Search Results
The default setting for search results displays All Content. If you prefer to see recent content only, please adjust the date filter.
Filter your results:
Types
Topics
56 Results Found
HC3 TLP White Sector Alert: EXIM Mail Transfer Agent (MTA) Vulnerabilities - May 6, 2021
On May 4, 2021 security researchers published a collaborated report identifying 21 vulnerabilities for EXIM, an open source email server platform. These vulnerabilities can be exploited remotely and allow for full compromise of the system. Several healthcare organizations appeared in a search engine result for internet-connected devices utilizing EXIM. HC3 recommends all healthcare organizations that operate EXIM platforms immediately apply appropriate patches.
HC3 TLP White Sector Note: January 2021 Vulnerability Bulletin
In January 2021, a relatively small number of vulnerabilities in common information systems relevant to the healthcare sector have been disclosed to the public however the ones that were released warrant attention.
HC3 Sector Note TLP White - December 2020 Vulnerability Bulletin
In December, 2020, a number of vulnerabilities in common information systems relevant to the healthcare sector have been disclosed to the public however the ones that were released warrant attention.
Sector Alert TLP White: Department of Homeland Security releases Cloud/Email compromise detection tool Sparrow, Dec 29, 2020
In mid-December 2020, it was widely reported that a highly sophisticated, large-scale, supply chain cyberattack was conducted against the SolarWinds Orion network management platform which likely impacted almost 18,000 customers.
HC3 Sector Alert TLP White: Picture Archiving Communication Systems (PACS) Vulnerability Dec. 15, 2020
Picture Archiving Communication Systems (PACS) are widely used by hospitals, research institutions, clinics and small healthcare practices for sharing patient data and medical images. In 2019, researchers disclosed a vulnerability in these systems that if exploited could potentially expose patient data.
Health Sector Cybersecurity Coordination Center (HC3) Sector Alert
On December 13, 2020, FireEye and SolarWinds released security advisories detailing a highly-skilled and highly-targeted, manual supply chain attack on the SolarWinds Orion Platform network management system that leverages software updates to deploy a backdoor to victim organizations.
HC3 Sector Alert TLP White: BazarLoader Use in Ransomeware Campaigns
On September 28, 2020, security researchers openly shared recent observations associated with RYUK ransomware deployments.
HC3 TLP White Sector Alert: “Zerologon” Netlogon Remote Protocol Vulnerability
In August, Microsoft released a patch for a vulnerability that is applicable to the healthcare community. CVE-2020-1472.
HC3 Sector Alert TLP White: Citrix Endpoint Management (CEM) AKA XenMobile Server Critical Vulnerabilities
The XenMobile application is used by many businesses, including those in the HPH sector, and enables businesses to manage employees’ mobile devices and mobile applications by controlling device security settings and updates.
HC3 Sector Note TLP White: Pony/Fareit Malware: A Growing Threat to the Healthcare and Public Health Sector
Pony malware, also known as Fareit, Classified by Trend Micro as a Trojan-Spyware, this crimeware is primarily used to steal user and File Transfer Protocol (FTP) credentials and passwords, download other payloads, and bring compromised systems into a botnet.