Rise
Siemens, TÜV SÜD

Tuesday, May 21, 2019 @ 09:05 PM gHale

Root cause analysis of the leak at Southern California Gas Company’s (SoCalGas) Aliso Canyon Natural Gas Storage Facility that began on October 23, 2015, found the direct cause was a rupture of the outer 7-inch well casing due to microbial corrosion from the outside resulting from contact with groundwater, an independent researcher discovered. The California Public Utilities Commission (CPUC) and the Department of Conservation’s Division of Oil, Gas, and Geothermal Resources (DOGGR) unveiled the results Friday. RELATED STORIES
1 Dead, 15 Hurt after NC Gas Blast
Lightning Strike Kicks Off TX Oilfield Fire

Tuesday, May 21, 2019 @ 02:05 PM gHale

Computrols has upgrades available to handle multiple vulnerabilities in its CBAS Web, according to a report with NCCIC. The vulnerabilities include a cross-site request forgery, information exposure through discrepancy, cross-site scripting, command injection, information exposure through source code, use of hard-coded cryptographic key, SQL injection, authentication bypass using an alternate path or channel, and inadequate encryption strength. RELATED STORIES
Mitsubishi Ethernet Module Firmware Fixed
Fuji Electric Fixes Alpha7 PC Loader
Schneider Mitigations for Modicon Controllers

Tuesday, May 21, 2019 @ 02:05 PM gHale

Mitsubishi Electric released new firmware to mitigate an uncontrolled resource consumption vulnerability in its MELSEC-Q series Ethernet module, according to a report with NCCIC. Successful exploitation of this vulnerability, discovered by Younes Dragoni and Alessandro Di Pinto of Nozomi Networks, may render the device unresponsive, requiring a physical reset of the PLC (Programmable Logic Controller). RELATED STORIES
Fuji Electric Fixes Alpha7 PC Loader
Schneider Mitigations for Modicon Controllers

Monday, May 20, 2019 @ 05:05 PM gHale

It may be hard to think of a misconfigured system as a threat, but it can be the silent killer. To that point, publicly disclosed misconfiguration incidents increased 20 percent year-over-year, a new report found. While there was a rise in incidents, on the positive side, misconfigurations were not responsible for as many compromised records as the year before. There was a 52 percent decrease in records compromised because of this threat vector, according to the IBM X-Force Threat Intelligence Index 2019. RELATED STORIES
Manufacturing, Energy Targeted Industries
Manufacturing BEC Victims: Report
C-Suite a

Monday, May 20, 2019 @ 05:05 PM gHale

Manufacturing and energy sectors appear in the top ten of industries most targeted by attackers, a new report found. The fifth-most targeted industry is manufacturing, according to the IBM X-Force Threat Intelligence Index 2019. IBM Security released the IBM X-Force Threat Intelligence Index annually, which summarizes the most prominent threats raised by our research teams from over the past year. RELATED STORIES
Manufacturing BEC Victims: Report
C-Suite a Big Attack Target: Report
Manufacturing Report: Financial Attacks on Rise
Siemens, TÜV SÜD Partner on Safety-Security The manufacturing sector, which the report says includes

Monday, May 20, 2019 @ 03:05 PM gHale

A complex transnational organized cybercrime network that used GozNym malware in an attempt to steal an estimated $100 million from unsuspecting victims in the United States and around the world ended up dismantled, Department of Justice (DoJ) officials said Thursday. GozNym infected tens of thousands of computers worldwide, primarily in the United States and Europe, DoJ officials said. The operation was highlighted by the initiation of criminal prosecutions against members of the network in four different countries as a result of cooperation between the United States, Georgia, Ukraine, Moldova, Germany, Bulgaria, Europol and Eurojust. RELATED STORIES
Ex-CIA Officer

Monday, May 20, 2019 @ 02:05 PM gHale

A former CIA officer will spend the next 20 years of his life behind federal bars after his conviction for conspiracy to transmit national defense information to an agent of China. Kevin Patrick Mallory, 62, of Leesburg, Virginia, received 20 years in prison Friday which will be followed by five years of supervised release, said officials at the Department of Justice (DoJ). RELATED STORIES
Nine Charged in Online Identity Theft
Two Indicted for Anthem Attack
Feds Bust a Darknet Infrastructure Force
Accused ‘Malvertiser’ Extradited to U.S. “This sentence, together with the