Newpark
Company Details
Linkedin ID:
newpark
Website:
Employees number:
1,531
Number of followers:
66,535
NAICS:
211
Industry Type:
Homepage:
newpark.com
IP Addresses:
0
Company ID:
NEW_6719478
Scan Status:
In-progress
Newpark Company CyberSecurity Posture
newpark.com
Newpark Fluids Systems is the world’s leading pure-play oil & gas and geothermal fluid solutions provider. Leveraging our deep expertise, innovative digital solutions and comprehensive drilling, drill-in, completion and stimulation fluids portfolio, our team can accurately model, simulate and adapt our fluids solutions to your specific downhole conditions.
Newpark A.I CyberSecurity Scoring
Newpark Risk Score (AI oriented)Between 650 and 699
Newpark
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Newpark Global Score (TPRM)XXXX
Newpark
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Newpark Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Newpark Resources
Ransomware
Rankiteo Explanation
Attack threatening the organization’s existence
Description: Texas oilfield supplier Newpark Resources experienced a ransomware attack on October 29, 2024. As a result, access to some of its information systems and business applications was disrupted. The incident did not significantly affect the company's field operations as they continued with established downtime procedures. Newpark Resources initiated their cybersecurity response plan and is conducting assessments with external experts. The full impact on financials and operations has not been determined, but the company does not anticipate a significant effect on its financial health or overall operations. Details regarding the specific ransomware or the perpetrators have not been disclosed.
Newpark Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Newpark
Incidents vs Oil and Gas Industry Average (This Year)
No incidents recorded for Newpark in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Newpark in 2025.
Incident Types Newpark vs Oil and Gas Industry Avg (This Year)
No incidents recorded for Newpark in 2025.
Incident History — Newpark (X = Date, Y = Severity)
Newpark cyber incidents detection timeline including parent company and subsidiaries
Newpark Company Subsidiaries
Newpark Fluids Systems is the world’s leading pure-play oil & gas and geothermal fluid solutions provider. Leveraging our deep expertise, innovative digital solutions and comprehensive drilling, drill-in, completion and stimulation fluids portfolio, our team can accurately model, simulate and adapt our fluids solutions to your specific downhole conditions.
Loading...
Newpark Similar Companies
aramco
We’re a leading producer of the energy and chemicals that drive global commerce and enhance the daily lives of people around the globe by continuing delivering an uninterrupted supply of energy to the world. Our resilience and agility has built one of the world’s largest integrated energy and chemi
We are one of the world's leading energy producers, and a primary catalyst for Abu Dhabi’s growth and diversification. We operate across the entire hydrocarbon value chain, through a network of fully-integrated businesses, with interests that range from exploration, production, storage, refining a
Halliburton
We collaborate and engineer solutions to maximize asset value for our customers. Founded in 1919, Halliburton is one of the world's largest providers of products and services to the energy industry. With more than 45,000 employees, representing 130 nationalities in more than 80 countries, the compan
We’re a leading producer of the energy and chemicals that drive global commerce and enhance the daily lives of people around the globe by continuing delivering an uninterrupted supply of energy to the world. Our resilience and agility has built one of the world’s largest integrated energy and chemi
PDVSA Petróleos de Venezuela S.A.
Petróleos de Venezuela S.A. is a Venezuelan state company, began operations on January 1st, 1976 and whose activities are the oil exploration, production, refining, marketing and transportation of Venezuelan oil as well as the orimulsion, chemical, petrochemical businesses and coal. We have the lar
ExxonMobil
The need for energy is universal. That's why ExxonMobil scientists and engineers are pioneering new research and pursuing new technologies to reduce emissions while creating more efficient fuels. We're committed to responsibly meeting the world's energy needs. We aim to achieve #netzero emissions
Aker Solutions delivers integrated solutions, products and services to the global energy industry. We enable low-carbon oil and gas production and develop renewable solutions to meet future energy needs. By combining innovative digital solutions and predictable project execution we accelerate the tr
Complexul Energetic Oltenia
CE Oltenia is the sole lignite producer in Romania and one of the major players in the energy services sector in Romania, set-up on 31 May 2012 following a decision of the Romanian Government for the reorganization of the energy sector through a merger between a national lignite company (Societate
At Repsol, we are at the forefront of the energy sector to build the future of energy with innovation and sustainability. We are a strong multienergy company that creates value in an integrated, diversified, and sustainable way to promote progress in society. We leverage our past experience to be pr
.png)
Newpark CyberSecurity News
May 15, 2025 07:00 AM
Revealed: Key Disney Imagineer Behind New Park In Abu Dhabi
The designer behind the largest redevelopment of a Disney theme park in the company's history is one of the key figures behind the look of its groundbreaking...
