CVE-2021-27461
A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected webserver applications allow access to stored data that can be obtained by using specially crafted URLs.
Similar Posts
Malspam Campaign Used Hancitor to Download Cuba Ransomware
Cybercrime , Cybercrime as-a-service , Email Security & Protection Attackers Co-Opted Malware for Data Exfiltration and Ransom, Group-IB Finds Akshaya Asokan (asokan_akshaya) • May 8, 2021 Attackers co-opted the Hancitor malware downloader and recently used it to deliver Cuba ransomware as part of an email spam campaign for data exfiltration and ransom extortion,…
Deloitte & Touche buys up most of CloudQuest – Channel EYE
Posted on June 8, 2021 by Nick Farrell – News Deloitte & Touche has made its second cloud cybersecurity acquisition of the year, buying almost all CloudQuest’s assets. The idea is that CloudQuest’s cloud-native security capabilities will help Deloitte more seamlessly manage security workflows, reduce risk and improve data security as it expands its portfolio…
Utilizing Data Opportunities and Risks in Insurance to Protect Customers and Drive Greater Differentiation
Fraud Management & Cybercrime , Fraud Risk Management , ID Fraud Insurers Have a Great Opportunity to Become Guardians of Customer Data Robert Harris • August 24, 2021 The rapid rise of digitalization and new data-gathering technologies has encouraged a lot of well-meaning advice about how insurers can use data more effectively to…
52% of Indian organisations suffered a successful cybersecurity attack in the last 12 months: Survey
Despite having the highest percentage of companies with an independent security budget, 52 per cent of organisations in India have fallen victim to a successful cybersecurity attack in the last 12 months, according to a survey by cybersecurity firm Sophos. According to the survey report, The Future of Cybersecurity in the Asia Pacific and Japan,…
Lazarus E-Commerce Attackers Also Targeted Cryptocurrency
Cryptocurrency Fraud , Cybercrime , Cyberwarfare / Nation-State Attacks Magecart-Style Attacks Included Bitcoin-Grabbing Functionality, Group-IB Reports Mathew J. Schwartz (euroinfosec) • April 15, 2021 Fake payment form, which opens in an iFrame element, discovered in Magecart-style attacks attributed to Lazarus (Source: Group-IB) Hackers with apparent ties to North Korea that hit e-commerce shops…
Ransomware Gangs ‘Playing Games’ With Victims and Public
3rd Party Risk Management , Business Continuity Management / Disaster Recovery , Critical Infrastructure Security ‘Free’ Decryptors and Promises of Retirement Plans Are Empty Criminal Marketing Spin Mathew J. Schwartz (euroinfosec) • May 21, 2021 “The affiliate program is closed. Stay safe and good luck,” DarkSide announced in this May 13 note. (Source:…