HC3: Monthly Cybersecurity Vulnerability Bulletin

October 05, 2023
TLP:CLEAR
Report: 202310051200

September Vulnerabilities of Interest to the Health Sector
In September 2023, vulnerabilities to the health sector have been released that require attention. This
includes the monthly Patch Tuesday vulnerabilities released by several vendors on the second Tuesday of
each month, along with mitigation steps and patches. Vulnerabilities for September are from Microsoft,
Google/Android, Cisco, Apple, Mozilla, SAP, Fortinet, VMWare, Progress Software, and Adobe. A
vulnerability is given the classification as a zero-day when it is actively exploited with no fix available or if it
is publicly disclosed. HC3 recommends patching all vulnerabilities with special consideration to the risk
management posture of the organization.

Read the full report at HHS.

Two U.K. teenagers appear in court over Transport of London cyber attack
ModMed revealed they were victims of a cyberattack in July. Then some data showed up for sale.
Confidence in ransomware recovery is high but actual success rates remain low
Protected health information of 462,000 members of Blue Cross Blue Shield of Montana involved in Conduent data breach
Resource: NY DFS Issues New Cybersecurity Guidance to Address Risks Associated with the Use of Third-Party Service Providers
Bombay High Court Orders Department of Telecommunications to Block Medusa Accounts After Generali Insurance Data Breach

Related: