HC3 Sector Alert
A recent security report identified 3 zero-day exploits for SonicWall Email Security (ES).
In January 2021, a relatively small number of vulnerabilities in common information systems relevant to the healthcare sector have been disclosed to the public however the ones that were released warrant attention.
In December, 2020, a number of vulnerabilities in common information systems relevant to the healthcare sector have been disclosed to the public however the ones that were released warrant attention.
In mid-December 2020, it was widely reported that a highly sophisticated, large-scale, supply chain cyberattack was conducted against the SolarWinds Orion network management platform which likely impacted almost 18,000 customers.
Picture Archiving Communication Systems (PACS) are widely used by hospitals, research institutions, clinics and small healthcare practices for sharing patient data and medical images. In 2019, researchers disclosed a vulnerability in these systems that if exploited could potentially expose patient…
On December 13, 2020, FireEye and SolarWinds released security advisories detailing a highly-skilled and highly-targeted, manual supply chain attack on the SolarWinds Orion Platform network management system that leverages software updates to deploy a backdoor to victim organizations.
On September 28, 2020, security researchers openly shared recent observations associated with RYUK ransomware deployments.
In August, Microsoft released a patch for a vulnerability that is applicable to the healthcare community. CVE-2020-1472.
The XenMobile application is used by many businesses, including those in the HPH sector, and enables businesses to manage employees’ mobile devices and mobile applications by controlling device security settings and updates.
On July 14, 2020, Microsoft released a patch for CVE-2020-1147. If left unpatched the vulnerability, which affects Microsoft SharePoint, .NET Framework, and Visual Studio, could allow an attacker to run arbitrary code.