CMP A.I CyberSecurity Scoring
21/02/2026
Access Monitoring Plan
Access Monitoring Plan
No incidents recorded for Chevron Marine Products in 2026.
No incidents recorded for Chevron Marine Products in 2026.
No incidents recorded for Chevron Marine Products in 2026.
PT Pertamina (Persero) is an Indonesian state-owned enterprise, which is engaged in the integrated energy in Indonesia. Established on December 10, 1957, Pertamina had the experiences in upstream, midstream, downstream and renewable energy sectors for more than 50 years. This is the official LinkedIn Pertamina account and managed by Pertamina. Any other official social media account link in the corporate website Pertamina subsidiaries. Please kindly check the validity of the account. We support the LinkedIn Terms of Use (User Agreement) and encourage open, lively conversation with a few simple rules: -- We reserve the right to correct factual errors. -- We will reply to comments when appropriate. -- If we disagree with other opinions, we will do so respectfully. -- You may not post anything that is spam or that is abusive, profane, or defamatory toward a person, entity, belief, or symbol. More Information : Website www.pertamina.com Layanan E-PPID : http://ptm.id/ePPID_Pertamina Become a fan on Facebook.com/pertamina Check out YouTube.com/pertamina Follow us on Twitter.com/pertamina Likes us on Instagram.com/pertamina
Transocean is a leading international provider of offshore contract drilling services for oil and gas wells. The company specializes in technically demanding sectors of the global offshore drilling business, with a particular focus on ultra-deepwater and harsh environment drilling services and operates the highest specification floating offshore drilling fleet in the world. Transocean owns or has partial ownership interests in and operates a fleet of 27 mobile offshore drilling units, consisting of 20 ultra-deepwater floaters and seven harsh environment floaters.
Shell is a global group of energy and petrochemical companies, employing 96,000 people across 70+ countries. We serve around 1 million commercial and industrial customers, and around 33 million customers daily at our Shell-branded retail service stations. Our purpose is to power progress together by working with each other, our customers and our partners. #PoweringProgress
Hindustan Petroleum Corporation Limited (HPCL) is a Maharatna Central Public Sector Enterprise (CPSE) and a S&P Global Platts Top 250 Global Energy Company. HPCL has a strong presence in downstream hydrocarbon sector of the country with a sizable share in petroleum product marketing and also has business footprints across other energy verticals & various overseas geographies.
Tenaris is a leading supplier of tubes and related services for the world’s energy industry and certain other industrial applications. Our mission is to deliver value to our customers through product development, manufacturing excellence, and supply chain management. Tenaris employees around the world are committed to continuous improvement by sharing knowledge across a single global organization. Our customers include most of the world’s leading oil and gas companies as well as engineering companies engaged in constructing oil and gas gathering, transportation and processing facilities. Our principal products include casing, tubing, line pipe, and mechanical and structural pipes. Tenaris employs around 29,000 people from more than 25 countries. From the moment they enter the company, our employees follow a career plan specially designed to meet their professional goals. TenarisUniversity, Tenaris’s corporate university, offers high-quality, job-specific curricula and development plans that help them succeed in the many challenging assignments faced during their careers. Our employees work in a culturally diverse setting that enriches their professional as well as their personal lives. As part of our fundamental corporate values, Tenaris offers our employee an active participation in a long-term, sustainable industrial project. RECRUITMENT FRAUD: We’ve received reports that unauthorized individuals are fraudulently recruiting and extending fake job offers on behalf of Tenaris. We encourage prospective candidates to remain vigilant. Additional information on how to recognize recruitment fraud or scams can be found at: https://www.tenaris.com/en/careers/recruitment-fraud Please remember that Tenaris never asks job applicants to pay a fee as part of the recruitment process.
Marathon Petroleum Corporation (MPC) is a leading, integrated, downstream and midstream energy company headquartered in Findlay, Ohio. The company operates the nation's largest refining system. MPC's marketing system includes branded locations across the United States, including Marathon brand retail outlets. MPC also owns the general partner and majority limited partner interest in MPLX LP, a midstream company that owns and operates gathering, processing, and fractionation assets, as well as crude oil and light product transportation and logistics infrastructure. More information is available at www.marathonpetroleum.com.
