• img August 30, 2017

Advantech fixes serious vulns in WebAccess HMI/SCADA software

Advantech has plugged nine security holes in WebAccess and has urged users to upgrade the software as soon as possible. Advantech WebAccess is a web browser-based software package for human-machine interfaces (HMI) and supervisory control and data acquisition (SCADA). A variety of vulnerabilities The vulnerabilities, fixed in the latest version of the product, range from […]

Read More
  • img August 30, 2017

New Locky Variant ‘IKARUSdilapidated’ Strikes Again

For a second time this month, a Locky ransomware variant called IKARUSdilapidated is part of a calculated phishing attack targeting office workers with fake scanned image attachments.   This post was originally published on https://threatpost.com/feed/. https://blacklakesecurity.com/new-locky-variant-ikarusdilapidated-strikes-again/

Read More
  • img August 30, 2017

Cisco unveils LabVIEW code execution flaw that won’t be patched

LabVIEW, the widely used system design and development platform developed by National Instruments, sports a memory corruption vulnerability that could lead to code execution. LabVIEW is commonly used for building data acquisition, instrument control, and industrial automation systems on a variety of operating systems: Windows, macOS, Linux and Unix. The vulnerability (CVE-2017-2779) The vulnerability was […]

Read More
  • img August 30, 2017

Siemens Fixes Session Hijacking Bug in LOGO!, Warns of Man-in-the-Middle Attacks

Siemens fixed a session hijacking vulnerability in its LOGO! logic module Wednesday but says a second issue, one that could help facilitate a man-in-the-middle attack, has no fix currently.   This post was originally published on https://threatpost.com/feed/. https://blacklakesecurity.com/siemens-fixes-session-hijacking-bug-in-logo-warns-of-man-in-the-middle-attacks/

Read More
  • img August 30, 2017

Spambot Contains ‘Mind-Boggling’ Amount of Email, SMTP Credentials

Researchers accessed the Onliner spambot and found 711 million records, including email addresses, email and password combinations, and SMTP credentials and configuration files.   This post was originally published on https://threatpost.com/feed/. https://blacklakesecurity.com/spambot-contains-mind-boggling-amount-of-email-smtp-credentials/

Read More