Short Takes – 4-8-25

Kakhovka dam attack exposed ‘toxic time bomb’ of heavy metal pollution. ChemistryWorld.com article. Pull quote: “In addition, they revealed that before the dam collapsed, large quantities of pollutants from industrial and agricultural sources – including heavy metals, nitrogen and phosphorus – had accumulated in a thick layer of sediment settled on the bottom of the reservoir.” While Soviet era industrialization greatly contributed to this pollution, it would probably be found in similar circumstances in most industrial countries.

Noem offers buyouts to DHS workers. EENews.net article. Not behind their normal paywall. Pull quote: “DHS employees are being offered three separation options that other federal employees have received under Trump: a cash incentive to retire early or to quit, or a deferred resignation with a brief period of paid administrative leave.”

RFK Jr.’s Measles Message Is Too Little, Too Late. Bloomberg.com commentary. Pull quote: “The direct, albeit brief acknowledgment of the value of the MMR vaccine — made in an X post over the weekend — seemed significant, for a few hours at least. Kennedy, however, muddled the message with a second post praising “two extraordinary healers … who have treated and healed some 300 measles-stricken Mennonite children using aerosolized budesonide and clarithromycin.””

Growing opposition from House conservatives threatens to derail Trump’s agenda. TheHill.com article. Pull quote: ““From budget gimmicks to a pathetic $4B in spending cuts, the Senate’s budget resolution is a non-starter,” Rep. Andrew Clyde (R-Ga.) wrote on the social platform X over the weekend. “We need to be serious about delivering on President Trump’s America First agenda in a FISCALLY RESPONSIBLE manner. If this comes to the floor in its current form, I’m a NO.””

Redwire and ispace U.S. to collaborate on lunar missions. SpaceNews.com article. Pull quote: “He [Ron Garan, chairman of ispace U.S] argued that, so far, NASA has been the only entity large enough to be an anchor customer for a lunar lander mission. “We are seeing demand signals that this might be changing and that we might be able to have truly commercial missions,” he said, including those interested in lunar resources like rare earth elements and helium-3.”

Astroscale U.S. to refuel two Space Force spacecraft on 2026 mission. SpaceNews.com article. Pull quote: “After fueling Tetra-5 [in GEO orbit], APS-R will undock and move a safe distance away, then use a hyperspectral sensor to observe Tetra-5 for a leak check. APS-R will go to an Orbit Fab depot to refuel itself, then travel to a second, unidentified spacecraft for another refueling operation.”

Review – S 663 Introduced – cUAS Deputies

Back in February Sen Cotton (R,AR) introduced S 663, the Disabling Enemy Flight Entry and Neutralizing Suspect Equipment (DEFENSE) Act. The bill would amend 6 USC 124n to specifically expand the limited counter UAS authority to certain stadium security events. No new funding would be authorized.

Moving Forward

Neither Cotton, nor his sole cosponsor {Rep Rosen (D,NV)} are member of the Senate Homeland Security Committee to which this bill was assigned for consideration. This means that there is probably not enough influence to see this bill considered in Committee. The Committee is having a hard enough time to reauthorize §124n which has been surviving on spending bill extensions (the latest in §3102 of PL 119-4 until September 30^th, 2025)since the section authority expired on October 5^th, 2022, so I doubt that this extension of the scope of the authority would be taken up as a stand alone measure.

 

For more information on the provisions of this bill, including a commentary of the confusing list requirements of subsection (m)(4), see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/s-663-introduced - subscription required.

Review – Chemical Security Inspector Reduction in Force – Part 3

Yesterday I published a guest post over on my CFSN Detailed Analysis blog by a CISA Chemical Security Inspector about the role of the CSI in the Chemical Facility Anti-Terrorism Standards (CFATS) program and their pending abolition in the current restructuring of the Cybersecurity and Infrastructure Security Agency. I thought that that letter was important enough that it should stand on its own before I added my two cents worth.

First, I want to clear up a mistake on my part in the introduction of yesterday’s post. I stated that the post was written by CSI that had “recently received their reduction in force notification.” What they had received from CISA was an advanced notice about the reorganization of CISA that has been described elsewhere. The actual RIF notices have not yet been sent out. What they were told was that the CSI were no longer required. About the only thing that can stop that is action by Congress, which is, unfortunately, unlikely to happen.

The bulk of my comments on that guest post are going to be published on CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/chemical-security-inspector-reduction-faa - again as a free-to-all post.

Moving Forward

In the face of the mass layoffs at so many federal agencies, many would ask why I would take up the case of these eighty or so CSI that are most probably facing their own layoffs. The simple answer is that I have been advocating for them and their compatriots for the last 16 years or so and I am not going to stop now. More importantly, I have a solid understanding of what CISA and DHS are going to lose if these CSI are going to be let go. This is a valuable resource that CISA will eventually deeply regret losing.

Short Takes – 4-8-25 – Space Geek Edition

Boeing’s bet: supercharge satellite production. SpaceNews.com interview. Pull quote: “At Millennium, with orders coming in, we’re ramping up capability. And at Spectrolab, [another Boeing subsidiary] we’re investing in automation and increased capacity because we see the demand. Spectrolab had one of their best years ever last year.”

Axiom Space to launch orbital data centers on Kepler satellites. SpaceNews.com article. Pull quote: “Those future [data center] facilities won’t be identical to Axiom’s planned space station. “Data centers don’t need life support and don’t need to be human rated,” he said. “So, they will be a bit simpler, but the foundational building blocks of large-scale infrastructure are common and modular between space stations and orbital data centers.””

Aitech unveils IQSat, a picosatellite for AI applications. SpaceNews.com article. Pull quote: “Aitech has been contacted by customers interested in IQSat for military space, scientific and commercial applications. A proposed commercial application for the one-kilogram satellite bus is monitoring temperature, radiation, micrometeorite impacts and material degradation of space habitats, Shah said.”

Satellite jamming is a real and growing threat. How can we protect our space infrastructure? Space.com article. Pull quote: “Since then [April 2024], eight European countries, including Estonia, Latvia, Lithuania, Poland, Ukraine, Finland and France, filed complaints to the ITU against Russia's interference with European satellite communications systems.”

How rare are inhabited worlds in the universe? The 'LIFE' space telescope fleet could find out. Space.com article. Pull quote: “If LIFE detects no biosignatures on its sample of planets, it cannot conclude that there is no life anywhere, but it can place a maximum limit on how many planets in the galaxy do have life. And, as the sample size increases, if there continues to be no detection, then that maximum number would decrease further. In other words, LIFE could tell us whether inhabited planets are rare or not.”

Space policy: The Moon and Mars simultaneously. TheSpaceReview.com article. Pull quote: “If Congress decides to delay Mars and go to the Moon first, it will be irrelevant because that won’t change SpaceX’s mind, and it is unlikely that government space policy will prevent SpaceX from getting a launch license. In other words, the decisionmakers in DC will be faced with an interesting decision. Will America stand to the side while SpaceX (in partnership with other countries) goes to Mars, or should NASA partner with SpaceX and hence play a role among the nations in this very historic moment? There are few things that the two sides of the aisle agree upon in Washington. But one thing that they agree upon is that our space program is to demonstrate American leadership on the world stage. So, I cannot imagine NASA failing to partner with SpaceX for Mars.”

