CVE-2021-27461
A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected webserver applications allow access to stored data that can be obtained by using specially crafted URLs.
Similar Posts
API Hole on Experian Partner Site Exposes Credit Scores
Student researcher is concerned security gap may exist on many other sites. A student and security researcher recently informed credit-reporting bureau Experian about a vulnerability on a partner website that lets anyone look up credit scores with only a name and mailing address. KrebsOnSecurity is reporting the incident after receiving the tip from Rochester Institute of Technology sophomore…
FireEye to sell products business for $1.55 billion – Security
US cyber security firm FireEye said it would sell its products business, including the FireEye name, to a consortium led by private-equity firm Symphony Technology Group for US$1.2 billion (A$1.55 billion) in cash. The deal will separate FireEye’s network, email and cloud security products from its cyber forensics unit, Mandiant Solutions. The deal is expected…
VMware Discloses Severe Vulnerabilities That Need ‘Immediate Attention’
VMware has disclosed a pair of vulnerabilities impacting vCenter Server, a centralized management software for VMware vSphere systems. The most severe flaw, CVE-2021-21985, is a remote code execution vulnerability in vSphere Client, assigned a CVSSv3 score of 9.8 To exploit this vulnerability, an attacker would need to be able to access vCenter Server over port…
Critical RCE Bug in VMware vCenter Server Under Active Attack – KK Hack Labs
Malicious actors are actively mass scanning the internet for vulnerable VMware vCenter servers that are unpatched against a critical remote code execution flaw, which the company addressed late last month.The ongoing activity was detected by Bad Packets on June 3 and corroborated yesterday by security researcher Kevin Beaumont. “Mass scanning activity detected from 104.40.252.159 checking for
Formula 1® appoints Herjavec Group as Official Cyber Security Services Provider
LONDON, UK, March 23, 2021 /PRNewswire/ – Formula 1® has today announced that Cyber Operations leader, Herjavec Group, has been named as its Official Cyber Security Services Provider. Herjavec Group has been recognised as one of the world’s most innovative Managed Cyber Security Services Providers, with the sole mission of protecting enterprises globally from evolving…
Cybersecurity and Compliance for Healthcare Organizations
Amidst the pandemic overwhelming the capacity of many hospital systems, malicious hackers have been quick to target healthcare providers and medical agencies. These cyber-attacks have hit both the United States and Europe in recent months, serving as a reminder for organizations to closely review their information security posture during these times of uncertainty. Despite certain…