What is Threat Intelligence?
Threat intelligence is information about threats and threat actors that helps mitigate harmful events in cyberspace. Threat intelligence sources include open-source intelligence, social media intelligence, human Intelligence, technical intelligence or intelligence from the deep and dark web.
Threat Intelligence Use Case 1 Healthcare Sector
Let go through some uses cases to demonstrate how you could use public threat intelligence. First, we will focus on the healthcare sector. The healthcare sector often relies on outdated and obsolete software, and the IT team may not have access to the necessary resources to keep up with modern security threats. That’s why conducting thorough threat intelligence research is crucial. Let’s make sure we do our due diligence and further investigate this issue. During our time at ABC Clinic, we came across a public announcement outlining how threat actors are specifically targeting the healthcare industry through the exploitation of CVE-2023-0669
To ensure we were fully informed about the threat, we conducted a thorough search of the National Vulnerability Database for CVE-2023-0669. Our findings indicated that this vulnerability is classified as high-risk with a base CVSS score of 7.2 and impacts earlier versions of the GoAnywhere software.
Given that a known threat is actively exploiting this vulnerability in our sector and that the vulnerability has a high CVSS score, it’s crucial that we determine whether any of our systems are affected by CVE-2023-0669. We’re currently working to assess the scope of the issue and determine if this CVE is applicable to our systems
As part of our assessment, we reviewed our organization’s software inventories and management systems to determine if any devices were impacted by CVE-2023-0669. During our nessus scans, we detected that a Windows 10 computer was running GoAnyWhere software version 7.1.1, which posed a significant risk. To mitigate the threat, we initiated our patch management process. Following careful planning, testing, and upgrading to GoAnyWhere software version 7.1.2, we successfully reduced our risk and improved our cybersecurity posture. We remain dedicated to continually enhancing our processes to maximize uptime and system security. Congratulations on a job well done!
Cyber Security Knowledge Center 
Leave a comment