Reader Comment – CVI and DOGE

Last night Carbon Unit left a comment on my Substack Notes announcement about my recent “Chemical Security Inspector Reduction in Force” post on Substack. The comment objected to the characterization of the DOGE access to Chemical Terrorism Vulnerability Information (CVI), noting that:

“The USDS team has been vetted and has already covered far more sensitive data than this.”

As I noted in my reply to that comment, CVI information in possession by CISA includes security plans for the 3,000+ chemical facilities that were covered by the CFATS program at the time of the program’s termination in July 2023. That is some of the most sensitive information not covered by national security classified information program in the possession of the government. In fact, according to 6 USC 623(d):

 

“In any proceeding to enforce this section, vulnerability assessments, site security plans, and other information submitted to or obtained by the Secretary under this subchapter, and related vulnerability or security information, shall be treated as if the information were classified information.”

 

Additionally, the chemical inventory data on the 300 most sensitive chemicals (from a weaponization point of view) submitted under the CFATS’ Top Screen program on over 45,000 facilities is also held on those same CVI servers.

 

While the DOGE team members may have been vetted (I am not sure what vetting process has been used, but from public reporting it does not meet the access requirements outlined for CVI access, because of the training requirements) that does not mean that they have the ‘need to know’ the facility chemical security information held by CISA.

 

CISA and the employees working in and around the CFATS program took the CVI program very seriously. Unauthorized access, and certainly unneeded access, to that information would be expected to offend the sensibilities of those employees. More importantly, it would strike fear in the facilities that provided that information to CISA in the understanding that the information would be closely held and protected by CISA.

Review - Bills Introduced – 4-8-25

Yesterday, with both the House and Senate in session, there were 61 bills introduced. Two of those bills may receive additional coverage in this blog:

HR 2659 To ensure the security and integrity of United States critical infrastructure by establishing an interagency task force and requiring a comprehensive report on the targeting of United States critical infrastructure by People's Republic of China state-sponsored cyber actors, and for other purposes. Ogles, Andrew [Rep.-R-TN-5]

HR 2683 To provide for control of remote access of items under the Export Control Reform Act of 2018. Lawler, Michael [Rep.-R-NY-17] 

 

For more information on these bills, including legislative history for similar bills in the 118^th, as well as a discussion about two bills in passing, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/bills-introduced-4-8-25 - subscription required.

Short Takes – 4-7-25

Kennedy Attends Funeral of Texas Girl Who Died of Measles. NYTimes.com article (free). 2^nd death of a child in the Texas outbreak. Pull quote: “Experts also fear that the Trump administration’s recent decisions to dismantle international public health safeguards and to pull funding from local health departments have made large, multistate outbreaks more likely.”

California town reports third fatality related to rare virus linked to death of Gene Hackman’s wife. TheHill.com article. Pull quote: “One person had been vacuuming “in one or more areas where investigators later found mouse droppings,” the department noted, adding that vacuuming “can aerosolize the virus through the air and lead to infection.” I knew vacuuming was bad for you…. (SIGH).

Space has a communications problem. SpaceNews.com commentary. Pull quote: “Space operators are doing hugely valuable and genuinely captivating things — increasing food security, reducing harm caused by wildfires and floods, bringing education and healthcare to remote, impoverished communities and allowing us to sleep soundly in our beds by protecting us from our enemies all the way from orbit. It seems a crying shame that this isn’t more widely known or understood.”

CISA to make comprehensive staff cuts in coming days, people familiar say. NextGov.com article. Pull quote: “The same source added that there are no plans on the administration’s part to provide funding to the private sector to help fill gaps left behind by the reduction of government workers within the agency. CISA is tasked with defending over a dozen critical infrastructure sectors defined by the U.S. government, which include transportation networks, nuclear reactors, election systems and government facilities.”

Chemical Security Inspector Reduction in Force – Part 2

I published a non-paywalled article over on CFSN Detailed Analysis, it is a long-form letter from a CISA Chemical Security Inspector that was better suited to that format. Please, go and read it there.

Review – Committee Hearings – Week of 4-6-25

With both the House and Senate in Washington there is a relatively normal level of Committee hearings scheduled for this week. In the House we have a biotechnology hearing and two markup hearings of potential interest here. In the Senate we have a space geek hearing and a look at daylight savings time (okay not a topic here, but interesting none-the-less).

Biotechnology Report

On Tuesday, the Subcommittee on Cyber, Information Technologies, and Innovation of the House Armed Services Committee will hold a hearing on “Final Report of the National Security Commission for Emerging Biotechnology”.

Markup Hearings

On Wednesday, the House Foreign Affairs Committee will hold a business meeting that will consider eight bills, including an as of yet unintroduced “To provide for control of remote access of items under the Export Control Reform Act of 2018.”

On Wednesday, the House Homeland Security Committee will hold a business meeting that will consider twelve bills, including an as of yet unintroduced “Strengthening Cyber Resilience Against State-Sponsored Threats Act”.

Space Geek Hearings

On Wednesday, the Commerce, Science, and Transportation Committee will hold a nomination hearing with testimony from Jared Isaacman who is being considered for the position of Administrator of the National Aeronautics and Space Administration.

 

For more information on these hearings, including a brief commentary of House floor actions this week, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/committee-hearings-week-of-4-6-25 - subscription required.

CSI RIF

I got my first report today that the Chemical Security Inspectors (CSI) are now in the reduction in force spotlight. Apparently, letters started going out Friday letting CSI know that their services were no longer needed by the federal government. While the overall numbers are not as large as those being seen at some other agencies (the maximum staffing was about 160 individuals) these are folks that were providing key support for the expired Chemical Facility Anti-Terrorism Standards (CFATS) and the newer ChemLock program. That provides a special connection to me and most of the readers of this blog.

These individuals have a unique skill set that for the most part has been developed in the field over the 15+ years that the CFATS program was in force. They have an unusual appreciation for the peculiar security needs of a wide range of chemical facilities, from chemical refineries to small chemical warehousing operations, from research facilities to farm supply stores. They have seen what works and what does not. Hopefully all will be able to quickly find work advising industry on chemical security matters. NOTE: If you have openings, please let me know, I will add them to my daily ‘Short Takes.’ post.

At this point, I do not know how deep the reduction in force is for CSI. The ChemLock program does not need near as many CSI as did the CFATS program. And I am not sure that ChemLock will survive the CISA restructuring, since that program was never specifically authorized by Congress. Since the CSI were not technically a part of the CFATS program (they worked for the CISA regional offices instead of CFATS office). I had hoped that CISA would realize that their unique training would act as a valuable supplement to the similarly small number of Protective Security Advisors (PSA) and Cyber Security Advisors (CSA) that have been on the road providing security support to critical infrastructure organizations.

