Active! The virus known as H5N1 or highly pathogenic avian influenza (HPAI) was confirmed to be found in cattle in the United States. Human transmission of H5N1 is also confirmed. During this time, multiple countries have also issued a Joint Cyber Alert to Agriculture.
BIO-ISAC continues to update the situation.

​

If your organization needs support or wishes to disclose activities anonymously, please email help@isac.bio. 

​

Active! An ICS Medical Advisory regarding Illumina Universal Copy Service (UCS) regarding binding to an unrestricted IP address and execution with unnecessary privileges. Successful exploitation of these vulnerabilities could allow an attacker to take any action at the operating system level.

CVE details: 

- CVE-2023-1968 has been assigned a CVSS v3 base score of 10/10 

- CVE-2023-1966 has been assigned a CVSS v3 base score of 7.4/10 

​

In response, FDA issued a notification letter to health providers detailing the extent of the vulnerability and sourcing key materials and checkpoints for practitioners. 

​

If your organization is impacted as a result of this vulnerability and require assistance from BIO-ISAC, please email help@isac.bio. We will continue to update the community regarding this vulnerability.

​

Active! Critical Vulnerability in Illumina software (LRM) - CVSS 10/10 - Fix ASAP

(Includes hashes for patch, as verified with Illumina by BIO-ISAC)

​

BIO-ISAC has followed up on this vulnerability and has been able to positively confirm the hashes (file identity signature) for the patch that Illumina created for these critical vulnerabilities. Many of you asked for confirmation and BIO-ISAC engaged with Illumina to ensure that you are not installing a maliciously modified or patch that an opportunist attacker may have taken advantage of given that Illumina had not publicly confirmed the hashes for the correct patch - information below. 

Patch File Name: LocalRunManagerSecurityPatch.msi

SHA256: 595b724f1c5b4bac446001400b38b748b4ef05520b5489ea4711a2a4289e721a

SHA512: 52b5cfdc462b10011027e94f184c2f0da25b0b1363fddb7fa5793938d11f976259a7f73e77c2fd157f560439ec3df70446aa561b586dc8ef94db2ed95fcce841

​

For those of you who are not yet members of the BIO-ISAC, please consider joining the organization - it helps us do this vital work of engagement and vulnerability disclosure/follow through. Membership in the org also allows us to create programs like our emergency threat hunting service with our founding member John Hopkins Advanced Physics Laboratory (JHU APL). More about that program, including how to become involved for your organization, is detailed here: https://www.wired.com/story/biotech-security-threats/ and https://www.isac.bio/post/bio-isac-partners-to-provide-free-emergency-threat-hunting-service-to-bioeconomy-companies.

​

Thank you again to everyone involved. 

Active! An APT attack on vaccine manufacturing infrastructure.  More info.