Log4j Vulnerability Affects Multiple Apache and Legacy Services
Log4j Vulnerability Affects Multiple Apache and Legacy Services Exploit Code Publicly Released Vulnerability Bulletin Alert # ea51506b PDF Version Proof-of-concept exploit code for a critical zero-day vulnerability, designated CVE-2021-44228, in the Apache Log4j Java-based logging library has...
FBI, Health-ISAC Discuss Latest Ransomware Attacks on Hospitals
Link to this podcast and other resources on the American Hospital Association website: https://www.aha.org/advancing-health-podcast/2021-11-22-fbi-h-isac-discuss-latest-ransomware-attacks-hospitals PUBLIC / PRIVATE INFORMATION SHARING In this podcast John Riggi, AHA’s senior advisor...
Cyber Threat Actors Leveraging Right-to-Left Override (RTLO) in Recent Attacks
TLP WHITE: Threat Bulletins Aug 09, 2021, 12:57 PM TTPs: Cyber security researchers are aware of malicious actors leveraging masquerade and obfuscation techniques to deliver harmful files via email to healthcare organizations. The threat actors are using a legitimate feature of Right-to-Left...
Armis Discovers 9 Vulnerabilities in Infrastructure Used by 80% of Major Hospitals in North America
H-ISAC Vulnerability Bulletins -- Aug 02, 2021, 10:13 AM Armis researchers have identified nine critical vulnerabilities in one of the leading providers for pneumatic tube systems (PTS) in North America, the Translogic PTS system developed by Swisslog Healthcare. This Translogic PTS system is...
Microsoft Guidance for Mitigating PetitPotam NTLM Relay Attacks
MS Alert KB5005413 Microsoft has publicly released an alert, KB5005413: Mitigating NTLM Relay Attacks on Active Directory Certificate Services (AD CS), to address a NTLM Relay Attack, designated PetitPotam. The alert is supplied with active mitigation strategies and recommendations for...
Dell Boot Recovery Remote Code Execution (RCE)
TLP White Dell Boot Recovery Remote Code Execution (RCE) Vulnerability Impacts Millions of Devices Finished Intelligence Reports Jun 24, 2021, 09:19 AM Eclypsium security researchers have discovered a vulnerability in the Dell BIOSConnect feature available on at least 180 models of consumer and...
PREPARING FOR THE NEXT “SOLARWINDS” EVENT
TLP WHITE Health-ISAC / AHA Threat Intelligence STRATEGIC THREAT INTELLIGENCE: PREPARING FOR THE NEXT “SOLARWINDS” EVENT Health-ISAC, in cooperation with the American Hospital Association, has published our Strategic Threat Intelligence: Preparing for the Next "SolarWinds"...
INSIDER THREATS & CYBER ESPIONAGE
--TLP: White HEALTHCARE INNOVATION CAPITAL: Insider Threats & Cyber Espionage The Health-ISAC Threat Operations Center has created a one-page executive summary of our 14-page reportto publicly share key findings with the Health Sector. Membership has access to the full report here: Cyware...
Distributed Denial of Service (DDoS) Attacks
TLP WHITE: March 19, 2021 As information systems become more sophisticated, so do the methods used by the attackers. Criminal and nation state actors have long recognized the value of denial-of-service attacks which can cause serious business interruptions for any organization connected to the...
Health-ISAC Vulnerability Bulletin: Hafnium
China-backed Threat Actor HAFNIUM Exploiting Four Microsoft Exchange Zero-Days Pdf version: [pdf-embedder url="https://h-isac.org/wp-content/uploads/2021/03/China-backed-Threat-Actor-Hafnium-Exploiting-Four-Microsoft-Exchange-Zero-Days.pdf" title="China-backed Threat Actor Hafnium Exploiting...