Spyware Blitzes Compromise, Cannibalize ICS Networks

Attackers are targeting industrial enterprises with spyware campaigns that hunt for corporate credentials so they can be used both for financial gain and to cannibalize compromised networks to propagate future attacks, researchers have found. The campaigns use off-the-shelf spyware but are unique...

Siemens XHQ

CVSS v3 6.5 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: XHQ Vulnerability: Improper Access Control AFFECTED PRODUCTS Siemens reports that the vulnerability affects the following versions of the XHQ operations intelligence product line: XHQ 4: All version...

Moxa MiiNePort Devices Leak Data, Open to Unauthorized Access

Embedded device servers made by Moxa remain vulnerable to a trio of vulnerabilities disclosed today in an advisory published by the Industrial Control Systems Cyber Emergency Response Team ICS-CERT and a blog post by researcher Karn Ganeshen. Moxa, which is based in Taiwan, will publish a beta...