At this point I wonder what would have happened if Kelly Murray had spent as much time trying to get ChemLock authorized as she did trying to get CFATS reinstated. It was obvious to me early on that the opposition of Rand Paul was not something that was going to be overcome by industry pressure; he is a true believer that knows when he is right and is not likely to change his mind. Kelly gave her all to put as much pressure as she could, but it was never going to be enough. To be fair, that may not have been her decision to make, but it was her face and voice that will be remembered. 

Review – Public ICS Disclosures – Week of 3-29-25 – Part 2

For Part 2 we have five additional vendor disclosures from Moxa (2), Splunk (2), and VMware. We also have three vendor updates from FortiGuard, HP, and Palo Alto Networks. There are eight researcher reports for vulnerabilities in products from STMicroelectronics (4) and BEC Technologies (4). Finally we have five exploits for products from Broadcom, Microchip (2), Palo Alto Networks, and Splunk.

Advisories

Moxa Advisory #1 - Moxa published an advisory that describes an OS command injection vulnerability in their Secure Routers, Cellular Routers, Network Security Appliances.

Moxa Advisory #2 - Moxa has new firmware versions for most of the affected products.

Splunk Advisory #1 - Splunk published an advisory that discusses three vulnerabilities in their UniversalForwarder Docker product.

Splunk Advisory #2 - Splunk published an advisory that discusses three vulnerabilities in their Splunk Docker product.

VMware Advisory - Broadcom published an advisory that describes an improper privilege management vulnerability in the VMware Aria Operations product.

Updates

FortiGuard Update - FortiGuard published an update for their Authentication bypass in Node.js advisory that was originally published on January 14^th, 2025, and most recently updated on February 11^th, 2025.

HP Update - HP published an update for their Intel 2024.3 IPU – Chipset advisory that was originally published on October 24^th, 2024.

Palo Alto Networks Update - Palo Alto Networks published an update for their GlobalProtect App advisory that was originally published on March 12^th, 2025, and most recently updated on March 13^th, 2025.

Researcher Reports

STMicroelectronics Reports - Cisco Talos published four reports (including proof-of-concept code) about seven vulnerabilities in the STMicroelectronics X-CUBE-AZRTOS-F7 product.

BEC Technologies Reports - ZDI published four reports about individual vulnerabilities in the BEC Technologies Routers. ZDI reported the vulnerabilities to the vendor but has received no response.

Exploits

Broadcom Exploit - Pierre Kim published an exploit for ten vulnerabilities in the Broadcom Brocade Fabric OS.

Microchip Exploit #1 - Antonio Carriero (et al) published an exploit for an OS command injection vulnerability in the Microchip TimeProvider 4100 Grandmaster product.

Microchip Exploit #2 - Antonio Carriero (et al) published an exploit for a cross-site scripting vulnerability in the Microchip TimeProvider 4100 Grandmaster product.

Palo Alto Networks Exploit - Pierre Kim published an exploit for three deep packet inspection vulnerabilities in the Palo Alto Networks firewalls.

Splunk Exploit - Gunzf0x published an exploit for a path traversal vulnerability in the Splunk Enterprise on Windows product.

 

For more information on these disclosures, including links to researcher reports, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-3-9a7 - subscription required.

Short Takes – 4-5-25

Is The U.S. About To Go To War With Iran? TWZ.com article. I have never heard of TWZ.com before, but this is an interesting thought piece. Pull quote: “The price of oil could (and likely would) skyrocket, which would affect domestic economics and, as a result, politics back home in the United States, as well as around the globe. Such a shock could send markets tumbling, especially if the military action quickly expands into a protracted conflict. If oil exports from the region are significantly reduced for a prolonged period of time, it could trigger rising tensions and aggression elsewhere. It would also help Russian President Vladimir Putin fund his war in Ukraine, and it could have major humanitarian impacts in poorer countries around the globe.”

‘Real danger in this moment’ for America’s research enterprise. ChemistryWorld.com article. Pull quote: “Meanwhile, there are growing concerns that US-born scientists might leave their country. Amidst the current turmoil, initiatives aimed at recruiting chemists and other researchers from the US are popping up all over Europe and beyond. The Trump administration may believe that they’re strengthening the US, but all they’re really doing is setting the country on a path that will drain it of its best and brightest.”

Cybersecurity Firm Hacks Ransomware Group. I-HLS.com article. Pull quote: “The flaw, a Local File Include (LFI) vulnerability, was discovered on BlackLock’s dark web data leak platform, where the group posted the stolen data of its victims. By exploiting this weakness, Resecurity’s HUNTER team was able to dive deep into the gang’s infrastructure, uncovering sensitive server configurations, login details, and even detailed logs showing the group’s every move. The intelligence they gathered revealed not just what BlackLock had done but what they were planning next — and it gave Resecurity the chance to alert authorities, stopping some of the gang’s most destructive attacks in their tracks.”

Kids infected with measles face long-term health consequences. Vaccines can prevent all of them. LiveScience.com article. Pull quote: “The nightmarish effect of this long-term persistence (of the measles virus in the nervous system) is a condition called subacute sclerosing panencephalitis (SSPE). This is a progressive neurological disorder that might start with mood changes and muscle tremors; then, as it progresses, the person starts losing speech, vision and hearing. After about two years, the person falls into a coma and dies.”

SpaceX Astronauts Splash Down Off California Coast for the First Time. NYTimes.com article.  Pull quote: “First, the trunk would be jettisoned later in the return journey, after the spacecraft had fired its thrusters to drop out of orbit. That enables aiming of the debris, and the Pacific Ocean provides a large, unpopulated expanse of water where the debris will not pose a danger to people.”

SpinLaunch—yes, the centrifuge rocket company—is making a hard pivot to satellites. ArsTechnica.com article. Pull quote: “"It was quite natural for us," Wrenn said. "We were thinking about how you build satellites for SpinLaunch and how you could deploy and maintain satellites with SpinLaunch. How do you build very high-performing satellites and small form factors?"

Extreme magnetic fields near our galaxy's black hole are preventing stars from being born, JWST discovers. Space.com article. Pull quote: “These magnetic forces may be strong enough to counteract the typical gravitational star-forming collapse of molecular clouds, instead confining material into dense filaments seen in the JWST images, which helps explain why Sgr C is forming fewer stars than expected, according to the two new papers.”

SpaceX fires up used Super Heavy booster ahead of 9th Starship test flight (photos, videos). Space.com article. Pull quote: “None of Starship's eight test missions to date have reused a Super Heavy or a Ship upper stage, so Flight 9 will be groundbreaking. SpaceX has not yet announced a target launch date for the mission.”

Early look at hurricane season predicts over a dozen named storms. But El Niño could change things. Edition.CNN.com article. Pull quote: “This year’s outlook isn’t quite as bullish as last year’s spot-on prediction of 11 hurricanes, but it is significant. The [CSU] forecast of nine hurricanes is tied for the second-highest amount predicted in the 30 years the team has issued long-range hurricane forecasts in April.”

