HC3 Sector Alert
In recent days, a significant number of vulnerabilities in common information systems relevant to the healthcare sector have been disclosed to the public. These vulnerabilities are from Microsoft, Adobe, Oracle, Cisco and Google, as well as others.
Top malware detections for the month of May 2020 by the EINSTEIN national IDS included NetSupport Manager RAT, Kovter, and XMRig.
On June 29, 2020, Palo Alto Networks announced a vulnerability (CVE-2020-2021) affecting their PAN-OS firewall software.
On June 17, 2020, researchers reported on a bus driver installed by FabulaTech for their “USB for Remote Desktop” software that has a vulnerability (tracked as CVE-2020-9332). The vulnerability allows a non-privileged user to potentially take over a targeted device on the network.
Pony malware, also known as Fareit, Classified by Trend Micro as a Trojan-Spyware, this crimeware is primarily used to steal user and File Transfer Protocol (FTP) credentials and passwords, download other payloads, and bring compromised systems into a botnet.