HC3 issues alert on vulnerabilities in certain Oracle products; Microsoft warns of Russian spear-phishing campaign 

Oct 30, 2024 - 03:18 PM
cybersecurity-hand-lock-graphic_900x400

The Health Sector Cybersecurity Coordination Center on Oct. 28 released a report on the "Miracle Exploit," a set of critical vulnerabilities affecting Oracle applications. "These vulnerabilities give an attacker the ability to execute remote code on victim systems without authentication or detection," said Scott Gee, AHA deputy national advisor of cybersecurity and risk. "Organizations using affected Oracle products are advised to apply patches urgently to avoid exploitation." 
 
The health sector and others Oct. 29 were also alerted to an unrelated threat from a Russian cyber actor called "Midnight Blizzard," who has been observed conducting a spear phishing campaign delivering phishing emails to targets in various sectors. According to Microsoft, the campaign is likely used to gather information from targets. The alert includes additional information, mitigations, hunting queries and indicators of compromise.  
 
Midnight Blizzard was observed impersonating Microsoft employees and sending emails with social engineering lures related to Microsoft, Amazon Web Services and the concept of Zero Trust. Successful attacks provide the threat actor with sensitive information from the compromised device as the threat actor-controlled server maps the victims’ local device resources to their server. 
 
“These phishing emails are well-crafted and targeted to the recipient,” said Gee. “From a cybersecurity perspective, some best practices can help to mitigate both of these dangerous attacks. Effective patch management prevents the Oracle vulnerability and training allows users to recognize phishing emails and — more importantly — not click on unknown links in emails, preventing the phishing attack. Both of these preventative measures are listed in the essential Cybersecurity Performance Goals. The AHA strongly recommends that all health care organizations, including third party suppliers, implement the voluntary CPGs. These guidelines will help to harden your defenses against cyberattacks.”  
 
For more information on this or other cyber and risk issues contact Gee at sgee@aha.org. For the latest threat information and other cyber and risk resources visit www.aha.org/cybersecurity
 

Related News Articles

Headline
NIST says critical vulnerability found in 7-Zip archiving software
A critical vulnerability has been identified in 7-Zip, a free software program used for archiving data, according to the National Institute of Standards and…
Headline
Agencies release guide to protect against bulletproof hosting provider cybercrimes 
U.S. and international agencies Nov. 19 released a guide on mitigating potential cybercrimes from bulletproof hosting providers. A BPH provider is an internet…
Headline
Agencies release updated guidance to combat Akira ransomware following recent attacks
A joint advisory issued yesterday by U.S. and international agencies provides updated guidance to defend against the Akira ransomware group, which…
Headline
Agencies release guidance on Microsoft Exchange server best practices
The National Security Agency, Cybersecurity and Infrastructure Security Agency and international partners released joint guidance Oct. 30 on best practices for…
Headline
Microsoft issues security update addressing critical vulnerability impacting Windows server services 
Microsoft has released a security update to address a critical remote code execution vulnerability impacting multiple versions of Windows Server Update…
Headline
2025 Cybersecurity Year in Review, Part Two: Mitigating Third-Party Risk, Ensuring Clinical Continuity and Addressing AI Risk
In part two of a recent blog, AHA National Advisor for Cybersecurity and Risk John Riggi and AHA Deputy National Advisor for Cybersecurity and Risk Scott Gee…