A busy hurricane season is expected. Here’s how it will be different from the last. WashingtonPost.com article (free). Pull quote: “But conditions this year have leveled out, while still remaining historically warm as a product of human-caused global warming. Across a strip of the Atlantic known as the main development region for tropical cyclones, stretching from the coast of western Africa to the Caribbean Sea, sea surface temperatures were the eighth-warmest on record in March.”

Review – HR 1386 Introduced – State Department cUAS Authority

Back in February Rep Mills (R,FL) introduced HR 1386, the Department of State domestic protection mission. The bill would allow the Secretary of State may take, such actions that are necessary to mitigate a credible threat that an unmanned aircraft system or unmanned aircraft poses to the safety or security of a covered facility or asset. No new funding is authorized by this legislation.

The bill is similar to HR 7586 that was introduced by Mills in March of 2024. The House Foreign Affairs Committee held a business meeting on May 16^th, 2024 that included consideration of that bill. As part of an en bloc consideration of eleven bills, HR 7586 was ordered reported favorably by a vote of 37 to 2. No report was published. Interestingly, that bill was mentioned in a Congressional Research Service report on UAS restrictions and protections.

Moving Forward

Mills and both of his cosponsors {Rep Lawler (R,NY), Rep McCaul (R,TX)} are members of the House Foreign Affairs Committee to which this bill was assigned for primary consideration. This means that there should be sufficient influence to see the bill considered in Committee. As in the 118^th session, I suspect that there would be broad bipartisan support for this bill in the Foreign Affairs Committee. The question becomes if there would be similar support in the three other committees to which this bill was assigned “for consideration of such provisions as fall within the jurisdiction of the committee concerned.” See the Commentary below for a more detailed explanation. I do not see such support forthcoming from any of the three ‘other’ committee chairs.

Commentary

The main concern in those three other committees (Transportation, Judiciary, and Energy and Commerce) would be the blanket exception {“Notwithstanding section 46502 of title 49, United States Code, sections 32, 1030, 1367, and chapters 119 and 206 of title 18, United States Code, or section 705 of the Communications Act of 1934” in §1(a)} to a number of existing statutes under purview of those committees. Under House rules, any of those three committee chairs could veto bringing this bill to the floor for consideration.

Before there is any chance of comprehensive counter UAS legislation passing into law, someone is going to have to come up with specific language to address the limits of the exceptions to those statutes listed in §1(a).

 

For more information on the provisions of this bill, including expanded commentary, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/hr-1386-introduced - subscription required.

Review – Public ICS Disclosures – Week of 3-29-25 – Part 1

This week we have 18 vendor disclosures from Honeywell (3), HP, HPE, Inaba Denki Sangyo (2), JTEKT (2), Meinberg, PcVue, Philips (3), and SEL (4).

Advisories

Honeywell Advisory #1 - Honeywell published an end-of-life notice for their PWLP Mercury Series 3/LP Series Intelligent Controllers.

Honeywell Advisory #2 - Honeywell published an end-of-life notice for their 30 Series 5MP Fisheye Camera.

Honeywell Advisory #3 - Honeywell published an end-of-life notice for their VMS R670 & R700 / NVR6.7 & R7.0.

HP Advisory - HP published an advisory that discusses three vulnerabilities in multiple HP products.

HPE Advisory - HPE published an advisory that describes two vulnerabilities (one with publicly available exploit) in their Aruba Networking Virtual Intranet Access (VIA) Client.

IDS Advisory - JP-CERT published an advisory that describes eight vulnerabilities in the IDS Wi-Fi AP UNIT 'AC-WPS-11ac series'.

JTEKT Advisory #1 - JTEKT published an advisory that describes six vulnerabilities in their HMI View Jet C-more series.

JTEKT Advisory #2 - JTEKT published an advisory that describes two vulnerabilities in their HMI GC-A2 series.

Meinberg Advisory - Meinberg published an advisory that discusses five vulnerabilities in their Lantime product.

PcVue Advisory - PcVue published an advisory that discusses a NULL pointer dereference vulnerability in their IEC 61850 client driver and the ICCP client add-on in PcVue.

Philips Advisory #1 - Philips published an advisory that discusses an authorization bypass (CVE-2025-29927) that affects Next.js.

Philips Advisory #2 - Philips published an advisory that discusses a Chromium sandbox escape vulnerability that is listed in the CISA Known Exploited Vulnerabilities catalog.

Philips Advisory #3 - Philips published an advisory that discusses a recent Oracle Health data breach.

SEL Advisory #1 - SEL published a software update notice that reports cybersecurity upgrades in their SEL-5052 Server Software.

SEL Advisory #2 - SEL published a software update notice that reports cybersecurity upgrades in their SEL Compass product.

SEL Advisory #3 - SEL published a software update notice that reports cybersecurity upgrades in their SEL-5030 acSELerator QuickSet Software.

SEL Advisory #4 - SEL published a software update notice that reports cybersecurity upgrades in their SEL-5033 acSELerator RTAC Software.

 

For more information on these disclosures, including links to 3^rd party advisories, researcher reports, and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-3-81f - subscription required.

Short Takes – 4-4-25

National Security Agency and Cyber Command chief Gen. Timothy Haugh ousted. WashingtonPost.com article (free). Pull quote: “The named acting NSA director is Lt. Gen. William J. Hartmann, who was the Cyber Command deputy, one of the officials said. Sheila Thomas, who was the executive director at the NSA, was named acting deputy, the official said.” Very little information in the story, but I suppose that is to be expected with the NSA.

House Republicans bash Senate’s Trump agenda blueprint: ‘This is offensive’. TheHill.com article. Pull quote: “Lending Johnson a boost, Florida voters on Tuesday sent two Republicans to the House, filling empty seats vacated by GOP lawmakers following November’s elections. The development gives GOP leaders a slightly larger cushion, and the Speaker said he was “elated” after swearing in the new pair on Wednesday.”

Significant New Use Rules on Certain Chemical Substances (24-4.5e). Federal Register, EPA notice of proposed rulemaking. Summary: “EPA is proposing significant new use rules (SNURs) under the Toxic Substances Control Act (TSCA) for certain chemical substances that were the subject of premanufacture notices (PMNs) and are also subject to an Order issued by EPA pursuant to TSCA. The SNURs require persons who intend to manufacture (defined by statute to include import) or process any of these chemical substances for an activity that is proposed as a significant new use by this rulemaking to notify EPA at least 90 days before commencing that activity. The required notification initiates EPA's evaluation of the conditions of that use for that chemical substance. In addition, the manufacture or processing for the significant new use may not commence until EPA has conducted a review of the required notification, made an appropriate determination regarding that notification, and taken such actions as required by that determination.” Comments due May 5^th, 2025.

