NEWSWEEKLY FOR SAFETY AND SECURITY PROFESSIONALS   January 13, 2022
Safety Security Technology Update Company/Product News
Subscribe
NEWS

Russian Cyber Alert Misses Mark for OT
In an effort to prepare critical organizations for anticipated Russian cyber activity and mitigate potential fallout which may come in cyber-physical attacks, the federal government may be missing some of the nuances of protecting the OT environment.

To that end, a joint Cybersecurity Advisory (CSA) released Tuesday warning organizations of Russian state-sponsored cyber threats and help the cybersecurity community reduce the risk presented by these threats.

This CSA, developed by the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and National Security Agency (NSA), provides an overview of Russian state-sponsored cyber operations; commonly observed tactics, techniques, and procedures (TTPs); detection actions; incident response guidance; and mitigations. more

Pharma Service Provider Hit in Cyber Attack
Digital prescription fulfillment provider, Ravkoo, suffered a cybersecurity incident this past September where an unauthorized third party infiltrated the company’s AWS cloud portal affecting 105,000 of its customers. more

Chemical Maker Hit in Cyber Attack
Specialty chemical maker, Element Solutions Inc., suffered a cyber attack, company officials said Monday. “Element Solutions recently detected a cyber intrusion on certain of the Company’s information technology systems,” the company said in a statement. “Upon detection of the incident, the company promptly took action to contain it and implement business continuity and data recovery protocols.” more

Fatalities, Injuries Rise from Grating Miscues …
Whether it is personnel misjudging grating integrity and/or not understanding how physical changes to the grating affect integrity, there has been an increase in safety incidents. more

… Ignoring Safe Work Practices Leads to Platform Fatality
A failure to ensure safe work practices ended up enforced along with supervisors failing to fulfill their responsibilities and workers not adhering to safety requirements, along with a sense of complacency, led to a fatality on a platform off the Gulf of Mexico, officials said. more

SAFETY

6 Workers Die from Toxic Fumes
Six factory workers died and 22 others ended up hospitalized after they inhaled toxic fumes leaking from a chemical tanker parked near a factory in Gujarat's Surat, India, district early Thursday morning, officials said.

The workers were in the dyeing factory, located in Sachin industrial area, when the incident took place, said Surat Municipal Corporation's (SMC) in-charge chief fire officer Basant Pareek.

Firefighters got the call around 4:25 a.m., Pareek said, adding 25 to 26 workers fell unconscious after inhaling the toxic fumes coming out of the chemical tanker parked on a roadside near the factory and were rushed to the new civil hospital. more

One Dead after Blast at Defense Contractor
A dust collector containing aluminum alloy exploded at a Taichung factory of defense contractor Aerospace Industrial Development Corporation (AIDC) killing one worker and injured six others late last month. more

Cleaning System Catches Fire at Lithography Factory
Dutch semiconductor component company ASML suffered a fire at a factory in Berlin, Germany.  more

AL Chemical Maker Fined for Fatal Exposure
Exposure to dangerous toxins at a Decatur, Alabama, chemical manufacturing plant – Daikin America Inc. – lead to the deaths of two workers and sickened another after the employer failed to provide appropriate protective equipment and implement safe work practices during maintenance activities on chemical processing equipment, said officials at the Occupational Safety and Health Administration (OSHA). more

TX Recycling Firm Settles Refrigerant Release Case
Derichebourg Recycling USA Inc. (Derichebourg) of Houston reached a settlement Friday to resolve Clean Air Act violations at 10 scrap metal recycling facilities in Texas and Oklahoma. more

Ongoing Gulf Oil Spill Case Settled
Taylor Energy Company LLC, a Louisiana oil and gas company, agreed Wednesday to turn over all its remaining assets to the United States upon liquidation to resolve its liability for the oil spill at its former Gulf of Mexico offshore oil production facility  the source of the longest-running oil spill in U.S. history, ongoing since 2004. more

Hazardous Waste Site Cleanup Settlement
Alcoa Corporation and Howmet Aerospace, successors to Alcoa Incorporated, and the City of East St. Louis, Illinois, will clean up hazardous waste disposal sites surrounding Alcoa’s former aluminum manufacturing plant in East St. Louis to resolve federal liability, federal officials said Friday. more

NRC Nixes Reactor Application
Oklo Power, LLC.’s application to build and operate the company’s Aurora compact fast reactor in Idaho was denied. more

