Patrick Coyle @Pjcoyle@qoto.org
Joined Oct 2022
Chemical Incident Reporting – Week of 2-3-24 – 1 incident – possible CSB reportable – http://tinyurl.com/bddwxzhp #CSB #ChemicalIncident
CRS Reports – Week of 2-3-24 – Freight Rail Safety Legislation – Pending legislation and issues - http://tinyurl.com/yucaaat7 #CRS #RailSafety #Legislation
Review - Public ICS Disclosure – Week of 2-3-24 – Fairly busy disclosure week before Cyber Tuesday – 22 vendor disclosures – 1 vendor update – 3 exploits – Includes two more KEV’s as third-party vulnerabilities – Short version – http://tinyurl.com/5n96b93s #icsSecurity
Public ICS Disclosure – Week of 2-3-24 – Fairly busy disclosure week before Cyber Tuesday – 22 vendor disclosures – 1 vendor update – 3 exploits – Includes two more KEV’s as third-party vulnerabilities - http://tinyurl.com/jf7bp7y2 Subscription required #icsSecurity
CFSN Detailed Analysis - Substack Daily Update – 2-9-24 – Free Content – http://tinyurl.com/ye2vffpy
CISA adds FortiGuard vulnerability to their Known Exploited Vulnerability (KEV) catalog: CVE-2024-21762 - http://tinyurl.com/mr2mfhse
@foone 10" floppies????
Review - HR 7062 Introduced – Food & Ag Cybersecurity – Would require USDA to assess ag sector cybersecurity – Additionally requires annual food sector security exercises – Short version – http://tinyurl.com/59xjw5p2 #Legislation
HR 7062 Introduced – Food & Ag Cybersecurity – Would require USDA to assess ag sector cybersecurity – Additionally requires annual food sector security exercises - http://tinyurl.com/yyj7re9j Subscription required #Legislation
Bills Introduced – 2-8-24 – 35 bills – S 3773, HHS IG cybersecurity – S 3792, NIST cybersecurity – http://tinyurl.com/3fa9u2pj #Legislation #Cybersecurity
CFSN Detailed Analysis - Substack Daily Update – 2-8-24 – Free Content – http://tinyurl.com/msvj3zwj
Patrick Coyle
boosted
Free Palestine from Hamas. Free Israel from Netanyahu.
Short Takes – 2-8-24 – Drone swarm attack – SpaceX moon launch – FRA emergency order – New nuclear plant approved – Ocean in Saturn moon – 3 million toothbrushes – Voyager memory failure – Plant oil content – Rubin Observatory – Test moon landing - http://tinyurl.com/5n755dss
Patrick Coyle
boosted
Just notified a company specializing in email security that their internal email -- and that of their customers -- was sitting out on the web.
Each inbox -- whether for company customers or employees of those companies -- was viewable just by visiting a link with a web browser and clicking links. Everything was exposed in basically one big file index.
This level of ineptitude is remarkable, and somehow they have a lot of customers (think state/local govs). To their credit, they took everything offline within a few minutes of my notifying them. But their entire business schtick is about how all your email is encrypted and protected and scanned and blah blah. Meanwhile, no it's not. At all.
1 Advisory and 1 Update Published – 2-8-24 – NCCIC-ICS control system security advisory for products from Qolsys (Johnson Controls) – Update for an advisory for products from ProPump and Controls - http://tinyurl.com/3rtuehux Subscription required #icsSecurity
Bills Introduced – 2-7-24 – 70 bills – S 3758, UAS security vulnerabilities – http://tinyurl.com/3bcc8fx6 #Legislation
CFSN Detailed Analysis - Substack Daily Update – 2-7-24 – Free Content – http://tinyurl.com/4m6cp7xe
Review - OSHA Publishes Emergency Response Standard NPRM – Part 2 – Scope – Looks at the expanded coverage for a completely revised §1910.156 – Short version – http://tinyurl.com/2bdnnjx8 #Regulation #OSHA
Review - CSB Updates Status of 7 Recommendations – 2-2-25 – 6 recommendations closed – 1 interim update pending final action – Short version – http://tinyurl.com/bdh7v78v #CSB
CSB Updates Status of 7 Recommendations – 2-2-25 – 6 recommendations closed – 1 interim update pending final action - http://tinyurl.com/3bf8n2vk #CSB
Joined Oct 2022
