CVE-2021-27461
A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected webserver applications allow access to stored data that can be obtained by using specially crafted URLs.
Similar Posts
Exchange Server Post-Compromise Attack Activity Shared by Microsoft
Exchange Server Post-Compromise Attack Activity Shared by Microsoft | IT Security News 29. March 2021 In the context of ongoing Exchange Server attacks, Microsoft has shared information detailing post-compromise activity which has infected vulnerable targets with ransomware and a botnet. When Microsoft released a fix for Exchange Server zero-days on March 2nd, organizations around the…
Kaseya VSA Supply-Chain Ransomware Advisory
Background On July 2, 2021, Kaseya, an IT Management software firm, disclosed a security incident impacting their on-prem version of Kaseya VSA software. Kaseya VSA is a cloud-based MSP platform that allows service providers to perform patch management, backups, and client monitoring for their customers. As per Kaseya, the majority of their customers that rely…
Fake ‘System Update’ App Targets Android Users
Application Security , Endpoint Security , Governance & Risk Management Malware Steals Data, Messages, Images; Takes Control of Phones Prajeet Nair (@prajeetspeaks) • March 30, 2021 Android device users are being targeted by a sophisticated spyware app that disguises itself as a “system update” application, warns mobile security firm Zimperium zLabs. See Also:…
Hacker behind biggest ever cryptocurrency heist returns stolen funds
The threat actor who hacked Poly Network’s cross-chain interoperability protocol yesterday to steal over $600 million worth of cryptocurrency assets is now returning the stolen funds. As the Chinese decentralized finance (DeFi) platform Poly Network shared two hours ago, the hacker has already returned almost $260 million worth of stolen cryptocurrency. In total, the attacker…
Microsoft, Darktrace Partner For Cloud Security
Share Tweet Share Share Share Email With concerns over such data as personal information and intellectual property on the rise, Microsoft is linking up with cybersecurity company Darktrace to offer an artificial intelligence (AI) defense across the cloud. The companies said in a press release that their combined…
Accenture Attack Highlights Evolving Ransomware Threats
Accenture officials are saying they staved off a ransomware attack this week by a cybercriminal ring using the LockBit malware even as the hacker group claimed to have captured data from the massive global IT and business consulting firm and has threatened to release it. A CNBC reporter on Aug. 11 sent out a series…