The American Hospital Association and FBI are urging hospitals and health systems that are Oracle customers to “immediately” fix a security flaw that cybercriminals are likely already leveraging to hack into networks. The security gap in the Oracle E-Business Suite allows remote access to the program without a username or password.

‘This is ‘stop-what-you’re-doing and patch immediately’ vulnerability,” Brett Leatherman, assistant director of the FBI’s cyber division, posted Oct. 5 on LinkedIn. “The bad guys are likely already exploiting in the wild, and the race is on before others identify and target vulnerable systems.” The AHA recommends that hospitals and health systems share the advisory with their cybersecurity and IT teams right away. Organizations are advised to apply Oracle’s pat

See Full Page