Shingles is awful, but here’s another reason to get vaccinated: It may fight dementia. APNews.com article. Pull quote: “Stanford’s Geldsetzer took advantage of “a natural experiment” in Wales, which opened shingles vaccinations with an age limit: anyone 80 or older on Sept. 1, 2013, was ineligible but those still 79 could squeeze in. Comparing seniors who just met or just missed that cutoff would mimic a research study that randomly assigned otherwise similar people to be vaccinated or not.”

Review - HR 1258 Introduced – Contractor VDP

Back in February Rep Lieu (D,CA) introduced HR 1258, the Improving Contractor Cybersecurity Act. The bill would require federal contractors to have a vulnerability disclosure program (VDP). No new funding is provided.

The bill is essentially the same as HR 5310 that was introduced by Liew in August, 2023. No action was taken on that bill in the 118^th Congress.

The bill would amend Chapter 47, of division C, of subtitle I, of 41 USC, adding a new §4715, Vulnerability disclosure policy and program required.

Moving Forward

Lieu is not a member of the House Oversight and Government Reform Committee to which this bill was assigned for consideration. This means that there is probably not sufficient influence for the bill to be considered in Committee, the same problem that Lieu had with HR 5310 in the 118^th Congress. I suspect that there would be some Republicans that would oppose this bill as an unneeded, and potentially expensive, requirement for federal contractors. While there may possibly be sufficient bipartisan support for this bill to pass in Committee, I am not sure that there would be the necessary leadership interest to see this bill move forward.

Commentary

While the definition of ‘information technology’ used in this bill is broadly enough written to include control systems and operational technologies, there is an interesting shortcoming; it only applies to “the equipment [that] is used by the executive agency directly or is used by a contractor under a contract with the executive agency that requires the use” of the equipment. It specifically excludes any equipment acquired by a federal contractor incidental to a federal contract.” Thus, devices networked to ‘federally required equipment’ need not be included in the required VDP.

 

For more information on the provisions of this bill, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/hr-1258-introduced - subscription required.

Transportation Chemical Incidents – Week of 3-1-25

Reporting Background

See this post for explanation, with the most recent update here (removed from paywall).

Data from PHMSA’s online database of transportation related chemical incidents that have been reported to the agency.

Incidents Summary

• Number of incidents – 390 (359 highway, 27 air, 4 rail, 0 water)

• Serious incidents – 0 (0 Bulk release, 0 evacuation, 0 injury, 0 death, 0 major artery closed, 0 fire/explosion, 24 no release)

• Largest container involved – 30,420-gal DOT 117J100W Railcar {Alcohols, N.O.S.} 4 loose manway swing bolts.

• Largest amount spilled – 115-gal Plastic totebin {Corrosive Liquid, Acidic, Inorganic, N.O.S.} Forklift puncture. Detailed incident response reporting.

NOTE: Links above are to Form 5800.1 for the described incidents.

Most Interesting Chemical: Toluene - A clear colorless liquid with a characteristic aromatic odor. Flash point 40°F. Less dense than water (7.2 lb / gal) and insoluble in water. Hence floats on water. Vapors heavier than air. May be toxic by inhalation, ingestion or skin contact. Used in aviation and automotive fuels, as a solvent, and to make other chemicals. (Source: CameoChemicals.NOAA.gov).

 

Short Takes – 4-3-25

Watch live plant cells build their cell walls. ScienceNews.org article. Pull quote: “The researchers identified four stages of cell wall development. First, enzymes in the cell’s outer layer pump out short pieces of cellulose that “swim around” on the cell’s surface, Lam says. Next, those fragments start to collide and attach to one another. Then, as the cellulose fibers continue to thicken and elongate, they also link up with perpendicular fibers to form a mesh. Finally, that mesh of cellulose keeps rearranging itself and compacting until it becomes a rigid, stable cell wall.”

How North Korea Cheated Its Way to Crypto Billions. WSJ.com article (free). Pull quote: “North Korea’s success reflects the major resources dedicated to the task. The regime commands more than 8,000 hackers as though they were in a military unit, with the country’s brightest minds. State support means its hackers can wait months or years to exploit a single slip in a company’s digital security. Pyongyang’s desperation for cash, and its lack of concern for diplomatic blowback, have fueled its drive to be better than anyone else.”

We should talk more about air-conditioning. TechnologyReview.com article. Pull quote: “Another piece of this whole thing: It’s not just about how much total electricity we need to run air conditioners but about when that demand tends to come. As we’ve covered in this newsletter before, your air-conditioning habits aren’t unique. Cooling devices tend to flip on around the same time—when it’s hot. In some parts of the US, for example, air conditioners can represent more than 70% of residential energy demand at times when the grid is most stressed.”

A New Frontier in Radios: Rocket Lab Announces Expanded Radio Products for Reliable Command and Control. RocketLabUSA.com press release. Pull quote: ““We are excited to add this suite of software-defined radios to our expanding portfolio of products,” said Brad Clevenger, Vice President of Rocket Lab Space Systems.  “We continue to demonstrate our ability to deliver high reliability, high performance products at constellation scale.  While much of the industry struggles with supply chain challenges, Rocket Lab continues to demonstrate that it is the right partner for merchant component supply to the most demanding missions.””

Voyager Technologies to acquire LEOcloud. SpaceNews.com article. Pull quote: “LEOcloud is preparing to install its Space Edge micro datacenter on the International Space Station with support from the Center for the Advancement of Science in Space, which manages the ISS National Laboratory. Testing on ISS is a precursor to establishing cloud infrastructure for low-Earth Orbit.”

Contractors could hack back against adversaries, top cyber Democrat says. NextGov.com article. Pull quote: “Directing the private sector to hack back may present legal challenges because private firms would have to consider the consequences of mistakenly harming civilians. But that dynamic may have to become a part of a Trump administration strategy to hack back, as Chinese cyber operatives have often used stolen credentials to target various civilian critical infrastructure systems around the country.”

Rivals are rising to challenge the dominance of SpaceX. TechnologyReview.com article. Pull quote: “Regardless of the politics, the commercial competition will surely heat up throughout 2025. But SpaceX has a considerable head start, Bingen argues: “It’s going to take a lot for these companies to effectively compete and potentially dislodge SpaceX, given the dominant position that [it has] had.””

Trump backs Luna push for House parental proxy voting. TheHill.com article. Pull quote: ““I’m gonna let the Speaker make the decision, but I like the idea of being able to — if you’re having a baby, I think you should be able to call in and vote. I’m in favor of that,” Trump added.” Trump playing both sides.

EO 14250 - Addressing Risks From WilmerHale. Federal Register.

EO 14251 - Exclusions From Federal Labor-Management Relations Programs. Federal Register.

EO 14252 - Making the District of Columbia Safe and Beautiful. Federal Register.

EO 14253 - Restoring Truth and Sanity to American History. Federal Register.

EO 14254 - Combating Unfair Practices in the Live Entertainment Market. Federal Register.

EO 14255 - Establishing the United States Investment Accelerator. Federal Register.

