Threat Intelligence

Microsoft Guidance for Mitigating PetitPotam NTLM Relay Attacks

MS Alert KB5005413 Microsoft has publicly released an alert, KB5005413: Mitigating NTLM Relay Attacks on Active Directory Certificate Services (AD CS), to address a NTLM Relay Attack, designated PetitPotam. The alert is supplied with active mitigation strategies and recommendations for...

Dell Boot Recovery Remote Code Execution (RCE)

TLP White Dell Boot Recovery Remote Code Execution (RCE) Vulnerability Impacts Millions of Devices Finished Intelligence Reports Jun 24, 2021, 09:19 AM Eclypsium security researchers have discovered a vulnerability in the Dell BIOSConnect feature available on at least 180 models of consumer and...

PREPARING FOR THE NEXT “SOLARWINDS” EVENT

TLP WHITE Health-ISAC / AHA Threat Intelligence   STRATEGIC THREAT INTELLIGENCE: PREPARING FOR THE NEXT “SOLARWINDS” EVENT   Health-ISAC, in cooperation with the American Hospital Association, has published our Strategic Threat Intelligence: Preparing for the Next "SolarWinds"...

INSIDER THREATS & CYBER ESPIONAGE

--TLP: White HEALTHCARE INNOVATION CAPITAL: Insider Threats & Cyber Espionage The Health-ISAC Threat Operations Center has created a one-page executive summary of our 14-page reportto publicly share key findings with the Health Sector. Membership has access to the full report here: Cyware...

Distributed Denial of Service (DDoS) Attacks

TLP WHITE: March 19, 2021 As information systems become more sophisticated, so do the methods used by the attackers. Criminal and nation state actors have long recognized the value of denial-of-service attacks which can cause serious business interruptions for any organization connected to the...

Health-ISAC Vulnerability Bulletin: Hafnium

China-backed Threat Actor HAFNIUM Exploiting Four Microsoft Exchange Zero-Days Pdf version: [pdf-embedder url="https://h-isac.org/wp-content/uploads/2021/03/China-backed-Threat-Actor-Hafnium-Exploiting-Four-Microsoft-Exchange-Zero-Days.pdf" title="China-backed Threat Actor Hafnium Exploiting...

Microsoft Urges Customers to Patch Critical Windows TCP/IP Bugs

  TLP WHITE: H-ISAC Threat Bulletin -- February 9, 2021 --- Microsoft has released a set of fixes affecting Windows TCP/IP implementation that includes two Critical Remote Code Execution (RCE) vulnerabilities (CVE-2021-24074, CVE-2021-24094) and an Important Denial of Service (DoS)...

Healthcare Heartbeat Quarterly Threat Report Q3 2020

Introduction Health-ISAC and Perch Security have created a joint report covering the top cyber threat trends that the healthcare sector faces. The purpose of this report is to share some of the threats and attack trends across the healthcare industry that Perch Security, in collaboration with...

Translate »