Questions Over SC Nuke Fuel Plant License Renewal
U.S. Environmental Protection Agency (EPA), citing a history of troubles at Westinghouse’s Columbia, South Carolina, nuclear fuel plant, said regulators should resolve questions about radioactive pollution at the factory before giving it permission to operate another four decades. more

MI Firm Fails to Keep Eye on Radioactive Material
JAN X-Ray Services Inc. is facing a $15,000 fine for failing to control and maintain surveillance of licensed radioactive material, federal officials said. more

Worker Pulled into Machine, Company Fined
A Wales manufacturer ended up fined £76,179.40 ($103,086.50) after one of its employees needed surgery when one of his hands became caught and he was pulled into a machine. more

Superior Metal Products Stays SHARP
Omaha, Nebraska-based Superior Metal Products partners with companies that require simple to complex complete machined components and assemblies. more

SECURITY

Secure Underground Injection Pressure Reporting Solution
Bedrock Automation released a secure solution for automated remote monitoring, reporting and control of underground injection water pressure at wellheads.

The underground injection control (UIC) system handles all data monitoring, analysis, control and reporting necessary for compliance with California Code of Regulations Title 14 § 1724.10.4 and includes secure advanced process control capabilities for wellsite optimization.

“The state of California requires stringent monitoring of pressure being injected to aid water flood, and the deadline for such compliance has already passed,” said Bedrock Automation founder, chief executive, and CTO Albert Rooyakkers. “Non-compliant wells are subject to fines of up to $25,000 a day. In just days, we can set up a secure monitoring system via the cloud that eliminates risk of fines while improving pressure monitoring and reporting performance.” more

Advancing Cybersecurity Talent Pipeline
No one will deny there is a dearth of qualified cybersecurity professionals out in the workforce, and the University of Texas at El Paso (UTEP) is trying to bring more workers into the profession. more

Model Finds Cost of Critical Infrastructure Incidents
Whether it was natural or manmade, resilience of critical infrastructure networks has gone through some serious testing over the past year. more

Johnson Controls Fixes VideoEdge Hole
Sensormatic Electronics, LLC, a subsidiary of Johnson Controls, Inc., has an upgrade available to handle an improper handling of syntactically invalid structure vulnerability in its VideoEdge, according to a report with CISA. more

Siemens Fixes Teamcenter Active Workspace
Siemens has updates available to handle a path traversal vulnerability in its Teamcenter Active Workspace, according to a report with CISA. more

Siemens Clears SiPass Integrated Holes
Siemens has an update available to handle a series of exposure of resource to wrong sphere vulnerabilities in its SiPass Integrated, according to a report with CISA. more

Siemens Fixes Simcenter STAR-CCM+ Viewer
Siemens has an update available to handle an out-of-bounds write vulnerability in its Simcenter STAR-CCM+ Viewer, according to a report with CISA. more

Siemens Clears Siveillance Identity Holes
Siemens has an update available to handle multiple exposure of resource to wrong sphere vulnerabilities in its Siveillance Identity, according to a report with CISA. more

Siemens Fixes Questa, ModelSim Hole
Siemens has an upgrade available to handle an insufficiently protected credentials vulnerability in its Questa Simulation and ModelSim Simulation, according to a report with CISA. more

Omron Fixes CX-One
Omron has an update available to handle a stack-based buffer overflow in its CX-One, according to a report with CISA. more

WECON Vulnerabilities Remain in LeviStudioU
WECON has not responded to a report of stack-based buffer overflow and heap-based buffer overflow vulnerabilities in its LeviStudioU, according to CISA. more

Horner Automation Fixes Cscape EnvisionRV
Horner Automation has an update available to handle an improper input validation vulnerability in its Cscape EnvisionRV, according to a report with CISA. more

IDEC Fix for PLC Holes
IDEC has an update available to handle unprotected transport of credentials and plaintext storage of a password vulnerabilities in its PLCs (Programmable Logic Controllers), according to a report with CISA. more

Fix is in for Fernhill SCADA
Fernhill Software, Ltd. has a fix available to handle an uncontrolled resource consumption vulnerability in its Fernhill SCADA Server, according to a report with CISA. more

VMware Patches Buffer Overflow
VMware has updates available to handle a heap-based buffer overflow in its VMware Workstation, Fusion and ESXi. more