Review – 5 Advisories Published – 4-3-25

Today CISA’s NCCIC-ICS published five control system security advisories for products from B&R, ABB (2), and Hitachi Energy (2).

Advisories

B&R Advisory - This advisory describes 13 vulnerabilities in the B&R APROL control system.

ABB Advisory #1 - This advisory discusses 15 vulnerabilities in the ABB Low Voltage DC Drives.

ABB Advisory #2 - This advisory discusses 15 vulnerabilities in the ABB ACS880 Drives.

Hitachi Energy Advisory #1 - This advisory describes three vulnerabilities in the Hitachi Energy TRMTracker.

Hitachi Energy Advisory #2 - This advisory describes four vulnerabilities in the Hitachi Energy RTU500 series products.

 

For more information on these advisories, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/5-advisories-published-4-3-25 - subscription required.

Review – Bills Introduced – 4-2-25

Yesterday, with the Senate in Washington and the House meeting in pro forma session, there were 57 bills introduced. Four of those bills may receive additional coverage in this blog:

HR 2594 To establish a Water Risk and Resilience Organization to develop risk and resilience requirements for the water sector. Crawford, Eric A. "Rick" [Rep.-R-AR-1]

HR 2613 To improve public-private partnerships and increase Federal research, development, and demonstration related to the evolution of next generation pipeline systems, and for other purposes. Weber, Randy K. Sr. [Rep.-R-TX-14]

S 1249 A bill to prescribe zoning authority with respect to commercial unmanned aircraft systems and to preserve State, local, and Tribal authorities and private property with respect to unmanned aircraft systems, and for other purposes. Lee, Mike [Sen.-R-UT]

S 1250 A bill to authorize Counter-UAS activities on and off commercial service airport property, and for other purposes. Lee, Mike [Sen.-R-UT]

 

For more information on these bills, including legislative history for similar bills in the 118^th, as well as a brief look at one Space Geek bill, and a national security bill mentioned in passing, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/bills-introduced-4-2-25 - subscription required.

Short Takes – 4-3-25 – Space Geek Edition

Remember that asteroid everyone was worried about 2 months ago? The JWST just got a clear view of it. Space.com article. Pull quote: “The JWST also helped scientists study how quickly the space rock heats up and cools down. According to Rivkin, these thermal properties in 2024 YR4 are "not like what we see in larger asteroids," likely due to the fact that it spins very quickly and that its surface is "dominated by rocks that are maybe fist-sized or larger," rather than fine grains of sand.”

Secretive Russian military satellites release mystery object into orbit. Space.com article. Pull quote: “The released object could be used for a number of objectives, including military experiments, such as satellite inspection or target practice, testing technology for docking or formation flying. It may also be a scientific payload or even the result of an unintentional fragmentation, though this would usually result in numerous pieces of debris.”

Floating blue-eyed robot keeps watch on the ISS: Space photo of the day. Space.com article. Pull quote: “The Int-Ball2 is remotely operated by controllers with the Japan Aerospace Exploration Agency (JAXA) on Earth, but is also equipped with an Epson-designed inertial measurement unit (IMU) that when used in collaboration with a visual location and mapping system, enables the ball to maintain its orientation and navigate through the space station.”

Watch chilling 1st views of Earth's poles seen by SpaceX Fram2 astronauts (video). Space.com article. Pull quote: “The Fram2 is hoping their mission will live up to its predecessor and namesake through nearly two dozen science experiments planned for their time on orbit. One of these includes the first attempt to grow mushrooms in space. The crew also plans to take the first on-orbit X-rays of the human body.” Includes videos from Fram2.

SpaceX Hits New Milestone with Fram2, the First-Ever Crewed Polar Mission. ScientificAmerican.com article. Pull quote: “None of this means that sending humans into that orbit isn’t a legitimately impressive feat. It is—all the more so because SpaceX’s Falcon 9 rocket not only safely delivered the Crew Dragon to polar orbit; it also had enough leftover fuel to still perform a pinpoint soft landing on an awaiting barge in the Atlantic Ocean. But Fram2’s “polarity” overshadows the more mundane but no less astonishing “new normal,” in which private human spaceflight has rapidly shifted from the stuff of science fiction to a decidedly unexceptional reality.”

Starliner’s flight to the space station was far wilder than most of us thought. ArsTechnica.com article. Pull quote: “"That was not easy to do. I have lived rendezvous orbital dynamics going back decades. [Wilmore is one of only two active NASA astronauts who has experience piloting the space shuttle.] Ray Bigonesse is our rendezvous officer. What a motivated individual. Primarily him, but me as well, we worked to develop this manual rendezvous capability over the years. He's a volunteer fireman, and he said, 'Hey, I'm coming off shift at 5:30 Saturday morning; will you meet me in the sim?' So we'd meet on Saturdays. We never got to the point of saying lose four thrusters. Who would've thought that, in the same direction? But we're in there training, doing things, playing around. That was the preparation."”

Corps of Engineers Sends NWP NPRM to OMB

Yesterday the OMB’s Office of Information and Regulatory Affairs (OIRA) announced that it had received a notice of proposed rulemaking (NPRM) from the DOD’s Corps of Engineers on “Reissuance and Modification of Nationwide Permits”.

According to the Fall 2024 Unified Agenda entry for this rulemaking:

“The U.S. Army Corps of Engineers (Corps) issues nationwide permits (NWPs) under section 404 of the Clean Water Act and section 10 of the Rivers and Harbors Act of 1899.  The NWPs authorize specific categories of activities in jurisdictional waters and wetlands that have no more than minimal individual and cumulative adverse environmental effects. The NWPs may be issued for a period of no more than five years per statute, and the Corps has the authority to modify or revoke the NWPs before they expire. In January 2021, the Corps reissued or modified 12 existing NWPs and issued four new NWPs along with NWP general conditions and definitions (RIN 0710-AA84) which are set to expire in March 2026.  In December 2021, the Corps reissued or modified 40 existing NWPs and issued one new NWP (RIN 0710-AB29) which are also set to expire in March 2026.  The Corps is proposing to reissue or modify the 2021 NWPs [link added to COE NWP summary chart]. This proposal to reissue or modify the NWPs will incorporate comments obtained during the formal review of NWP 12 (RIN 0710-AB51).”

This periodic (every five years) rulemaking will be the Trump Administration’s first environmental rulemaking. While the rulemaking was initiated under the Biden Administration, there has been enough time (especially considering Project 2025 and its preparatory work on regulations) for the new Administration to place their stamp on the rulemaking.

I do not currently plan to cover this rulemaking in any depth (mostly depending on the effect on off-shore oil and gas activities), but I will certainly mention the publication of the NPRM in the appropriate ‘Short Takes’ post.

