Following the release of a U.S. Cybersecurity & Infrastructure Security Agency (US-CERT) Coordination Center VulNote “for a critical remote code execution vulnerability in the Windows Print spooler services” on June 30, 2021, Microsoft issued new guidance for the vulnerability (CVE-2021-34527) on July 1, updated guidance on July 2, 2021, and an emergency patch on July
US-CERT
VPN Packages Store Cookies Insecurely
The Department of Homeland Security (DHS) issued a warning on April 15, 2019, entitled “VPN Applications Insecurely Store Session Cookies” (Vulnerability Note VU#192371) stating that “[M]ultiple Virtual Private Network (VPN) applications store the authentication and/or session cookies insecurely in memory and/or log files.”
The affected products identified by DHS are:
- Palo Alto Networks GlobalProtect Agent
…
US-CERT Issues Advisory About Vulnerabilities in Patient Monitors
The U.S. Department of Homeland Security Industrial Control Systems Cyber Emergency Team (US-CERT) recently issued an advisory outlining three vulnerabilities of Drager Infinity Delta patient monitoring devices.
The vulnerabilities affect all versions of the Drager models—Delta, Delta XL, Kappa, and infinity Explorer C700—patient monitoring devices. According to the alert, the three security flaws include:
- Exposure
…
Privacy Tip #167 – IRS Issues Warning About Tax Transcript Scam
The Internal Revenue Service (IRS) has issued a warning to consumers about an email that appears to come from “IRS Online.” The email is designed to get the recipient to click on an attachment labeled “Tax Account Transcript” or “tax transcript,” which is infected with the Emotet malware.
Tax transcripts are summaries of your tax…
OCR Warns of Cyber Extortion and Provides Checklist
In its January newsletter, the Office for Civil Rights (OCR) focused on cyber extortion, which it stated has “risen steadily over the past couple of years and continue to be a major source of disruption for many organizations.” Since the health care industry has been the target of cyber extortion attacks, the OCR is…
US-CERT Warns of New Ransomware: Bad Rabbit
The U.S. Computer Emergency Readiness Team (US-CERT)is warning companies in the U.S. about a new ransomware dubbed “Bad Rabbit.” US-CERT stated that it has received multiple reports of infections by Bad Rabbit in countries around the world.
According to security researchers, Bad Rabbit poses as an Adobe update and when the user clicks on the…
Office of the National Coordinator Issues Guidance After NotPetya Attack
Following the most recent ransomware attack, known as NotPetya, (among other nicknames), many health care entities were victims of the ransomware, which prompted the Office of the National Coordinator (ONC) to issue guidance to assist health care entities in the aftermath.
In two separate warnings/updates, ONC provides guidance to health care entities on what to…
Post-WannaCry—US-CERT Warns of Samba Security Flaw
Following the massive WannaCry event, the mantra among security folks is push patches to vulnerabilities as soon as they are released.
US-CERT issued a warning late last week that there is a newly discovered flaw, CVE-2017-7494, that exists in Samba, which can be exploited via mass attacks. Samba provides Windows-based file and print services for…
Take-Aways from WannaCry
We have read multiple reports on WannaCry and if you are reading this and don’t know what WannaCry is, Google it for the background story. The clear message is this is not the last major attack we will see, and future attacks will only get more sophisticated. It is being estimated that the cost associated with responding to WannaCry will exceed $4 billion.
Here are our take-aways that may be a useful summary for our readers:
- The healthcare industry is particularly vulnerable to future attacks and should get prepared for them
- Make cybersecurity a risk management priority in the organization
- Implement patches as soon as they are pushed by product companies
- Share cyber intrusion information with authorities to stave off attacks and the spread of attacks
- Get that back-up plan up and running and TEST it
- You get what you pay for if you buy pirated software—which is a crime
- Pay attention to industry alerts as you receive them from the FBI and other governmental authorities
- Consider purchasing appropriate cyber liability insurance to cover losses associated with cyber attacks, data breaches, ransomware and business interruption, and use a broker who is familiar with appropriate coverage
- Check out the resources published by US-CERT and the Disaster Information Management Research Center on WannaCry
- Get involved in the debate of whether the government should share known cyber vulnerabilities with companies—the debate is around whether government intelligence services should balance the use of vulnerabilities in software for espionage and cyber warfare with sharing their findings with technology companies so they can secure the flaw.
OCR Urges Covered Entities and Business Associates to Use HTTPS
New guidance from the Office for Civil Rights (OCR) urges covered entities and business associates to use Secure Hypertext Transport Protocol (HTTPS) to protect communications from vulnerabilities.
According to OCR, the vulnerability can be introduced by the use of products that inspect HTTPS traffic. These products are used to detect malware or unsafe connections, which…