We're Equinor, an international energy company with a proud history. Formerly Statoil, we are 20,000 committed colleagues developing oil, gas, wind and solar energy in more than 30 countries worldwide. We’re the largest operator in Norway, among the world’s largest offshore operators, and a growing force in renewables. Driven by our Nordic urge to explore beyond the horizon, and our dedication to safety, equality and sustainability, we’re building a global business on our values and the energy needs of the future. We're the leading operator on the Norwegian continental shelf and have substantial international activities. We are engaged in exploration, development and production of oil and gas, as well as wind and solar power. We sell crude oil and are a major supplier of natural gas, with activities in processing, refining, and trading. Our activities are managed through eight business areas, staffs and support divisions, and we have operations in North and South America, Africa, Asia, Europe and Oceania, and Norway. ______ On this page we encourage you to share your views on energy, sustainability, technology and innovation. We appreciate all feedback, but encourage politeness and a respectful tone. See our full privacy policy here: https://www.equinor.com/about-us/privacy-policy-and-data-protection See our policy for social media here: En: https://www.equinor.com/about-us/social-media#social-media-guidelines
Eni is an integrated energy company, founded in 1953, with 31.376 employees in 69 countries around the world, including Algeria, Angola, Mozambique, Mexico, Indonesia and Italy. In 2021, the company launched a new strategy that will enable it to provide a variety of fully decarbonized products, combining environmental and financial sustainability. The recent merger of the renewable and retail businesses in Plenitude (formerly Eni gas e luce), the development of bio-refineries and biomethane production, and the sale of low-carbon energy carriers and mobility services at service stations are among the main levers for taking the path towards decarbonization. Eni aspires to contribute to the achievement of the Sustainable Development Goals (SDGs) of the United Nations 2030 Agenda, supporting a just energy transition that meets the challenge of climate change with concrete and economically sustainable solutions by promoting efficient and sustainable access to energy resources, for all. * data updated to 2022
McDermott is a premier provider of engineering and construction solutions to the energy industry. Our customers trust our technology-driven approach—engineered to responsibly harness and transform global energy resources into the products the world needs for now and what’s next. From concept to commissioning, we are creating and delivering the building blocks of the energy transition. Our innovative expertise and capabilities advance the next generation of global energy infrastructure—empowering a brighter, more sustainable future for us all. Operating in over 54 countries, our locally focused and globally integrated resources include more than 30,000 employees, a diversified fleet of specialty marine construction vessels and fabrication facilities around the world. To learn more, visit www.mcdermott.com.
Latest updates, reports, and threat intel affecting the global network.
Chevron has appointed Ayten Yavuz general manager of its global marine products business. She was previously regional manager for NWE and...
Craft CMS is a content management system (CMS). In versions 5.0.0-RC1 through 5.9.22 and 4.0.0-RC1 through 4.17.15, an attacker with only a GitHub account can plant a JavaScript payload in a craftcms/cms issue title. When a Craft admin uses the CraftSupport widget’s "Give feedback" screen and types a search term that returns the poisoned issue, the payload executes in the admin’s control panel session. No control panel account or elevated privileges are required on the attacker’s side. This issue has been fixed in versions 4.17.16 and 5.9.23.
Craft CMS is a content management system (CMS). In versions 5.0.0-RC1 through 5.9.21 and 4.0.0-RC1 through 4.17.14, theAssetsController::actionDeleteFolder() only requires the deleteAssets:<volume-uid> permission for the target folder. It never enforces deletePeerAssets:<volume-uid>, even though Assets::deleteFoldersByIds() cascades deletion to every descendant folder and every asset inside, regardless of the uploader's assigned privileges. A low-privilege user who has been granted folder-management rights on a shared volume can therefore destroy assets uploaded by other users (peer assets), bypassing the per-asset peer-permission check that the sibling actionDeleteAsset endpoint correctly applies. This issue has been fixed in versions 4.17.15 and 5.9.22.
Craft CMS is a content management system (CMS). Versions 5.0.0-RC1 through 5.9.20, and 4.0.0-RC1 through 4.17.13 contain an authorization issue in the AssetsController::actionReplaceFile that can delete a source asset without source delete permission by supplying both assetId and sourceAssetId. AssetsController::actionReplaceFile() supports replacing a target asset file using another existing asset as the source. The action loads: assetId -> $assetToReplace and sourceAssetId -> $sourceAsset, then enforces replace permissions using ($assetToReplace ?: $sourceAsset). When both IDs are provided, this expression resolves to the target asset so no permission check is performed against the source asset volume. When both assets are present, Craft copies the source file into the target and then deletes the source asset. There is no deletion check for for the source asset. An authenticated user who can replace files in one volume can delete assets in another volume where they do not have delete permission, as long as they can obtain a sourceAssetId, leading to broken content references and data loss. This issue has been fixed in versions 4.17.14 and 5.9.21.
Description: To issue and renew TLS certificates on behalf of customers, Cloudflare's Universal SSL feature automatically manages the CAA RRset for the customer's zone. This auto-managed RRset is permissive by design (e.g. 'issue "letsencrypt.org"' without parameters). On Universal SSL zones, Cloudflare's authoritative DNS serves this auto-managed RRset at query time, superseding any customer-configured CAA records on the zone. When a customer publishes a stricter CAA record using the RFC 8657 accounturi or validationmethods parameters, the Certificate Authority does not observe those parameters when evaluating the served RRset under RFC 8659. As a result, the RFC 8657 account-binding and validation-method-binding protections are not enforced end-to-end on Universal SSL zones. Successful exploitation could result in issuance of a browser-trusted TLS certificate to an attacker, enabling MITM against the affected domain. Exploitation is non-trivial in practice: an attacker would need to hold an ACME account at one of the Certificate Authorities in the served CAA RRset and to simultaneously satisfy domain control validation across the multiple geographically distinct Network Perspectives the CA relies on for Multi-Perspective Issuance Corroboration. Cloudflare prefixes are anycast-announced from hundreds of locations globally, raising the bar against single-vantage-point BGP hijacks. Any resulting misissuance of a browser-trusted certificate is subject to Certificate Transparency logging required by major browsers, and would be visible to CT monitoring. Mitigation: Customers requiring strict RFC 8657 enforcement need to disable Universal SSL on the affected zone. Universal SSL's automatic CAA management and customer-set RFC 8657 accounturi and validationmethods enforcement are mutually exclusive by the nature of the issue, so there is no in-product workaround that preserves both. Certificate Transparency monitoring is recommended for all customers as a general detection control. Credits: David Osipov (ORCID: https://orcid.org/0009-0005-2713-9242), independent researcher
Out of bounds read and write in Tint in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.