Patrick Coyle @Pjcoyle@qoto.org

CISA Adds 2 GeoVision Vulnerabilities to KEV Catalog – 5-7-25 – OS command injection vulnerabilities initially reported in June and November 2024 – Affected products are EOL no mitigation measures are available – https://tinyurl.com/3c6jfhsb #KEV #CISA

Short Takes – 5-7-25 AM – Pipeline Safety ICR renewal – H5N1 cases down – PFAS and medical devices – SpaceX flight 9 – EO 14290 & EO 14291 – https://tinyurl.com/55purdxn

National Hurricane Preparedness Week May 4-10 https://www.noaa.gov/hurricane-prep A little bit late but the info is good through Late November....

Review – Bills Introduced – 5-6-25 – 62 bills – HR 3207, DHS/DOJ temp flight restrictions – S 1625, DHS China working group – Short version – https://tinyurl.com/4m8ckfnf #Legislation

Bills Introduced – 5-6-25 – 62 bills – HR 3207, DHS/DOJ temp flight restrictions – S 1625, DHS China working group – MIP: HR 3209, app unfair and deceptive acts - https://tinyurl.com/3kzypb9w Subscription required. #Legislation

CFSN Detailed Analysis - Substack Daily Update – 5-6-25 – Free Content – https://tinyurl.com/2ptmfjxb

Short Takes – 5-26-25 PM – Gangs not controlled by Venezuela – Humanoid workforce – Signal clone hacked – Sea drone AA success – Shingles vaccine and dementia – Jared Isaacman and NASA – https://tinyurl.com/4e935zfx

Review – 3 Advisories Published – 5-6-25 – NCCIC-ICS control system security advisories for products from BrightSign, Milesight, and Optigo Networks – Short version – https://tinyurl.com/yve9v7y2 #icsSecurity

3 Advisories Published – 5-6-25 – NCCIC-ICS control system security advisories for products from BrightSign, Milesight, and Optigo Networks – https://tinyurl.com/3mr3zjmy Subscription required #icsSecurity

Short Takes – 5-6-25 AM – Automotive cybersecurity governance – State-sponsored hacktivists – DNA robotic switch – Spy budget cuts – Chemistry datasets – Bird flu testing – SPHEREx mission – Climate report killed – Ray return mission semi-successful –https://tinyurl.com/2scf5ym4

Short Takes – 5-6-25 AM – Automotive cybersecurity governance – State-sponsored hacktivists – DNA robotic switch – Spy budget cuts – Chemistry datasets – Bird flu testing – SPHEREx mission – Climate report killed – Ray return mission semi-successful –https://tinyurl.com/2scf5ym4

Review – Committee Hearings – Week of 5-4-25 – FY 2025 spending process starts with budget and oversight hearings – DOD science and technology hearing – Short version – https://tinyurl.com/597269fx #Hearings

Committee Hearings – Week of 5-4-25 – FY 2025 spending process starts with budget and oversight hearings – DOD science and technology hearing – https://tinyurl.com/4dhspe47 Subscription required #Hearings

Review – Public ICS Disclosures – Week of 4-26-25 – Part 2 – For Part 2 we have 2 additional vendor disclosures – 2 vendor updates – 9 researcher reports – Short version – https://tinyurl.com/2k4pn2bv #icsSecurity

Public ICS Disclosures – Week of 4-26-25 – Part 2 – For Part 2 we have 2 additional vendor disclosures – 2 vendor updates – 9 researcher reports – https://tinyurl.com/4z2kvytx Subscription required #icsSecurity

CFSN Detailed Analysis - Substack Daily Update – 5-3-25 – Free Content – https://tinyurl.com/52jtaf5y

Short Takes – 5-3-25 – GPS alternatives studied – Empty shelves – FY 2025 budget outline – Emergency responder training – US Army drones – Boeing cybersecurity special condition – Oregon off-shore volcano – https://tinyurl.com/5e4z9w6n

EPA Sends 2 Repeal Regulations to OMB – Two air pollution regulations - Probably Biden era regulations – https://tinyurl.com/bdffs6p7 #Regulation #EPA

PHMSA Sends Pipeline Repair Criteria NPRM to OMB – https://tinyurl.com/3wxj49k5 #Regulation #PHMSA #PipelineSafety

Review – Public ICS Disclosures – Week of 4-26-25 – Part 1 – Moderately busy disclosure week – For Part 1 we have 11 vendor disclosures – Short version – https://tinyurl.com/48skvbpb #icsSecurity