May 07, 2025 07:00 AM
'Unsophisticated’ hackers targeting systems used by oil and gas industry, CISA says
A one-paragraph advisory from CISA warns of attempts by “unsophisticated cyber actor(s)” to disrupt industrial technology, particularly in...
December 10, 2024 08:00 AM
Heart Surgery Device Maker, Artivion, Discloses a Ransomware Attack
Artivion, an Atlanta-based company that manufactures devices and tools for cardiac and vascular surgeons, has over 1,250 employees worldwide...
December 04, 2024 08:00 AM
ENGlobal faces cybersecurity breach, leads to ‘limited’ access to essential business operations
ENGlobal Corporation, an engineering and automation services provider that works with the U.S. energy sector and federal government,...
December 03, 2024 08:00 AM
ENGlobal IT systems impacted by ransomware attack
The attack marks at least the third disruptive cyberattack impacting energy sector providers based in Texas since August.
November 13, 2024 08:00 AM
U.S. Oilfield Service Provider Disrupted by Ransomware Attack
Newpark Resources is a provider of sustainable services for the energy infrastructure and drilling industries, creating products and services for oilfields and...
November 11, 2024 08:00 AM
Newpark Resources hit by ransomware; activates cybersecurity response
Newpark Resources hit by ransomware; activates cybersecurity response ... Texas-based oilfield services supplier Newpark Resources detected a...
November 11, 2024 08:00 AM
Newpark Resources discloses October ransomware attack
On Oct. 29, Newpark discovered an unauthorized actor had gained access to some of its internal information systems, disrupting its access to...
November 08, 2024 08:00 AM
Major Oilfield Supplier Hit by Ransomware Attack
Newpark Resources is a worldwide provider of value-added drilling fluids systems and composite matting systems commonly used in oilfields.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Newpark CyberSecurity History Information
Official Website of Newpark
The official website of Newpark is http://www.newpark.com.
Newpark’s AI-Generated Cybersecurity Score
According to Rankiteo, Newpark’s AI-generated cybersecurity score is 675, reflecting their Weak security posture.
How many security badges does Newpark’ have ?
According to Rankiteo, Newpark currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Newpark have SOC 2 Type 1 certification ?
According to Rankiteo, Newpark is not certified under SOC 2 Type 1.
Does Newpark have SOC 2 Type 2 certification ?
According to Rankiteo, Newpark does not hold a SOC 2 Type 2 certification.
Does Newpark comply with GDPR ?
According to Rankiteo, Newpark is not listed as GDPR compliant.
Does Newpark have PCI DSS certification ?
According to Rankiteo, Newpark does not currently maintain PCI DSS compliance.
Does Newpark comply with HIPAA ?
According to Rankiteo, Newpark is not compliant with HIPAA regulations.
Does Newpark have ISO 27001 certification ?
According to Rankiteo,Newpark is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Newpark
Newpark operates primarily in the Oil and Gas industry.
Number of Employees at Newpark
Newpark employs approximately 1,531 people worldwide.
Subsidiaries Owned by Newpark
Newpark presently has no subsidiaries across any sectors.
Newpark’s LinkedIn Followers
Newpark’s official LinkedIn profile has approximately 66,535 followers.
NAICS Classification of Newpark
Newpark is classified under the NAICS code 211, which corresponds to Oil and Gas Extraction.
Newpark’s Presence on Crunchbase
No, Newpark does not have a profile on Crunchbase.
Newpark’s Presence on LinkedIn
Yes, Newpark maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/newpark.
Cybersecurity Incidents Involving Newpark
As of December 06, 2025, Rankiteo reports that Newpark has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Newpark has an estimated 10,499 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Newpark ?
Incident Types: The types of cybersecurity incidents that have occurred include Ransomware.
How does Newpark detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an incident response plan activated with yes, and third party assistance with yes..
Incident Details
Can you provide details on each incident ?
Title: Ransomware Attack on Newpark Resources
Description: Texas oilfield supplier Newpark Resources experienced a ransomware attack on October 29, 2024. As a result, access to some of its information systems and business applications was disrupted. The incident did not significantly affect the company's field operations as they continued with established downtime procedures. Newpark Resources initiated their cybersecurity response plan and is conducting assessments with external experts. The full impact on financials and operations has not been determined, but the company does not anticipate a significant effect on its financial health or overall operations. Details regarding the specific ransomware or the perpetrators have not been disclosed.
