CVE-2021-27461
A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected webserver applications allow access to stored data that can be obtained by using specially crafted URLs.
Business Continuity Management / Disaster Recovery , Fraud Management & Cybercrime , Governance & Risk Management Director of HSE, Nation’s Healthcare System, Describes the Costs Akshaya Asokan (asokan_akshaya) • June 24, 2021 The recovery costs for the May ransomware attack on Health Service Executive, Ireland’s publicly funded healthcare system, is likely to total…
Cybercrime as-a-service , Fraud Management & Cybercrime , Next-Generation Technologies & Secure Development Malwarebytes: Gang Seeking ‘Pentesters’ and ‘Access Brokers’ Prajeet Nair (@prajeetspeaks) • July 26, 2021 Darknet advertisement posted by AvosLocker ransomware-as-a-service gang (Source: Malwarebytes) A recently discovered ransomware-as-a-service gang dubbed AvosLocker is recruiting affiliates and partners, including “pentesters” and “access brokers,”…
Critical Infrastructure Security , Cybercrime , Cybercrime as-a-service Company’s IT Team Was Unaware the VPN Exploited to Gain Entry Existed Doug Olenick (DougOlenick) • June 8, 2021 Colonial Pipeline Co. CEO Joseph Blount testifying on Tuesday before the Senate Homeland Security and Governmental Affairs Committee Colonial Pipeline Co. CEO Joseph Blount defended his…
New critical remote code execution vulnerabilities in Microsoft’s enterprise Exchange Server have been discovered, and the Australian Cyber Security Centre (ACSC) is urging users to apply the patches for them as soon as possible to prevent systems compromises. The vulnerabilities are easy to exploit, do not require any user interaction, and affect Exchange Server 2013,…
DHS Orders Pipeline Operators to Report Cyberattacks, Review Security Posture On the heels of the Colonial Pipeline attack, the US Department of Homeland Security aims to force a reticent industry to improve its ability to detect and respond to cybersecurity attacks.
Cybercrime , Cyberwarfare / Nation-State Attacks , Email Security & Protection Window Closing to Secure Small Organizations from Ransomware Jeremy Kirk (jeremy_kirk) • March 10, 2021 Computer security researchers have acquired an enormous list of compromised email servers from the perpetrators of the mass Microsoft Exchange compromises – a lucky but not uncommon…