Security Provider Deals for Other Security Provider
Cerberus Cyber Sentinel Corporation, a cybersecurity consulting and managed services firm based in Scottsdale, Arizona, acquired True Digital Security, a cybersecurity operations and compliance company. more

Shedding Light on Differences in URL Parsing
There are major differences in the way different parsing libraries and tools handle Uniform Resource Locator (URLs), new research showed. more

CA Man Guilty in $50M Fraud
A California man pleaded guilty Wednesday admitting to conspiring to commit wire and securities fraud in connection with his role in a $50 million Internet-enabled fraud scheme, officials said. more

Chinese Man Guilty of Stealing Trade Secrets
A Chinese national formerly residing in Chesterfield, Missouri, pleaded guilty Thursday to conspiracy to commit economic espionage. more

TECHNOLOGY UPDATE 

A Manufacturing Mystery Solved
Worn-out industrial milling tools and damaged materials cost the manufacturing industry billions of dollars each year.

In manufacturing processes, components are shaped by removing chips from a bulk material, but a clear understanding of what factors control the size and shape of removed chips has remained elusive, limiting the manufacturing sector to incremental advancement based on trial-and-error approaches.

Making a perfect cut every time is desirable, and now researchers at Aarhus University have modelled and experimented their way to solve the long-standing challenge of finding a perfect cutting process that minimizes tool wear and optimizes surface finish. more

3D Printing Nuclear Reactor Components
A method to 3D print components for nuclear reactors has been licensed by Ultra Safe Nuclear Corporation (USNC). The technology, developed by the Department of Energy’s Oak Ridge National Laboratory, uses a sophisticated additive manufacturing technique to print refractory materials, which are highly resistant to extreme heat and degradation, into components with complex shapes needed for advanced nuclear reactor designs. more

COMPANY/PRODUCT NEWS

Defense, Deception Tactics Solution Launches
Honeywell and Acalvio Technologies released a solution designed to detect known and unknown (Zero Day) attacks across the operational technology (OT) environments in commercial buildings.

Honeywell Threat Defense Platform (HTDP) powered by Acalvio employs active defense – featuring autonomous deception tactics – and provides high fidelity threat detection.

Traditionally, building OT environments rely on prevention technology and passive detection such as perimeter security and network traffic analysis to secure systems. Yet, more than 1 in 4 (27 percent) facility managers experienced a cyber breach of their OT systems in the last 12 months, according to a survey conducted by Honeywell Building Technologies. more

Safety System Helps Hydrogen Production on Platform
Emerson is developing software and systems to enable safe and efficient operation of the world’s first offshore green hydrogen production process on an operational gas platform. more

Cybersecurity can lead to doubt and fear for any manufacturer, but there is always hope. Schneider Electric offers an organized approach to cybersecurity. From technology to services, we can help.

Schneider Electric


Details
ISSSource
Today with ISSSource Podcast
Contact Us
About Us


For any news tips,
contact Editor

Gregory Hale


This week's feature:

Mixing Incorrect Chemicals Resulted in Fatal Blast

An operator mixed incompatible chemicals, which caused a reaction producing hydrogen gas that released and caused a blast at AB Specialty Silicones in Waukegan, Illinois, killing four workers, a final report from federal investigators found.

The fatal blast started to unfold May 2, 2019, when operators at the AB Specialty Silicones manufacturing facility started performing a batch operation that involved manually adding and mixing chemicals in a tank inside the production building, according to investigators in a final report issued by the Chemical Safety and Hazard Investigation Board (CSB).

As it turns out during the operation, an operator pumped an incorrect chemical into the tank, which was incompatible with another chemical added to the tank.

The incorrect, incompatible chemical was stored in an identical drum to one of the correct chemicals, the only differentiating markings being small labels on the drums, and bung caps. After the incompatible chemicals mixed, the tank contents underwent a chemical reaction, causing a process upset in which the tank contents foamed and overflowed from the tank’s top opening. A fog also formed. The CSB determined the process upset produced hydrogen gas, which released inside the manufacturing facility’s production building. more

 

 
 

 

 


© 2020 MediaSolve Group. All rights reserved.
Our address is 7941 Katy Freeway, #183, Houston, TX 77024
 
If you do not wish to receive future email, click the link below or send your request to Customer Care at the street address above.

Please do not reply to this message. To no longer receive these types of messages, you may opt out of our mailing list.