Your one-stop web resource providing safety and security information to manufacturers

Archives

Pemex Hit by Ransomware, Won’t Pay

Pemex, Mexico’s national oil company, suffered a ransomware attack and said it will not give in to the demands, government officials said. Pemex will not pay a ransom demanded by suspected cyber attackers who targeted the firm’s computer systems, Energ …

Robot Finds to Source of Nuclear Radiation

A robot prototype is in development that can identify the source of nuclear radiation and whether it has been shielded to avoid detection. The detection of neutrons from a radioactive element in a U.S. Department of Energy’s (DoE) Princeton Plasma Phys …

DHS: Decentralized Digital Credential Plan

Springfield, VA-based SICPA Product Security, LLC earned $181,392 to develop a solution for credential issuers to manage and verify digital credentials that are the secure digital equivalent to secure physical credentials without reengineering their cu …

DHS: Blockchain for Credential Lifecycle Management

Blacksburg, VA-based Digital Bazaar picked up a $199,984 grant for blockchain credential lifecycle management. The grant was released via the Department of Homeland Security’s (DHS) Science and Technology Directorate (S&T) for blockchain and distribute …

DHS: Blockchain for Credential Fraud

New York-based Learning Machine Technologies, Inc., won a $159,040 grant to develop blockchain security technology to prevent credential fraud. Government agencies issue, validate, and verify credentials for a variety of purposes and that is why the De …

VMware Fixes Vulnerabilities

VMware released fixes for its Workstation and Fusion products that addresses multiple security vulnerabilities. The products, which rated an important category, VMware Workstation Pro/Player (Workstation) and VMware Fusion Pro/Fusion (Fusion). CVSSv3 s …

Philips to Fix IntelliBridge EC40/80 Hole

Philips is planning a new release next year to mitigate an inadequate encryption strength vulnerability in its IntelliBridge EC40 and EC80, according to a report with CISA. Successful exploitation of this vulnerability, discovered by the Medical Techno …

Siemens Updates Mentor Nucleus Networking Module

Siemens has software updates to handle an improper input validation vulnerability in its Mentor Nucleus Networking Module, according to a report with CISA. Successful exploitation of this vulnerability, discovered by Armis, could allow an attacker to a …

Siemens’ Workarounds for S7-1200 CPU Hole

Siemens has workarounds and mitigations to handle an exposed dangerous method or function vulnerability in its S7-1200 CPU, according to a report with CISA. Successful exploitation of this vulnerability could expose additional diagnostic functionality …

Siemens Patches Desigo PX Devices

Siemens has updates available to handle an external control of assumed-immutable web parameter vulnerability in its Desigo PX Devices, according to a report with CISA. Successful exploitation of this remotely exploitable vulnerability, discovered by Gj …

Omron Fixes CX-Supervisor Hole

Omron has an update available to mitigate a use of obsolete function vulnerability in its CX-Supervisor, according to a report with CISA. Successful exploitation of this remotely exploitable vulnerability, discovered by Michael DePlante of Trend Micro’ …

ABB Upgrade Fixes Bypass Hole

ABB is advising users to upgrade to Symphony Plus Historian to handle an authentication bypass using an alternate path or channel vulnerability in its Power Generation Information Manager (PGIM) and Plant Connect, according to a report with CISA. Succe …

GANs for Nuclear Waste Remediation

A research collaboration achieved exaflop performance on the Summit supercomputer with a deep learning application used to model subsurface flow in the study of nuclear waste remediation. “In science we know the laws of physics and observation principl …

TPM Flaws Affect Billions of Devices

Serious security vulnerabilities in computer chips made by Intel Corp. and STMicroelectronics affect billions of laptop, server, tablet, and desktop users around the world. The two vulnerabilities, which have been addressed, would have allowed attacker …

Patch Tuesday Clears IE Zero Day

Microsoft’s Patch Tuesday has come and gone, but it did include a fix for an Internet Explorer (IE) Zero Day among the over 70 vulnerabilities. The IE issue (CVE-2019-1429) could allow an attacker to execute remote code because of the way the scripting …

Dragos, Chertoff Group Form Alliance

The Chertoff Group and Dragos, Inc. formed an alliance in a move where they hope to provide a holistic approach to cybersecurity risk management for industrial organizations. The Chertoff Group is combining its policy intelligence, technology expertise …

SC Nuke Shuts Down for ‘Small’ Reactor Leak

A nuclear power plant in South Carolina was forced to shut down operations indefinitely to repair a “small” coolant leak in its reactor. The VC Summer nuclear plant operator said the incident was so minor there was no need to inform the public. The coo …

2 Contractors Settle Exxon Explosion Suit

Two former contract workers severely burned in a November 2016 explosion at ExxonMobil’s Baton Rouge, LA, refinery reached a financial settlement Nov. 4 with the company and others. Terms of the settlement hammered out in state District Judge Trudy Whi …

Fumes Force CA Onion Plant Evac

An incident at an Oxnard, CA, onion facility brought ambulances, firefighters and hazardous materials crews to the area late last month fearing an ammonia leak. First responders got the call at 5 p.m. at the Gills Onions facility Oct. 28, said Ventura …

After Huge Spill, ND Pipeline Restarts

After it shut down October 29 suffering from a 9,000-barrel oil spill in North Dakota, the Keystone pipeline returned to service, following the approval of TC Energy’s repair and restart plan by the Pipeline and Hazardous Materials Safety Administratio …

Pin It on Pinterest

Share This