HC3 Sector Alert

Jul 22, 2021
Executive Summary Since June 2020, unidentified threat actors have targeted vulnerabilities in certain Ivanti Pulse Connect Secure products. Threat actors gained initial access through the targeting of the following vulnerabilities: CVE-2019-11510, CVE-2020-8260, CVE-2020-8243, and CVE-2021-…
Jul 15, 2021
PrintNightmare is the name given to a critical remote code execution vulnerability in the Windows Print spooler service.
Jul 9, 2021
The Philips Vue PACS (Picture Archiving and Communication System) is an image-management software platform that enables hospitals to archive, distribute, display and retrieve images and data from all hospital modalities and information systems.
Jun 29, 2021
Picture Archiving Communication Systems (PACS) are widely used by hospitals, research institutions, clinics and small healthcare practices for sharing patient data and medical images. In 2019, researchers disclosed a vulnerability in these systems that demonstrated if the systems were exploited…
Jun 29, 2021
The Daily Recap of major Headlines, the “Good Stuff”, US Snapshots, US Vaccinations, US Variant Cases, key Highlights, as well as key Statistics, Vaccine and Treatment information, US Restrictions and the Back to Normal Index related to the novel coronavirus pandemic.
Jun 10, 2021
Executive Summary A joint alert published on June 9, 2021, by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the United Kingdom (UK) National Cyber Security Centre (NCSC) has identified malicious activity attributed to the Democratic…
May 28, 2021
On May 28, 2020, Microsoft published details of a widespread campaign from a group they labeled NOBELIUM.
May 12, 2021
On May 5, 2021 Cisco advisories disclosed multiple vulnerabilities in their products. These vulnerabilities could allow an unauthorized user to execute arbitrary code, escalate privileges and gain access to sensitive information. Many of these vulnerabilities had a severity rating of either high…
May 6, 2021
Please see the attached weekly threat brief from the HHS Health Sector Cybersecurity Coordination Center (HC3). This week's briefing is on China's 14th Five Year Plan
May 6, 2021
On May 4, 2021 security researchers published a collaborated report identifying 21 vulnerabilities for EXIM, an open source email server platform. These vulnerabilities can be exploited remotely and allow for full compromise of the system. Several healthcare organizations appeared in a search…