HC3 Sector Alert
Executive Summary
Since June 2020, unidentified threat actors have targeted vulnerabilities in certain Ivanti Pulse Connect Secure products. Threat actors gained initial access through the targeting of the following vulnerabilities: CVE-2019-11510, CVE-2020-8260, CVE-2020-8243, and CVE-2021-…
PrintNightmare is the name given to a critical remote code execution vulnerability in the Windows Print spooler service.
The Philips Vue PACS (Picture Archiving and Communication System) is an image-management software platform that enables hospitals to archive, distribute, display and retrieve images and data from all hospital modalities and information systems.
Picture Archiving Communication Systems (PACS) are widely used by hospitals, research institutions, clinics and small healthcare practices for sharing patient data and medical images. In 2019, researchers disclosed a vulnerability in these systems that demonstrated if the systems were exploited…
The Daily Recap of major Headlines, the “Good Stuff”, US Snapshots, US Vaccinations, US Variant Cases, key Highlights, as well as key Statistics, Vaccine and Treatment information, US Restrictions and the Back to Normal Index related to the novel coronavirus pandemic.
Executive Summary
A joint alert published on June 9, 2021, by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the United Kingdom (UK) National Cyber Security Centre (NCSC) has identified malicious activity attributed to the Democratic…
On May 28, 2020, Microsoft published details of a widespread campaign from a group they labeled NOBELIUM.
On May 5, 2021 Cisco advisories disclosed multiple vulnerabilities in their products. These vulnerabilities could allow an unauthorized user to execute arbitrary code, escalate privileges and gain access to sensitive information. Many of these vulnerabilities had a severity rating of either high…
Please see the attached weekly threat brief from the HHS Health Sector Cybersecurity Coordination Center (HC3). This week's briefing is on China's 14th Five Year Plan
On May 4, 2021 security researchers published a collaborated report identifying 21 vulnerabilities for EXIM, an open source email server platform. These vulnerabilities can be exploited remotely and allow for full compromise of the system. Several healthcare organizations appeared in a search…