Saturday, June 10, 2023

CSB Releases New Safety Video for Husky Refinery Explosion and Fire – 6-9-23

Yesterday, the Chemical Safety Board announced the availability of their latest safety video. The YouTube video looks at their investigation of the Husky Energy Superior Refinery Explosion and Fire. As we have come to expect with CSB videos, the animation of the accident provides an excellent visual depiction of the steps leading up to the explosion and the subsequent fire. The discussion of the safety recommendations made in the CSB report was enhanced by the animation of relevant portions of the incident.

My only complaint about the new video is the overly dramatic 45 second introduction of the CSB seal at the start of the video. It had nothing to do with the incident, it was overly long, and it was way over-the-top for a safety video.

CRS Reports – Week of 6-3-23 – Trump Classified Info Indictment

This week the Congressional Research Service (CRS) published a report on “The Mar-a-Lago Indictment: A Legal Introduction”. The Report provides an overview of the legal issues in the charges involved in this week’s indictment of former President Trump. The topics discussed include:

• Summary of the charges,

18 USC 793,

• Presidential Control over Access to Classified Information and Materials, and

• The Special Master, Grand Juries, and Special Counsel

The report very carefully avoids looking at the political issues associated with indicting a former President or an active political candidate for President.

Chemical Incident Reporting – Week of 6-3-23

NOTE: See here for series background.

None of this week’s incidents are probably going to be considered CSB reportable, but they are all interesting for different reasons, so I am including them in this week’s report.

Lake Charles, LA – 6-4-23

Local news stories: Here, here, and here. Interesting video of the lightning strike.

Refinery storage tank fire, caused by lightning strike. No injuries.

Probably not a CSB reportable unless damage estimates are higher than expected.

Cambria County, PA – 6-5-23

Local news story: here.

Box-trailer rollover accident spills multiple chemicals. Chemicals reacting on roadside.

Not a CSB reportable since it is transportation incident. Interesting questions raised about transporting incompatible products in the same vehicle. This practice is not specifically prohibited by the hazardous materials regulations in the US. This might be a good incident for the NTSB to investigate to address the problem.

Three Rivers, TX 6-6-23

News story: here.

Leak of 10,000-kb of ‘volatile organic compounds’ into process cooling system.

Probably not a CSB reportable unless damage estimates are much higher than expected. This is an awful lot of product loss, even for an internal process leak, to not be detected by operators earlier.

Review – Public ICS Disclosures – Week of 6-3-23

This week we have 10 vendor disclosures from Broadcom, Fuji Electric, GE Gas Power, Johnson Controls, Moxa, Philips, VMware, WolfSSL, and Zyxel (2). We also have a vendor update from HPE. There are 17 researcher reports for products from Suprema (4), Control ID (5), and Connected IO (8). Finally, we have 2 exploits for products from Zyxel and Delta Electronics.

Advisories

Broadcom Advisory - Broadcom published an advisory that discusses an SQL injection vulnerability in multiple products.

Fuji Advisory - JP-CERT published an advisory that describes the eight vulnerabilities in multiple Fuji server products.

GE Advisory - GE published an advisory that discusses four vulnerabilities in their Control Server Virtual HMIs and ThickClient HMIs.

Moxa Advisory - Moxa published an advisory that describes a weak cryptographic algorithm vulnerability in the CN2600 Series terminal servers

Philips Advisory - Philips published an advisory that discusses the MoveIT SQL injection vulnerability.

VMware Advisory - VMware published an advisory that describes three vulnerabilities in their VMware Aria Operations for Networks product.

WolfSSL Advisory - WolfSSL published a change log for a new version of their SSL product that reports two vulnerabilities in the previous version that are being fixed in the new release.

Zyxel Advisory #1 - Zyxel published an advisory that describes a buffer overflow vulnerability in their 4G LTE and 5G NR outdoor routers.

Zyxel Advisory #2 - Zyxel published an advisory that describes a privilege escalation vulnerability in their GS1900 series switches.

Updates

HPE Update - HPE published an update for their Aruba OpenSSL advisory that was originally published on February 15th, 2023 and most recently updated on May 22nd, 2023.

Researcher Reports

Suprmema Reports - Claroty published four reports about individual vulnerabilities in the Suprema BioStar security platform.

Control ID Reports - Claroty published five reports about individual vulnerabilities in the Control ID iDSecure product.

Connected IO Reports #1-4 - Claroty published four reports about individual vulnerabilities in the Control IO ER2000 edge router.

Connected IO Reports #5-8 - Claroty published four reports about individual vulnerabilities in the Control IO IDSecure product.

Exploits

Zyxel Exploit - Sf published a Metasploit module for a command injection vulnerability in the Zyxel firewalls.

Delta Exploit - Shelby Pace published a Metasploit module for a deserialization of untrusted data vulnerability in the Delta InfraSuite Device Master.

 

For more details about these disclosures, including links to researcher reports, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-6-f21 - subscription required.