Short Takes – 4-2-25

Lesley, What Happened to the “Cybersecurity Skills Shortage”? Tisiphone.net blog post. This is a take on cybersecurity jobs that I have not seen elsewhere. Pull quote: “So now we have a big, Big, BIG problem. The universities, colleges, and boot camps sold the hell out of an entry level skills shortage that does not practically exist, and everybody in those programs just graduated, all at once. I cannot express how numerically and logistically dire things are. In the US, my peers are reporting upwards of 100 qualified candidates (after HR screening) for SOC roles. Red team has always been far worse. These numbers mean HR and recruiters can (and sometimes must) keep raising the minimum bar to entry to the most basic, entry level cybersecurity roles. “

Who's in Charge of OT Security? IHSOnline.org article. Long form discussion by Joe Weiss on the  ssues associated with OT Security. Pull quote: “CSO’s need to work with engineering and operations to develop, implement, and maintain control system cyber programs as well as identify control system cyber incidents. Without understanding control system issues, cyber protections may not be sufficient to prevent cyberattacks that can damage hardware and cause injuries. On the other hand, inappropriate technologies or testing can, and have caused, the same impacts as hackers.”

JAXA institute studying Mars lander concept. SpaceNews.com article. Pull quote: ““Instead of having a complicated operational supersonic parachute and a hard aeroshell, you can do all the job just with this single technology,” he said of the inflatable aeroshell. “If we’re focusing on small missions, this is the key technology for enabling our way of Mars landing missions.””

Fermenting miso in orbit reveals how space can affect a food’s taste. ScienceNews.org article. Pull quote: “The researchers could not isolate the ISS miso’s fermentation variables, including radiation, temperature and microgravity, to attribute specific properties to them, Coblentz says. But all those environmental features — or the “space terroir” — contributed to the miso, imparting a unique taste of space.”

Postponement of Effectiveness for Certain Provisions of Trichloroethylene (TCE); Regulation Under the Toxic Substances Control Act (TSCA). Federal Register EPA delayed enforcement notice. Summary: “The Environmental Protection Agency (EPA or Agency) is postponing the effectiveness of certain regulatory provisions of the final rule entitled “Trichloroethylene (TCE); Regulation Under the Toxic Substances Control Act (TSCA)” for 90 days pending judicial review. Specifically, this postponement applies to the conditions imposed on the uses with TSCA exemptions.” New enforcement date: June 20^th, 2025.

Comments in Aid of Analyses of the Terrorism Risk Insurance Program. Federal Register Treasury Department Request for comment. Summary: “The Terrorism Risk Insurance Act of 2002 (TRIA) created the Terrorism Risk Insurance Program (Program) to address disruptions in the market for terrorism risk insurance, to help ensure the continued availability and affordability of commercial property and casualty insurance for terrorism risk, and to allow for the private markets to stabilize and build insurance capacity to absorb any future losses for terrorism events. The Secretary of the Treasury (Secretary) administers the Program, with the assistance of the Federal Insurance Office (FIO). Treasury requests comments from interested parties regarding the issues that FIO will be analyzing in connection with its upcoming study related to the participation of small insurers in the Program, including any competitive challenges such insurers face in the terrorism risk insurance marketplace.” Comments due May 19^th, 2025.

Review - HR 1223 Introduced – ANCHOR Act

Back in February Rep Fong (R,CA) introduced HR 1223, the Accelerating Networking, Cyberinfrastructure, and Hardware for Oceanic Research (ANCHOR) Act. The bill would require the National Science Foundation (NSF) to submit a plan to improve the cybersecurity and telecommunications of the Academic Research Fleet. No new funding is authorized by the legislation.

The bill is similar to HR 7630, the Accelerating Networking, Cyberinfrastructure, and Hardware for Oceanic Research (ANCHOR) Act, that was introduced by Rep Garcia (R,CA) in March, 2024. The House Science, Space, and Technology Committee held a markup hearing on March 20^th, 2024 and ordered the bill reported favorably by a vote of 38 to 0. The Committee Report was published on May 23^rd, 2024. The bill was taken up by the full House on September 23^rd, 2024 under the suspension of the rules process and passed by a voice vote. No action was taken in the Senate on this bill, nor on a similar bill (S 3943, the ANCHOR Act) introduced by Sen Padilla (D,CA) in March of 2024. Padilla has introduced a similar bill (S 318) this session.

Moving Forward

Fong and all three of his cosponsors {Rep Stevens (D,MI), Rep Obernolte (D,CA), and Rep McBride (D,DE)} are members of the House Science, Space, and Technology Committee to which this bill was assigned for consideration. This means that there may be sufficient influence to see this bill considered in Committee. While last session, the earlier bill moved through the Committee and the floor of the House with no significant opposition, the focus of the 119^th Congress is somewhat different than that of the 118^th. I suspect that if HR 1223 were considered it would still receive strong bipartisan support, the question remains whether the leadership would remain as supportive in the new legislative environment.

 

For more information about the provisions of this bill, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/hr-1223-introduced - subscription required.

Review - Bills Introduced – 4-1-25

Yesterday, with both the House and Senate in session, there were 76 bills introduced. One of those bills may receive additional coverage in this blog:

HR 2546 To establish the position of Secretary of the Coast Guard, and for other purposes. Ezell, Mike [Rep.-R-MS-4]

 

For more information on these bills, including legislative history for similar bills in the 118th, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/bills-introduced-4-1-25 - subscription required.

Short Takes – 4-1-25

What’s My Daily Life Like (in OT DFIR)? Tisiphone.net blog post. Pull quote: “What that means for the digital forensics side of things is that my cases involve sometimes very strange and very old computing equipment. Legacy is prevalent in OT. I must be able to figure out forensics on computers from the 80s or 90s. I also must be able to work with low level systems like PLCs and embedded computers. I still must create timelines of modern attacks, with corroborated and court-admissible evidence. There’s little EDR, and a lot of our forensics work is quite manual. I have a soldering iron in my bag to deal with non-standard connectors.”

SpaceX launches private Fram2 astronauts on historic spaceflight over Earth's poles. Space.com article. Pull quote: “Fram2 carries on the exploration spirit of its ocean-going predecessor. It carries a total of 22 experiments the crew will conduct during the mission, including the first attempt to grow mushrooms in space and a machine that will capture the first on-orbit X-rays of the human body. Other experiments will investigate the effects of microgravity on the human musculoskeletal system during spaceflight.”

FAA closes investigation into SpaceX Starship Flight 7 explosion. Space.com article. Pull quote: “Both the Starship Flight 7 and New Glenn mishap reports were closed on Friday (March 28), FAA officials said. Neither incident caused any public injuries, and New Glenn's failed return to Earth didn't damage any public property. Starship Flight 7 debris caused one confirmed report of "minor vehicle damage" in the Turks and Caicos, according to the FAA.” Still waiting on Flight 8 investigation results.

Cyber-Physical Analysis of Weapons of Mass Destruction Detection Systems: Part 1 - DARPA's SIGMA. Reversemode.com article. Pull quote: “It is important to recognize that this analysis is limited by the scope of available data and the specific context in which it was conducted. While the research might offer valuable insights for improvement, external factors and considerations (some of which may not be immediately apparent) could influence the assessment of the issues discussed. That’s why I’ve taken a cautious approach in classifying something as a ‘vulnerability’” Lots of detail (more than a little over my head due to my background) but some interesting suggestions about potential vulnerabilities.

