close
close

HC3 issues alerts about vulnerabilities in certaOracle products; Microsoft warns of Russian spear-phishing campaign

Posted on by Bobb
HC3 issues alerts about vulnerabilities in certaOracle products; Microsoft warns of Russian spear-phishing campaign

The Healthcare Cybersecurity Coordination Center published on October 28 report about the “Miracle Exploit” – a set of critical vulnerabilities affecting Oracle applications. “These vulnerabilities give an attacker the ability to remotely execute code on victim systems without authentication or detection,” said Scott Gee, AHA deputy national advisor for cybersecurity and risk. “Organizations using affected Oracle products are advised to immediately apply patches to avoid exploitation.”

The health sector and others on October 29 were also warned to an unrelated threat from a Russian cybercriminal named “Midnight Blizzard”, who was seen running a spear phishing campaign delivering phishing emails to targets in various sectors. According to Microsoft, the campaign is likely being used to collect information from targets. The alert includes additional information, remediation measures, hunting requests, and indicators of compromise.

Midnight Blizzard was observed posing as Microsoft employees and sending out emails containing social engineering baits related to Microsoft, Amazon Web Services, and the concept of zero trust. Successful attacks provide the attacker with sensitive information from the compromised device as the attacker-controlled server maps the local resources of the victim’s device to their server.

“These phishing emails are well crafted and targeted to the recipient,” Gee said. “From a cybersecurity perspective, some best practices can help mitigate both of these dangerous attacks. Effective patch management prevents Oracle from being vulnerable, and training allows users to recognize phishing emails and, more importantly, avoid clicking on unknown links in emails, preventing a phishing attack. Both of these preventive measures are listed in the main Cybersecurity Performance Goals. The AHA strongly encourages all healthcare organizations, including third-party providers, to implement voluntary CPGs. These recommendations will help strengthen your defenses against cyber attacks.”

For more information on these or other cybersecurity and risk issues, contact Gee at [email protected]. For the latest threat information and other cybersecurity and risk resources, visit www.aha.org/cybersecurity.