Date Detected: 2024-10-29
Type: Ransomware
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Ransomware.
Impact of the Incidents
What was the impact of each incident ?
Incident : Ransomware NEW000110924
Systems Affected: Information systems and business applications
Downtime: Some disruption
Operational Impact: Minimal impact on field operations
Which entities were affected by each incident ?
Incident : Ransomware NEW000110924
Entity Name: Newpark Resources
Entity Type: Company
Industry: Oilfield Services
Location: Texas
Response to the Incidents
What measures were taken in response to each incident ?
What is the company's incident response plan?
Incident Response Plan: The company's incident response plan is described as Yes.
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through Yes.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Ransomware NEW000110924
Investigation Status: Ongoing
Post-Incident Analysis
Additional Questions
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2024-10-29.
Impact of the Incidents
Response to the Incidents
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing.
.png)
Latest Global CVEs (Not Company-Specific)
Description
HedgeDoc is an open source, real-time, collaborative, markdown notes application. Prior to 1.10.4, some of HedgeDoc's OAuth2 endpoints for social login providers such as Google, GitHub, GitLab, Facebook or Dropbox lack CSRF protection, since they don't send a state parameter and verify the response using this parameter. This vulnerability is fixed in 1.10.4.
Risk Information
cvss3
Base: 3.7
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N
Description
Langflow versions up to and including 1.6.9 contain a chained vulnerability that enables account takeover and remote code execution. An overly permissive CORS configuration (allow_origins='*' with allow_credentials=True) combined with a refresh token cookie configured as SameSite=None allows a malicious webpage to perform cross-origin requests that include credentials and successfully call the refresh endpoint. An attacker-controlled origin can therefore obtain fresh access_token / refresh_token pairs for a victim session. Obtained tokens permit access to authenticated endpoints — including built-in code-execution functionality — allowing the attacker to execute arbitrary code and achieve full system compromise.
Risk Information
cvss4
Base: 9.4
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A vulnerability was detected in xerrors Yuxi-Know up to 0.4.0. This vulnerability affects the function OtherEmbedding.aencode of the file /src/models/embed.py. Performing manipulation of the argument health_url results in server-side request forgery. The attack can be initiated remotely. The exploit is now public and may be used. The patch is named 0ff771dc1933d5a6b78f804115e78a7d8625c3f3. To fix this issue, it is recommended to deploy a patch. The vendor responded with a vulnerability confirmation and a list of security measures they have established already (e.g. disabled URL parsing, disabled URL upload mode, removed URL-to-markdown conversion).
Risk Information
cvss2
Base: 5.8
Severity: LOW
AV:N/AC:L/Au:M/C:P/I:P/A:P
cvss3
Base: 4.7
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 5.1
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A security vulnerability has been detected in Rarlab RAR App up to 7.11 Build 127 on Android. This affects an unknown part of the component com.rarlab.rar. Such manipulation leads to path traversal. It is possible to launch the attack remotely. Attacks of this nature are highly complex. It is indicated that the exploitability is difficult. The exploit has been disclosed publicly and may be used. Upgrading to version 7.20 build 128 is able to mitigate this issue. You should upgrade the affected component. The vendor responded very professional: "This is the real vulnerability affecting RAR for Android only. WinRAR and Unix RAR versions are not affected. We already fixed it in RAR for Android 7.20 build 128 and we publicly mentioned it in that version changelog. (...) To avoid confusion among users, it would be useful if such disclosure emphasizes that it is RAR for Android only issue and WinRAR isn't affected."
Risk Information
cvss2
Base: 5.1
Severity: HIGH
AV:N/AC:H/Au:N/C:P/I:P/A:P
cvss3
Base: 5.0
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
cvss4
Base: 2.3
Severity: HIGH
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A weakness has been identified in ZSPACE Q2C NAS up to 1.1.0210050. Affected by this issue is the function zfilev2_api.OpenSafe of the file /v2/file/safe/open of the component HTTP POST Request Handler. This manipulation of the argument safe_dir causes command injection. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
Risk Information
cvss2
Base: 9.0
Severity: LOW
AV:N/AC:L/Au:S/C:C/I:C/A:C
cvss3
Base: 8.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
cvss4
Base: 7.4
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=newpark' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
