Armis Discovers 9 Vulnerabilities in Infrastructure Used by 80% of Major Hospitals in North America
H-ISAC Vulnerability Bulletins -- Aug 02, 2021, 10:13 AM Armis researchers have identified nine critical vulnerabilities in one of the leading providers for pneumatic tube systems (PTS) in North America, the Translogic PTS system developed by Swisslog Healthcare. This Translogic PTS system is...
Microsoft Guidance for Mitigating PetitPotam NTLM Relay Attacks
MS Alert KB5005413 Microsoft has publicly released an alert, KB5005413: Mitigating NTLM Relay Attacks on Active Directory Certificate Services (AD CS), to address a NTLM Relay Attack, designated PetitPotam. The alert is supplied with active mitigation strategies and recommendations for...
Dell Boot Recovery Remote Code Execution (RCE)
TLP White Dell Boot Recovery Remote Code Execution (RCE) Vulnerability Impacts Millions of Devices Finished Intelligence Reports Jun 24, 2021, 09:19 AM Eclypsium security researchers have discovered a vulnerability in the Dell BIOSConnect feature available on at least 180 models of consumer and...
PREPARING FOR THE NEXT “SOLARWINDS” EVENT
TLP WHITE Health-ISAC / AHA Threat Intelligence STRATEGIC THREAT INTELLIGENCE: PREPARING FOR THE NEXT “SOLARWINDS” EVENT Health-ISAC, in cooperation with the American Hospital Association, has published our Strategic Threat Intelligence: Preparing for the Next "SolarWinds"...
INSIDER THREATS & CYBER ESPIONAGE
--TLP: White HEALTHCARE INNOVATION CAPITAL: Insider Threats & Cyber Espionage The Health-ISAC Threat Operations Center has created a one-page executive summary of our 14-page reportto publicly share key findings with the Health Sector. Membership has access to the full report here: Cyware...
Distributed Denial of Service (DDoS) Attacks
TLP WHITE: March 19, 2021 As information systems become more sophisticated, so do the methods used by the attackers. Criminal and nation state actors have long recognized the value of denial-of-service attacks which can cause serious business interruptions for any organization connected to the...
Health-ISAC Vulnerability Bulletin: Hafnium
China-backed Threat Actor HAFNIUM Exploiting Four Microsoft Exchange Zero-Days Pdf version: [pdf-embedder url="https://h-isac.org/wp-content/uploads/2021/03/China-backed-Threat-Actor-Hafnium-Exploiting-Four-Microsoft-Exchange-Zero-Days.pdf" title="China-backed Threat Actor Hafnium Exploiting...
Microsoft Urges Customers to Patch Critical Windows TCP/IP Bugs
TLP WHITE: H-ISAC Threat Bulletin -- February 9, 2021 --- Microsoft has released a set of fixes affecting Windows TCP/IP implementation that includes two Critical Remote Code Execution (RCE) vulnerabilities (CVE-2021-24074, CVE-2021-24094) and an Important Denial of Service (DoS)...
Healthcare Heartbeat Quarterly Threat Report Q3 2020
Introduction Health-ISAC and Perch Security have created a joint report covering the top cyber threat trends that the healthcare sector faces. The purpose of this report is to share some of the threats and attack trends across the healthcare industry that Perch Security, in collaboration with...
Nation State Recruiting via Fraudulent LinkedIn Profiles
H-ISAC created this TLP White alert to share with the Healthcare Sector from actual incidents its members have experienced in recent weeks. Pdf version: [pdf-embedder url="https://h-isac.org/wp-content/uploads/2020/10/5b47f99e-Nation-State-Recruiting-via-Fraudulent-LinkedIn-Profiles.pdf"...