HC3 Sector Alert
The FBI shared indicators of compromise (IOCs) associated with the ransomware threat actors the OnePercent Group.
Executive Summary
In July 2021, vulnerabilities in common information systems relevant to the healthcare sector have been disclosed to the public and warrant attention. This includes the Patch Tuesday vulnerabilities – released by several vendors on the second Tuesday of each month – as well as…
A zero-day command injection vulnerability has been identified in Fortinet’s FortiWeb web application firewall (WAF) and effects versions 6.3.11 and earlier.
Executive Summary
BlackBerry identified the following products are affected by an integer overflow vulnerability (CVE-2021-22156) with CVSS Score 9.0: BlackBerry QNX Software Development Platform (SDP) version 6.5.0SP1 and earlier, QNX OS for Medical 1.1 and earlier, and QNX OS for Safety 1.0.1.…
Please see the attached HHS Office of the Chief Information Officer HC3 Threat Briefing – Qbot/QakBot. You may distribute through your appropriate channels for the level of information as marked (TLP: WHITE)
Nine vulnerabilities (dubbed PwnedPiper) were recently discovered in a brand (Swisslog) of pneumatic tubes.
Nine vulnerabilities (dubbed PwnedPiper) were recently discovered in a brand (Swisslog) of pneumatic tubes – the tube systems within many hospitals and other healthcare organizations which transports small items such as lab samples, blood, tissue or medication from one part of the medical facility…
Microsoft identified a vulnerability which can allow an attacker to gain administrative privileges or execute code of their choice on certain Windows systems, including many Windows client and server versions released since October 2018.
Executive Summary
The recently released Joint Cybersecurity Advisory coauthored by the U.S. Cybersecurity and Infrastructure Security Agency, U.S. Federal Bureau of Investigation, U.K. National Cyber Security Centre, and Australian Cyber Security Centre contains information on the top 30…
Twelve vulnerabilities, with an overall CVSS score of 9.8, have been discovered in firmware provided by UDP Technology to security camera manufacturer Geutebrück, affecting four camera, and two encoder lines.