Your one-stop web resource providing safety and security information to manufacturers

News

Siemens Addresses ZombieLoad Issues

Vulnerabilities known as ZombieLoad and Microarchitectural Data Sampling (MDS) affect modern processors from different vendors to a varying degree and Siemens has processors that suffer from the issues, according to a report with Siemens ProductCERT. F …

Siemens Fixes TLS SIMATIC Holes

Siemens has a fix for multiple vulnerabilities in its SIMATIC RF6XXR, according to a report from Siemens ProductCERT. The fixes are related to outdated TLS versions that are still supported by the product. RELATED STORIES Siemens Handline SIMATIC Code …

Siemens Handling SIMATIC Code Upload Hole

Siemens has some fixes and working on others to mitigate a code upload vulnerability in the SIMATIC WinCC DataMonitor web application and the SIMATIC PCS 7, according to a report from Siemens ProductCERT. An attacker has to be authenticated with a vali …

SHARP Award Goes to MT Steel Maker

Billings, Montana-based Teton Steel of Montana is a reinforcing steel company that is employee-owned and locally run serving customers that range from the individual looking to complete a driveway to the huge corporate manager building a super highway. …

British Airways Faces Hefty GDPR Fine

British Airways faces a $230 million fine after a website failure compromised the personal details of half a million customers. To date, this would be the largest penalty yet under the General Data Protection Regulation (GDPR), which came into force la …

Advantech Secures WebAccess/SCADA

Quest, upgrade ready to go, improper input validation vulnerability , KACE Systems Management Appliance, SMA, NCCIC, remotely exploitable vulnerability, discovered by Juan Pablo Lopez Yacubian, could allow an administrative user unintentional access, u …

Sony Attacker gets 27 Months

A man who hacked Sony Online Entertainment and other gaming companies will be doing 27 months in federal prison. Austin Thompson, 23, of Utah received the 27-month sentence Tuesday in federal court in San Diego. RELATED STORIES 6 Busted in Cryptocurren …

Environment Hit by Bourbon Blaze

Aerial video of the Jim Beam warehouse fire in Woodford County.Source: WKYT A fire at a Jim Beam warehouse in Versailles, Kentucky, was in its third day of burning Thursday, as Kentucky officials began assessing the environmental impact the leaking bou …

Tanker Blast Kills 1, Injures 15

An LPG tanker explosion in Turkey left one worker dead and 16 others injured. An explosion on an LPG tanker killed an Italian crew member and injured 16 others at the port of Aliaga in Turkey’s western Izmir province late Monday. Despite the blast, tho …

Schneider Mitigates Modicon Issue

Schneider Electric has mitigations available to handle an improper check for unusual or exceptional conditions vulnerability in its Modicon Controllers, according to a report with NCCIC. Successful exploitation of this remotely exploitable vulnerabilit …

Quest has Fix for KACE Appliance

Manufacturing is a very competitive market to be in. It has undergone several evolutions in recent years, each with the aim of optimizing production processes and increasing agility to meet customer demands, while also reducing production costs.

APT Group Expands to Electric Sector: Dragos

Manufacturing is a very competitive market to be in. It has undergone several evolutions in recent years, each with the aim of optimizing production processes and increasing agility to meet customer demands, while also reducing production costs.

Advantech Secures WebAccess/SCADA

Advantech has a new version to address multiple vulnerabilities in its WebAccess/SCADA, according to a report with NCCIC. The vulnerabilities are a path traversal, stack-based buffer overflow, heap-based buffer overflow, out-of-bounds read, out-of-boun …

SICK Handles MSC800 Issue

SICK has new firmware to mitigate a use of hard-coded credentials vulnerability in its MSC800, according to a report with NCCIC. Successful exploitation of this vulnerability, discovered by Tri Quach of Amazon’s Customer Fulfillment Technology Security …

ABB Clears CP635 HMI Vulnerability

ABB has an update available to mitigate a use of hard-coded credentials vulnerability in its CP635 HMI, according to a report with NCCIC. Successful exploitation of this vulnerability, which is exploitable from an adjacent network, could allow an attac …

ABB Fixes CP651 HMI Hole

ABB has an update available to mitigate a use of hard-coded credentials vulnerability in its CP651 HMI, according to a report with NCCIC. Successful exploitation of this vulnerability, which is exploitable from an adjacent network, could allow an attac …

ABB Clears Panel Builder 600 Holes

ABB has new versions available to mitigate multiple vulnerabilities in its PB610 Panel Builder 600, according to a report from NCCIC. The vulnerabilities include a use of hard-coded credentials, improper authentication, relative path traversal, imprope …

Medtronic Plan for Insulin Pump Hole

Medtronic suggests patients currently using the MiniMed 508 and Paradigm Series Insulin Pumps to their healthcare provider about changing to a newer model insulin pump with increased cybersecurity protection because of an improper access control vulner …

Anomaly Detection can Lead to Prevention

By Gregory Hale A cyberattack can break out at a moment’s notice and understanding what devices a manufacturer has working on the network and knowing the configurations is possible today, but the next step is to take that knowledge and move toward prev …

6 Busted in Cryptocurrency Scheme

Six people are facing charges after a 14-month long investigation into a $27.3 million (€24 million) cryptocurrency theft. Five men and one woman, between the ages of 19 and 37, ended up arrested in simultaneous warrants Tuesday at their homes in Charl …

Pin It on Pinterest