Cyber Threat Intelligence

This section contains publicly available Cyber Threat Intelligence reports including FBI and TLP-White reports. For access to restricted distribution reports see members-only cybersecurity resources.

 

H-ISAC Weekly Reports

H-ISAC Report: Hacking Healthcare - TLP White, August 11, 2020

H-ISAC Report: Hacking Healthcare - TLP White, July 28, 2020

H-ISAC Report: Hacking Healthcare - TLP White, July 15, 2020

H-ISAC Report: Hacking Healthcare - TLP White, July 15, 2020

H-ISAC Report: Hacking Healthcare - TLP White, July 7, 2020

H-ISAC Report: Hacking Healthcare - TLP White, July 1, 2020

H-ISAC Report: Hacking Healthcare - TLP White, June 24, 2020

H-ISAC Report: Hacking Healthcare - TLP White, June 10, 2020

H-ISAC Report: Hacking Healthcare - TLP White, June 2, 2020

H-ISAC Report: Hacking Healthcare - TLP White, May 27, 2020

H-ISAC Report: Hacking Healthcare - TLP White, May 19, 2020

H-ISAC Report: Hacking Healthcare - TLP White, May 13, 2020

H-ISAC Report: Hacking Healthcare - TLP White, May 6, 2020

H-ISAC Report: Hacking Healthcare - TLP White, March 24, 2020

H-ISAC Report: Hacking Healthcare - TLP White, March 17, 2020

H-ISAC Report: Hacking Healthcare - TLP White, March 10, 2020

H-ISAC Report: Hacking Healthcare - TLP White, March 3, 2020

H-ISAC Report: Hacking Healthcare - TLP White, February 25, 2020

H-ISAC Report: Hacking Healthcare - TLP White, February 19, 2020

H-ISAC Report: Hacking Healthcare - TLP White, February 11, 2020

H-ISAC Report: Hacking Healthcare - TLP White, February 4, 2020

H-ISAC Report: Hacking Healthcare - TLP White, January 29, 2020

H-ISAC Report: Hacking Healthcare - TLP White, January 21, 2020

H-ISAC Report: Hacking Healthcare - TLP White, January 14, 2020

H-ISAC Report: Hacking Healthcare - TLP White, January 7, 2020

H-ISAC Report: Hacking Healthcare - TLP White, December 17, 2019

H-ISAC Report: Hacking Healthcare - TLP White, December 10, 2019

H-ISAC Report: Hacking Healthcare - TLP White, December 3, 2019

H-ISAC Report: Hacking Healthcare - TLP White, November 12, 2019

H-ISAC Report: Hacking Healthcare - TLP White, November 5, 2019

H-ISAC Report: Hacking Healthcare - TLP White, October 29, 2019

H-ISAC Report: Hacking Healthcare - TLP White, October 22, 2019

H-ISAC Report: Hacking Healthcare - TLP White, October 15, 2019

H-ISAC Report: Hacking Healthcare - TLP White, October 8, 2019

H-ISAC Report: Hacking Healthcare - TLP White, September 3, 2019

H-ISAC Report: Hacking Healthcare - TLP White, August 27, 2019


FBI-TLP White Reports

FBI Cybersecurity Advisory TLP White: Russian GRU 85th GTsSS Deploys Previously Undisclosed Drovorub Malware August 2020

FBI Alert TLP White: Chinese Government-Mandated Tax Software Contains Malware, Enabling Backdoor Access, July 23, 2020

FBI PIN TLP White: Cyber Actors Exploiting Built-In Network Protocols (July 21, 2020)

FBI PIN TLP White: Electronic Logging Device Cybersecurity and Best Practices (July 21, 2020)

FBI Flash TLP White: Indictment of Chinese Cyber Actors associated with the Ministry of State Security (MSS) (July 21, 2020)

FBI PIN TLP White: Unattributed Cyber Actors Register Domains Spoofing Legitimate Airport Websites as a Possible Precursor to Future Operational Activity (June 12, 2020)

FBI PIN TLP White: Criminals and Nation-State Cyber Actors Conducting Widespread Pursuit of US Biological and COVID-19 Related Research (May 21, 2020)

FBI Alert MI-000122-MW: COVID-19 Email Phishing Against US Healthcare Providers (April 21, 2020)

FBI Alert I-040620-PSA: Corona Virus Business Email Compromises FBI PSA (April 6, 2020)

FBI Alert I-040120-PSA: Corona Virus Virtual Environment Threats FBI PSA (April 1, 2020)

TLP White: PIN 20191107-001: Cyber Actors Leverage Subscription-based Commercial Databases to Conduct Business Email Compromise Fraud against Construction Companies (November 7, 2019)

FBI Alert MC-000106-MW: Increased Number of Emotet Command and Control IP Addresses Identified (September 9, 2019)

FBI Alert 20190423-001: Cyber Insider Threat Actors Disrupt Networks and Steal Data, Inflicting Significant Losses to US Businesses, April 23, 2019

FBI Alert AB-000102-MW: Chinese APT10 intrusion activities target Government, Cloud-Computing Managed Service Providers and Customer networks worldwide (January 2, 2019)

