Summary of article from Robinson & Cole LLP, by Linn F. Freedman:
The Health Sector Cybersecurity Coordination Center (HC3) has recently issued two critical alerts for the healthcare sector. The first alert, dated June 18, 2024, concerns Qilin (also known as Agenda Ransomware), a ransomware-as-a-service (RaaS) that targets healthcare organizations through spear phishing and other tools, employing double extortion tactics. The second alert, issued on June 27, 2024, highlights a critical vulnerability in the MOVEit file transfer platform, urging healthcare organizations to promptly patch the identified improper authentication processes to prevent exploitation. Progress, the platform’s owner, has released patches, but the vulnerability remains actively targeted by cyber threat actors. HC3 emphasizes the urgency of addressing these threats to protect against data loss and compromise.