Short Takes – 11-5-24

Latest space station science reveals news for astronaut health and telescope longevity. Phys.org article. Pull quote: “The day they return from space flight, astronauts demonstrate significant impairments in fine motor control and the ability to multitask in simulated flying and driving challenges. This finding could help develop countermeasures so crew members can safely land and conduct early operations on the moon and Mars.”

Bacteria discovery could accelerate mosquito control schemes. Phys.org article. Pull quote: “The mechanism for this is unclear, but it does not appear that these bacteria provide direct nutritional benefits. Instead, they changed the wider bacterial community, reducing the abundance of certain bacteria—including some species that may be slightly parasitic.”

NASA’s infrastructure crossroads. TheSpaceReview.com article. Pull quote: “In a webinar held by the National Academies to roll out the report [“NASA at a Crossroads”], Augustine and other committee members said that NASA has underinvested in facilities because of budget pressures. The amount of the agency’s budget that went to “mission support,” a line that includes facility maintenance, fell from 20% of NASA’s overall budget in 2013 to 14% in 2023. “In an opportunity-rich environment, such as NASA has confronted over the years, the choice has too frequently been to pursue near-term missions at the expense of investing in the ostensibly invisible foundational assets of the organization,” the report stated.”

How the Election Could Unfold: Four Scenarios. NYTimes.com article. Pull quote: “If the final result resembles the polls, all strengths and weaknesses will more or less cancel out, yielding yet another close election. There are reasons to think, however, that the race might break one way or another. The polls may show a tight race now, but they could err either way. Even if the polls are better this cycle, voters still might summarily decide that one side’s liabilities are more important as they head to the polls.”

Agencies have completed their pre-election transition briefings. Trump may still not get them on time. GovExec.com article. Pull quote: “A former federal transition official told Government Executive that GSA is currently having discussions over how to handle access to buildings and classified materials for his landing team members who have not been cleared. Under law, the official said, those individuals must be publicly disclosed and their ethics agreements posted in order to participate. Harris has already released her team’s ethics agreement as part of its White House memorandum of understanding.”

Public Briefing on Revisions to Space-Related Export Controls Under Export Administration Regulations and International Traffic in Arms Regulations. Federal Register BIS meeting notice. Summary: “On October 23, 2024, the Bureau of Industry and Security (BIS) published in the Federal Register related rules: a final rule, “Export Administration Regulations: Removal of License Requirements for Certain Spacecraft and Related Items for Australia, Canada, and the United Kingdom,” and an interim final rule, “Export Administration Regulations: Revisions to Space-Related Export Controls.” This document announces that, on November 6, 2024, BIS will host a public briefing on these rules. This document also provides details on the procedures for participating in the public briefing. Elsewhere in this issue of the Federal Register, BIS is publishing notification of the public briefing on related proposed rulemaking.”

Short Takes – 11-4-24

How the Brain Summons Deep Sleep to Speed Healing. ScientificAmerican.com article. Pull quote: “To understand the purpose of the extra sleep, the researchers repeatedly interrupted slow-wave sleep in mice that had had a heart attack. The team found that these mice had more inflammation in both the brain and the heart, and had a much worse prognosis than mice that were allowed to sleep undisturbed after a heart attack.”

People Overestimate Political Opponents’ Immorality. ScientificAmerican.com article. Pull quote: “Although this solution clearly cannot resolve all of our political divisions, it can still have powerful effects. Sometimes we need a reminder that they are like us. We may disagree on many issues, but underneath those disagreements lies a common moral sense: we all care deeply about protecting our friends, family and communities from harm. Talking about our core principles and values—many of which we have in common—before talking about issues that can easily turn contentious can help those conversations go better.”

This Black Fungus Might Be Healing Chernobyl By Drinking Radiation—A Biologist Explains. Forbes.com article. Pull quote: “This fungus has adapted to a level of radiation that would be lethal for most life forms. Even more fascinating is its ability to “feed” on this radiation, using it as a source of energy, similar to how plants use sunlight for photosynthesis.” There is a difference between using ‘radiation’ as an energy source and remediating the radioactive materials in the environment.

On whose authority? EPA asserts right to regulate DOT-governed activities. BultTransport.com article. Pull quote: “Instead, the violations all relate to Multistar’s “storage” of a hazardous chemical called trimethylamine (TMA) on its rail siding. The TMA was produced by Eastman Chemical Company, sold to Moses Lake Industries, and held in Eastman’s tank cars while awaiting delivery by truck to its final destination. The court mentions Multistar’s previous EPA compliance issues settled in 2005, 2016, 2019, and 2021; the amount of TMA held on Multistar’s rail siding; the length of time it was there; the lack of “motive power” attached to the tank cars; and the absence of shipping papers in justifying its decision. “The court once again rejects Multistar’s claim that the TMA was in transit while it was stored on Multistar’s rail siding,” the decision reads. “No facts support such a conclusion.”

Influential Attorneys Send a Message to Their Peers: No More Frivolous Election Lawsuits. USNews.com article. Pull quote: “The ABA’s letter came together in a manner of days, says Monte Frank, a member of the task force’s advisory commission and past president of the bar associations of Connecticut and New England. He says members were discussing ways that they could remind lawyers that they are “oath-bound protectors of the Constitution and rule of law and to not only uphold their ethical obligations, but to make efforts to ensure free and fair elections, which is a bedrock principle of our democracy.””

CISA Adds 2 IP Camera Vulnerabilities to KEV Catalog

Today, CISA added two new vulnerabilities to their Known Exploited Vulnerabilities (KEV) catalog. Both vulnerabilities are for PT30X-SDI/NDI Cameras from PTZOptics. The vulnerabilities were originally reported by Konstantin Lazarev of GreyNoise. PTZOptics has a new firmware version that mitigates the vulnerabilities. Federal agencies that own or operate these cameras have until November 25^th, 2024, to “Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.”

The two newly added vulnerabilities are:

• OS command injection - CVE-2024-8957, and

• Improper authentication - CVE-2024-8956

Note: Links above are for advisories published by VulnCheck.

An interesting side note: PTZOptics made the corrected version of the firmware available on September 17^th, 2024. The change log for v6.3.40 does not specifically identify these two vulnerabilities. Instead, it reports: “General Security Fixes.”

One final note: The two VulnCheck advisories reports that these vulnerabilities also affect: “Other white-label AV equipment based on ValueHD Corporation PTZ Camera Firmware”. This is not mentioned in the CISA KEV notice.

Short Takes – 11-4-24 – Space Geek Edition

Starship Flight 6 might come faster than previous launches. SpaceExplored.com article. Pull quote: “With both pieces of hardware nearing flight readiness, Flight 6 I would expect will be nearly the same as Flight 5 (with likely some changes to operations while in space) and could be ready for flight in December. All this is based on the fact that the company is already in the flight test campaign; an even sooner date could be possible. It is SpaceX, after all.”

NASA warns SpaceX over safety issues after astronaut hospitalization. PopSci.com article. Pull quote: “NASA is concerned SpaceX is prioritizing its mission schedule over safety after a recent ocean landing resulted in the brief hospitalizations of all four astronauts. Former astronaut Kent Rominger admonished the company during an October 31 meeting of the Aerospace Safety Advisory Panel, citing a list of recent problems involving both SpaceX’s Falcon 9 rocket and Dragon capsule.” Still nothing about why astronauts were taken to hospital.

Launch: The Fundamental Prerequisite for Space Superiority. AirAndSpaceForces.com article. Well thought out discussion. Pull quote: “With so many providers today, the state of U.S. launch appears solid. But the reality is far more complex. Launch is literally “rocket science.” Early failures in development are common, and catastrophic failures are always possible, potentially causing downstream ripple delays across multiple launch systems. Constant attention and investment are required to ensure the necessary levels of confidence, capacity, and cadence for U.S. space launch to deliver the on-orbit architecture the Space Force needs to deter conflict in the future—or win if deterrence fails.”

Watch Rocket Lab launch mystery mission early on Nov. 5. Space.com article. Pull quote: “"Changes in Latitudes, Changes in Attitudes" will be Rocket Lab's 12th launch of 2024 and 54th overall. All of these missions have been performed by the 59-foot-tall (18 meters) Electron, which is designed to give small satellites dedicated rides to Earth orbit or beyond. (An Electron launched NASA's CAPSTONE mission, which sent a cubesat to the moon.)”

Review – HR 8770 Introduced – Cybersecurity Clinic Grants

Back in June, Rep Veasey (D,TX) introduced HR 8770, the Cybersecurity Clinics Grant Program Act. The bill would require CISA to establish a new Cybersecurity Clinics Grant Program to provide “grants to fund university-based cybersecurity clinics”. The program would be administered by FEMA. The legislation would authorize “such sums as may be necessary to carry out the Program.”

Moving Forward

While Veasy is not a member of the House Homeland Security Committee to which this bill was assigned for consideration, one of his cosponsors {Rep Pfluger (R,TX)} is a member. This means that there may be sufficient influence to see the bill considered in Committee. There will be objections from a number of Republicans to the establishment of a new grant program, particularly a program that targets minority institutions. There still should be some level of bipartisan support for the bill, but it is not clear if that support would be sufficient to move the bill to the floor of the House under the suspension of the rules process.

 

For more details about the provisions of this bill, including a commentary on the scope of the term ‘cybersecurity’ used in the bill, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/hr-8770-introduced - subscription required.

UAVs for CBRN Sampling

There is an interesting article over at I-HLS.com that describes the operation of the US Army’s new Stryker Nuclear Biological Chemical Reconnaissance Vehicle. The article highlights the operational capabilities of the relatively new vehicle system (including the carried CBRN reconnaissance UAV), while neglecting the shortcomings that the Army identified in their testing program. Still the idea of using a drone for conducting rapid chemical and radiological surveillance is a worthwhile concept.

How many times have we seen news footage of ominous dark clouds from fires at chemical facilities while the same news reports quote regulatory officials claiming that groundside atmospheric monitoring detects ‘no chemicals of concern’. If those officials were able to sample within that very large cloud, they might provide a very different and more complete description of the downwind hazard.

Emergency response managers with a significant number of chemical facilities (or even just one or two with particularly noxious toxic chemicals on hand) might find it worthwhile to invest in such UAVs to be launched from Fire Department chemical response vehicles. This would allow first responders to have real-time data about the location and concentration of airborne chemicals during incidents.

Review – Public ICS Disclosures – Week of 10-25-24 – Part 2

For Part 2 this week we have nine additional vendor disclosures from Moxa, Palo Alto Networks, Philips (3), QNAP (2), Western Digital, and Zyxel. There are six vendor updates from FortiGuard, Hitachi Energy (4), and Moxa. We also have 12 researcher reports for vulnerabilities in products from FortiGuard and ABB (11).

Advisories

Moxa Advisory - Moxa published an advisory that discusses two vulnerabilities (both with publicly available exploits) in their Ethernet Switches.

Palo Alto Networks Advisory - Palo Alto Networks published an advisory that discusses 42 open-source software vulnerabilities.

Philips Advisory #1 - Philips published an advisory that discusses a missing authentication for critical function vulnerability.

Philips Advisory #2 - Philips published an advisory that discusses an SQL injection vulnerability.

Philips Advisory #3 - Philips published an advisory that discusses an improper neutralization of expression/command delimiters vulnerability.

QNAP Advisory #1 - QNAP published an advisory that describes an uncharacterized vulnerability in their HBS 3 Hybrid Backup Sync.

QNAP Advisory #2 - QNAP published an advisory that describes an uncharacterized vulnerability in their SMB Service.

Western Digital Advisory - Western Digital published a security update notice for their My Cloud products.

Zyxel Advisory - Zyxel published an advisory that describes an insufficiently protected credentials vulnerability in their USG FLEX H series firewalls.

Updates

FortiGuard Update - FortiGuard published an update for their Missing authentication in fgfmsd advisory that was originally published on October 23^rd, 2024, and most recently updated on October 28^th.

Hitachi Energy Update #1 - Hitachi Energy published an update for their FOXMAN-UN advisory that was originally published on June 11^th, 2024.

Hitachi Energy Update #2 - Hitachi Energy published an update for their UNEM advisory that was originally published on June 11^th, 2024.

Hitachi Energy Update #3 - Hitachi Energy published an update for their MSM product advisory that was originally published on January 30^th, 2024.

Hitachi Energy Update #4 - Hitachi Energy published an update for their MicroSCADA advisory that was originally published on August 27^th, 2024, and most recently updated on August 30^th, 2024.

Moxa Update - Moxa published an update for their Cellular Routers, Secure Routers, and Network Security Appliances advisory that was originally published on October 14^th, 2024 and most recently updated on October 15^th, 2024.

Researcher Reports

FortiGuard Report - Bishop Fox published a report on the missing authentication for critical function vulnerability (CVE-2024-47575) for FortiGuard’s FortiManager product.

ABB Reports - Zero Science published eleven reports about individual vulnerabilities (with publicly available exploits) in the ABB Cylon Aspect building energy management product.

 

For more information on these vulnerabilities, including links to 3rd party advisories, researcher reports, and exploits, as well as brief summaries of the changes made in updates, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-10-a32 - subscription required.