Bills Introduced – 6-9-23

Yesterday, with the House meeting in pro forma session, there were 74 bills introduced. Three of those bills may receive additional coverage in this blog:

HR 3935 To amend title 49, United States Code, to reauthorize and improve the Federal Aviation Administration and other civil aviation programs, and for other purposes. Graves, Sam [Rep.-R-MO-6]

HR 3960 To encourage the use of hydrogen in the aviation sector, and for other purposes. DelBene, Suzan K. [Rep.-D-WA-1]

HR 3969 To provide for a rulemaking on operation of unmanned aircraft beyond visual line of sight, and for other purposes. Graves, Garret [Rep.-R-LA-6]

I will be covering HR 3935 and HR 3960.

I will be watching HR 3969 for language and definitions that would provide restrictions for the operation of UAS over critical infrastructure facilities.

Friday, June 9, 2023

Short Takes – 6-9-23

Barracuda Urges Replacing — Not Patching — Its Email Security Gateways. KrebsOnSecurity.com article. Pull quote: ““One of the goals of malware is to be hard to remove, and this suggests the malware compromised the firmware itself to make it really hard to remove and really stealthy,” Weaver said. “That’s not a ransomware actor, that’s a state actor. Why? Because a ransomware actor doesn’t care about that level of access. They don’t need it. If they’re going for data extortion, it’s more like a smash-and-grab. If they’re going for data ransoming, they’re encrypting the data itself — not the machines.””

On the tee, from Washington: Bipartisan anger over Saudi golf mega-deal. Politico.com article. Pull quote: “Some lawmakers are calling for congressional investigations. Others are looking to the Justice Department and other federal regulators to first explore the case for blocking the move on antitrust grounds. Only after regulators act, they say, is there likely to be appetite for Congress to enter the picture — even as a majority of its members are openly wary of the deal.”

Republicans buckle down for what could be marathon blockade. TheHill.com article. Pull quote: ““Let’s face it, when we pass things around here that are messaging bills that don’t do anything, is it really a loss that we’re not passing anything?” Perry said. “And when we do pass things around here that actually hurt the American people, is it a loss that we’re not doing any of that?””

El Niño officially arrives early: What it means for 2023 weather. TheHill.com article. Pull quote: “This year’s El Niño has shown up ahead of the typical schedule. In the past decade, El Niños have started in late summer or early fall. Its early appearance “gives it room to grow,” Climate Prediction Center meteorologist Michelle L’Heureux, told the Associated Press.”

Supreme Court Rejects Voting Map That Diluted Black Voters’ Power. NYTimes.com article. Pull quote: “Chief Justice John G. Roberts Jr., who has often voted to restrict voting rights and is generally skeptical of race-conscious decision making by the government, wrote the majority opinion in the 5-to-4 ruling, stunning election-law experts. In agreeing that race may play a role in redistricting, the chief justice was joined by Justice Brett M. Kavanaugh and the court’s three liberal members, Justices Sonia Sotomayor, Elena Kagan and Ketanji Brown Jackson.”

Watch out Ukraine, here comes the Hungaro-Austrian Empire. Politico.com article. Pull quote: “Austria isn’t the only country in the region susceptible to Orbánism. Neighboring Slovakia is also teetering on the brink of a populist revival. The pro-Russian Smer-SD — whose leader, former Prime Minister Robert Fico, was forced out of office in 2018 amid a wave of popular protests triggered by the brutal murder of an investigative reporter and his fiancée — is leading the polls ahead of a snap election set for September. Fico has vowed to end Slovakia’s military support for neighboring Ukraine, if elected.”

S 1632 Introduced – Foreign Cylinder Regulation

Last month, Sen Vance (R,OH) introduced S 1632, the Compressed Gas Cylinder Safety and Oversight Improvements Act of 2023. The bill would require DOT to establish additional regulations relating to the approval of foreign manufacturers of cylinders used in the transport of hazardous chemicals. There is no new spending authorized by this legislation.

This bill is virtually identical to HR 3404 that was introduced on the same day. This is not technically a companion measure since there is one difference between the two bills. In the discussion about authorizing overseas inspection on page 8, line 23, the Senate version corrects the CFR reference that I noted was wrong [subscription required] in the House version.

Moving Forward

Vance and two of his cosponsors {Sen Baldwin (D,WI) and Sen Budd (R,SC)} are member of the Senate Commerce, Science, and Transportation Committee to which this bill was assigned for consideration. This means that there may be sufficient influence to see this bill considered in Committee. As I commented in my post on HR 3404, I suspect that there may be some opposition in the chemical industry to the provisions of this bill, but I do not believe they would be sufficient to stop the bill passing in Committee. They would certainly be sufficient, however, to stop the bill from being considered under the Senate’s unanimous consent process, since this bill is not ‘important’ enough to take-up the Senate’s time under regular order.

 

For more details about the provisions of this bill, see my discussion of HR 3404 at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/hr-3404-introduced - subscription required.

 
/* Use this with templates/template-twocol.html */