SpaceX's Fram2 astronaut flight over Earth's poles will be the 1st to grow mushrooms in space. Space.com article. Pull quote: “"In space, food often tastes bland due to altered taste perception and the need for a low-sodium diet to help counteract the negative effects of microgravity on bone health," Flávia said in the statement. "Mushrooms are rich in umami flavor, being one of the only tastes that remains strong in space. Oyster mushrooms are also highly resilient, scalable and capable of growing using 100% of the inedible plant waste, and even cotton t-shirts in their growth medium."” 

Rule Rejected in House – Luna’s Proxy Bill Saved

Today the House took up H Res 282, the rule for the consideration of this week’s legislation under ‘regular’ order. The measure was defeated by a vote of 206 to 222, with nine Republicans voting with the Democrats against the resolution. Unlike similar no votes last session, the Republicans voting no were not members of the Freedom Caucus, rather today these votes came from moderates.

The main purpose of the resolution was to provide the ‘rule’ for the consideration of three bills:

SJ Res 28 – A joint resolution disapproving the rule submitted by the Bureau of Consumer Financial Protection relating to "Defining Larger Participants of a Market for General-Use Digital Consumer Payment Applications",

HR 1526 – No Rogue Rulings Act of 2025, and

HR 22 - Safeguard American Voter Eligibility Act

All three bills are part of the Trump agenda and have been expected to pass with mainly party line votes, with no objections known from any Republicans. Democrats were expected to vote against the HJ Res 282 as a matter of course.

What happened is that the Rules Committee, this morning, added a §5 to the resolution before it was approved in Committee. Section 5 was added to stop the House from considering H Res 23, the Proxy Voting for New Parents Resolution. This resolution was introduced by Rep Luna (R,FL) to modify the House Rules to allow for new parents to vote by proxy, with certain limitations. This bill has been opposed by the Republican leadership, mainly as a keeping-the-faith opposition to the proxy voting allowed by the Democrats during the Covid epidemic. Luna was able to get a majority of the House members to sign a discharge petition to force a vote on the floor.

With eleven Republicans willing to sign the discharge petition it was almost a foregone conclusion that H Res 23 is going to pass if it were to come to the floor. To prevent such ‘objectionable’ legislation from getting to the floor, §5 was added to the rule that would have made a special exception to the rules pertaining to discharge petitions specifically for H Res 23 or substantially similar language for the remainder of the session. The leadership was betting that the desire to support the Trump agenda items included in the rule would override the interest in voting for proxy voting rule.

With the votes on the covered bills at least temporarily stopped, there will be no more votes scheduled on the floor of the House this week. This still leaves the matter of the discharge petition unresolved.

Politico is reporting that Luna resigned from the Freedom Caucus over this issue.

Review – 1 Advisory and 1 Update Published – 4-1-25

Today CISA’s NCCIC-ICS published a control system security advisory for products from Rockwell Automation. They also updated an advisory for products from Hitachi Energy.

Advisories

Rockwell Advisory - This advisory discusses a deserialization of untrusted data vulnerability (with publicly available exploit code) in the Rockwell Lifecycle Services with Veeam Backup and Replication.

Updates

Hitachi Energy Update - This update provides additional information on the Hitachi Energy MicroSCADA advisory that was originally published on November 26^th, 2024.

 

For more information on these advisories, including a down-the-rabbit-hole look at the Veeam vulnerability, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/1-advisory-and-1-update-published-1a0 - subscription required.

Review - Bills Introduced – 3-31-25 (House)

Yesterday, with both the House and Senate in session (and the Senate still in session as of the writing of this post with the Democrats holding the floor in an old-style filibuster protesting recent actions by the Trump Administration), there were 67 bills introduced (Senate bills will be discussed in a separate post when they are posted). Three of those bills may receive additional coverage in this blog:

HR 2482 NTIA Reauthorization Act of 2025  Latta, Robert E. [Rep.-R-OH-5] 

HR 2508 To preempt State data security vulnerability mandates and decryption requirements. Lieu, Ted [Rep.-D-CA-36]

HR 2515 To provide for a grant program for adoption of certain telematics systems onboard freight railcars, and for other purposes. Nehls, Troy E. [Rep.-R-TX-22]

 

For more information on these bills, including legislative history for similar bills in the 118th, as well as a mention in passing of a marine liability bill, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/bills-introduced-3-31-25-house - subscription required.

Short Takes – 3-31-25

Isar Aerospace’s first Spectrum launch fails. SpaceNews.com article. Pull quote: ““WHAT A FLIGHT!” posted Daniel Metzler, chief executive of Isar Aerospace, about an hour after the launch. “On our first flight today we got to a clean liftoff, 30sec of flight, and didn’t blow up the pad in the meantime.”” Success in rocket science is defined differently than in most endeavors.

How Each Pillar of the 1st Amendment is Under Attack. KrebsOnSecurity.com commentary. Pull quote: “This story explores a slew of recent actions by the Trump administration that threaten to undermine all five pillars of the First Amendment to the U.S. Constitution, which guarantees freedoms concerning speech, religion, the media, the right to assembly, and the right to petition the government and seek redress for wrongs.”

Immigration agents arrested a U.S. citizen and created warrants after an arrest, lawyers say in court. Chicago.SunTimes.com article. Pull quote: “The 22 cases include Chicago resident Julio Noriega, 54, a U.S. citizen who, according to court documents, was arrested, handcuffed and spent most of the night at an ICE processing center in suburban Broadview. He was never questioned about his citizenship and was only released after agents looked at his ID.”

Chinese Bluetooth satellite startup raises early funding. SpaceNews.com article. Pull quote: “Utilizing these low-power signals greatly reduces energy and infrastructure requirements for connectivity and monitoring, which could help expand IoT coverage. Satellites can cover areas without networks, power, or communication infrastructure, enabling effective data collection and monitoring in more remote regions. The system could be most useful for Bluetooth-only devices such as sensors and tags.” A new surveillance tool? Nah… Who would want to do that?

Signal Gate. WHMurray.blogspot.com blog post. Pull quote: “Most of those with any knowledge about a military mission will have been indoctrinated in operational security, both in training and experience.  Here we had a case of novices, those who did not have experience, who had not grown up in the tradition of SECOPS.”

House panel recesses as GOP leaders weigh blocking proxy voting for new parents. TheHill.com article. Pull quote: “In her letter announcing her departure from the hardline group, Luna wrote: “I cannot remain part of a caucus where a select few operate outside its guidelines, misuse its name, broker backroom deals that undermine its core values and where the lines of compromise and transaction are blurred, disparage me to the press, and encourage misrepresentation of me to the American people.””

Top vaccine official sends warning. TheHill.com article. Pull quote: ““However, it has become clear that truth and transparency are not desired by the Secretary [Kennedy], but rather he wishes subservient confirmation of his misinformation and lies,” Marks wrote.”