HC3 Analyst Note
Log4J is a Java-based, ubiquitous logging tool now known to have multiple
vulnerabilities, including multiple remote code execution flaws that can provide an
attacker total control of a system.
Mespinioza (also known as GOLD BURLAP and CYBORG SPIDER) is a cybercriminal group who operates PYSA ransomware, among other cyber weapons, and have been active since 2018.
The BrakTooth vulnerabilities came on the radar in August 31, 2021, after being discovered by the ASSET (Automated Systems Security) Research Group at the Singapore University of Technology and Design (SUTD).
On August 1, 2021, the Lazio region in Italy suffered a ransomware attack which impacted the region’s COVID-19 vaccination registration portal, thereby halting new vaccination appointments for days.
Overview of Phobos Ransomware
Executive Summary
Phobos ransomware first surfaced in late 2017 with many researchers quickly discovering links between Phobos and the Dharma and CrySiS ransomware variants. The Phobos ransomware operators are known to primarily target small- to medium-sized…
Conti ransomware has recently been brought back into the spotlight due to its attack on Ireland’s national health system - the Health Service Executive (HSE).
Application Programming Interfaces (APIs) are a critical component to modern health information technology infrastructures.
VPN provider Ivanti Pulse Secure has released mitigations for multiple actively exploited vulnerabilities affecting the Pulse Connect Secure (PCS) SSL VPN appliance, including a new vulnerability tracked as CVE-2021-22893.
On 12 April 2021, security researchers disclosed a series of medium, high and critical severity DNS vulnerabilities impacting the TCP/IP stacks present in potentially millions of enterprise and consumer devices, with organizations in the healthcare and government sectors impacted most
In late March 2021, security researchers revealed details of a malicious campaign targeting the healthcare and public health (HPH) sector by leveraging call centers to distribute malware to its targets.