FBI Alert ME-000092-TT: Malicious cyber activity of Iran-based Mabna Institute (March 23, 2018)


TLP White Reports

HC3 Threat Brief TLP White:  COVID-19 Cyber Threats (Update) (August 13, 2020) 

Insider Risk Programs for The Healthcare and Public Health Sector (July 2020)

HC3 Threat Briefing TLP White – The Dark Web and Cybercrime  (July 23, 2020)

HC3 Sector Alert: CVE-2020-1147: .NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability (July 21, 2020)

HC3  Sector Alert TLP White  Cybersecurity Vulnerabilities of Interest to The Health Sector (July 20, 2020)

HC3 Threat Briefing TLP White: Distributed Denial of Service (DDoS) (July 16, 2020)

HC3 Monthly Webinar July 23 - Dark Web and Cybercrime Deep Dive (July 15, 2020)

HC3 Analyst Note TLP White: Critical Vulnerability in F5 Network Management/Security (BIG-IP) Tools (July 8, 2020)

HC3 Sector Alert TLP White: CVE-2020-2021 PAN-OS: Authentication Bypass in SAML Authentication (June 30, 2020)

HC3 Threat Briefing TLP White: Dridex Malware Report (June 25, 2020)

Health Sector Cybersecurity Coordination Center Cyber Threat Briefing Series: WebEx Guide (June 12, 2020)

HC3 Cyber Alert TLP White:  APT and Cybercriminal Targeting of HCS (June 9, 2020)

HC3 Cyber Brief  TLP White:  Social Media Attacks, (June 4, 2020)

HC3 Cyber Alert TLP White: Maze Ransomware, (June 4, 2020)

HC3 TLP White: Web Shell Malware:Threats and Mitigations (May 21, 2020)

HC3 Sector Alert TLP White: Cybersecurity Vulnerabilities of Interest to the Health Sector (May 19, 2020)

HC3 TLP White: COVID-19 Related Nation-State and Cyber Criminal Targeting of the Healthcare Sector (May 14, 2020)

HC3 Sector Alert TLP White: Sophos XG Firewall SQLi Vulnerability Recently Exploited by Asnarök Malware (May 7, 2020)

CISA Report: Reducing the Risk of A Successful Cyber Attack (May 2020)

CISA Report: Guidance for Securing Video Conferencing (May 1, 2020)

CISA: Telework Guidance and Resources, (May 1, 2020)

HC3 Threat Briefing TLP White: Threat Modeling for Mobile Health Systems (4/30/2020)

HC3 Alert TLP White VMWare Directory Service Critical Vulnerability (April 15, 2020)

DHS/CISA Alert on Corona scams Including SMS Frauds (April 8, 2020)

CISA Alert: Mozilla Patches Critical Vulnerabilities in Firefox, Firefox ESR (April 3, 2020)

HC3 Intelligence Briefing TLP White: 2019 Threats Posed to Healthcare Sector by Use of Third-Party Services (April 2, 2020)

HHS Cybersecurity Program TLP White Securely Teleworking in Healthcare (March 26, 2020)

HC3 TLP White: APT41 Citrix and Zoho Attacks on Healthcare, March 26, 2020

HC3 Intelligence Briefing Multifactor Authentication, March 19, 2020

HHS Cybersecurity Program: HC3 Intelligence Briefing Wearable Device Security TLP White (March 19, 2020)

HHS Cybersecurity Program: HC3 Intelligence Briefing: A.I. Application and Security Implications in the Healthcare Industry TLP White (Feb. 6, 2020)

HC3 Report: Coronavirus Themed E-mail Phishing Health Sector (February 3, 2020)

CISA Alert: AA20-031A: Detecting Citrix CVE-2019-19781 (January 31, 2020)

HC3 Intelligence Briefing Zeppelin Ransomware TLP White (January 23, 2020)

HC3 Intelligence Briefing: Botnet Threat to the Healthcare Industry TLP White (January 16, 2020)

Presidents National Infrastructure Advisory Council Report on Cyber Threats (December 12, 2019)

HC3 Threat Brief Intelligence Briefing Remote Desktop Protocol Exploitation (November 21-

HC3 Intelligence Briefing Physical Access Control (Nov 14, 2019)

Related Resources

Guides/Reports
As a member of the Healthcare and Public Health Sector, you play a significant role in national security by protecting the nation and its economy from hazards…
Standards/Guidelines
Public
Agent Tesla is an established Remote Access Trojan (RAT) written in .Net. A successful deployment of Agent Tesla provides attackers with full computer or…
Webinar Recordings
Public
The U.S. Department of Health and Human Services’ (HHS) Health Sector Cybersecurity Coordination Center (HC3) invites you to join its monthly cybersecurity…
Guides/Reports
Working from Home during COVID-19 Pandemic During the COVID-19 pandemic, many physicians are working from home, using their personal computers and mobile…
Guides/Reports
Public
Mozilla Patches Critical Vulnerabilities in Firefox, Firefox ESR 04/03/2020 04:45 PM EDT Original release date: April 3, 2020 Mozilla has released security…
Special Bulletin
Public
A recent campaign of cyberattacks from a foreign threat actor targeted healthcare organizations and specifically exploited Citrix and Zoho technologies used…