lunes, 19 de junio de 2017

ASPR/CIP HPH Cyber Notice: Hidden Cobra and Microsoft Updates

HealthIT.gov Banner

ASPR/CIP HPH Cyber Notice: Hidden Cobra and Microsoft Updates


DISCLAIMER: This product is provided “as is” for informational purposes only. The Department of Health and Human Services (HHS) does not provide warranties of any kind regarding any information contained within. HHS does not endorse any commercial product or service referenced in this product or otherwise.
Healthcare and Public Health Sector partners:
Two reports were released by Microsoft and DHS this week about multiple vulnerabilities with Microsoft products, including the Windows operating system, and a threat by a group DHS labels as “Hidden Cobra”.  Both relate to the same type of vulnerability that allowed WannaCry to spread. Importantly, simply installing the Microsoft patches will not necessarily protect form “Hidden Cobra” since they use a wide range of vulnerabilities. DHS states “Hidden Cobra” targets are “…the media, aerospace, financial, and critical infrastructure sectors in the United States and globally”, so targeting of the Healthcare and Public Health sector systems and devices in the U.S. is possible. 
Please review the HHS Cybersecurity Program compilation of technical information and resources to support your efforts in mitigating this threat.
If you have any questions, contact the ASPR Critical Infrastructure Protection Team at cip@hhs.gov.

No hay comentarios: