DIVD-2022-00017 - Global Healthcare Vulnerabilities

Our reference	DIVD-2022-00017
Case lead	Victor Gevers
Researcher(s)	Victor Gevers Ralph Horn Jelle Ursem
CVE(s)	n/a
Product	n/a
Versions	any
Recommendation	If you received a notification of a vulnerability, patch your system with the information provided in this notification.
Status	Closed
Last modified	02 Jul 2023 20:23 CEST

Summary

DIVD started looking for vulnerabilities worldwide. This effort is aimed at vulnerabilities regarding healthcare providers’ assets reachable via the public internet.

What you can do

If you receive a notification, make sure the vulnerability described in that notification is patched. The notification will be sent along with a location and description of the vulnerability. If you have any questions regarding the mitigation of these vulnerabilities, feel free to reply to the email, and we’ll gladly help.

What we are doing

DIVD is currently searching for charities and scanning these healthcare providers for known vulnerabilities. Any healthcare provider that is found to be vulnerable receives an email with the information.

Closing this case

As this case was scoped for the year 2022 we’re closing this case, but will of course continue to pay special attention to vulnerabilities for parties in the Healthcare space. Do note that the ammount of notifications sent specifically under this case ID might be low, but we have filtered out many vulnerabilities for healthcare providers during our other cases and gave special attention and care to having them remediated.

Timeline

Date	Description
10 Mar 2022- 01 Mar 2023	DIVD started scraping for healthcare services globally.

gantt title DIVD-2022-00017 - Global Healthcare Vulnerabilities dateFormat YYYY-MM-DD axisFormat %e %b %Y section Case DIVD-2022-00017 - Global Healthcare Vulnerabilities (356 days) :2022-03-10, 2023-03-01 section Events DIVD started scraping for healthcare services globally. (356 days) : 2022-03-10, 2023-03-01

DIVD CSIRT