Your one-stop web resource providing safety and security information to manufacturers

Advice on Connecting an IoT Device

In a continuing move to help all Internet of Things (IoT) users be aware of the risks to their security and privacy and help them approach those risks with open eyes, a new information report is out outlining those risks. This new report from the National...

read more

Schneider Fixes Floating License Manager

Schneider Electric has an upgrade available to handle improper validation and memory corruption vulnerabilities in its Floating License Manager, according to a report with NCCIC. These remotely exploitable vulnerabilities could allow an attacker to deny...

read more

AVEVA Handles Floating License Manager Issue

AVEVA has an upgrade plan to handle an improper input validation and memory corruption vulnerabilities in its Vijeo Citect and Citect SCADA Floating License Manager, according to a report with NCCIC. These vulnerabilities could allow an attacker to deny...

read more

Philips has Plan to Fix Holter 2010 Plus Hole

Philips has a plan to handle a use of obsolete function vulnerability in its Holter 2010, according to a report with NCCIC. Successful exploitation of this vulnerability under certain conditions can lead to a product feature escalation. Philips...

read more

GE Mitigation Plan for Anesthesia Devices

GE has recommendation and will provide updates and additional security information on an improper authentication vulnerability in its Aestiva and Aespire Anesthesia devices, according to a report with NCCIC. Successful exploitation of this vulnerability,...

read more

Rockwell Fills Hole in PanelView 5510

Rockwell Automation has updated software to handle an improper access control vulnerability in its PanelView 5510, according to a report with NCCIC. Successful exploitation of this remotely exploitable vulnerability could allow a remote unauthenticated...

read more

Schneider Fixes Zelio Soft 2 Issue

Schneider Electric has an updated version of Zelio Soft 2 that mitigates an use after free vulnerability, according to a report from NCCIC. Successful exploitation of this vulnerability, discovered by 9sg Security Team working with Trend Micro Zero Day...

read more

Siemens Fixes SIPROTEC 5, DIGSI 5 Holes

Siemens has a new version available to handle improper input validation vulnerabilities in its SIPROTEC 5 and DIGSI 5, according to a report with NCCIC. Successful exploitation of these remotely exploitasble vulnerabilities, discovered by Pierre Capillon,...

read more

Siemens Clears Spectrum Power XSS

Siemens has a software update to handle a cross-site scripting (XSS) vulnerability in its WebSDKcomponent of Spectrum Power 3, 4, 5 and 7, according to a report with Siemens ProductCERT. Ismail Mert AY AK from Biznet Bilisim A.S. and the CISA-Industrial...

read more

Siemens Updates TIA Portal Issue

Siemens released an update and provides workarounds and mitigations until the update can be applied for a missing authentication vulnerability in its TIA Administrator, according to a report from Siemens ProductCERT. The vulnerability, discovered by Joseph...

read more

Siemens Addresses ZombieLoad Issues

Vulnerabilities known as ZombieLoad and Microarchitectural Data Sampling (MDS) affect modern processors from different vendors to a varying degree and Siemens has processors that suffer from the issues, according to a report with Siemens ProductCERT. For...

read more

Siemens Fixes TLS SIMATIC Holes

Siemens has a fix for multiple vulnerabilities in its SIMATIC RF6XXR, according to a report from Siemens ProductCERT. The fixes are related to outdated TLS versions that are still supported by the product. RELATED STORIES Siemens Handline SIMATIC Code...

read more

SHARP Award Goes to MT Steel Maker

Billings, Montana-based Teton Steel of Montana is a reinforcing steel company that is employee-owned and locally run serving customers that range from the individual looking to complete a driveway to the huge corporate manager building a super highway. The...

read more

British Airways Faces Hefty GDPR Fine

British Airways faces a $230 million fine after a website failure compromised the personal details of half a million customers. To date, this would be the largest penalty yet under the General Data Protection Regulation (GDPR), which came into force last...

read more

Advantech Secures WebAccess/SCADA

Quest, upgrade ready to go, improper input validation vulnerability , KACE Systems Management Appliance, SMA, NCCIC, remotely exploitable vulnerability, discovered by Juan Pablo Lopez Yacubian, could allow an administrative user unintentional...

read more

Sony Attacker gets 27 Months

A man who hacked Sony Online Entertainment and other gaming companies will be doing 27 months in federal prison. Austin Thompson, 23, of Utah received the 27-month sentence Tuesday in federal court in San Diego. RELATED STORIES 6 Busted in Cryptocurrency Scheme...

read more

Environment Hit by Bourbon Blaze

A fire at a Jim Beam warehouse in Versailles, Kentucky, was in its third day of burning Thursday, as Kentucky officials began assessing the environmental impact the leaking bourbon was having on nearby waterways. The warehouse caught fire Tuesday night and burned...

read more

Tanker Blast Kills 1, Injures 15

An explosion on an LPG tanker killed an Italian crew member and injured 16 others at the port of Aliaga in Turkey’s western Izmir province late Monday. Despite the blast, though, work at the petrochemical plant continued, its operator said. RELATED STORIES Evac Lifts...

read more

Pin It on Pinterest

Share This