Public
American Hospital Association content that is available to the public and all website users.
Overview of Phobos Ransomware
Executive Summary
Phobos ransomware first surfaced in late 2017 with many researchers quickly discovering links between Phobos and the Dharma and CrySiS ransomware variants. The Phobos ransomware operators are known to primarily target small- to medium-sized…
The Cybersecurity and Infrastructure Security Agency (CISA) released a new report,
Agenda
Recent Ransomware Activity
Overview of Conti Ransomware
Conti vs. Healthcare
FBI Alert on Conti
Example of a Conti Infection
Real-world Conti Attacks
Conti Mapper to MITRE ATT&CK
Conti Mitigation Practices
References
Questions
View the entire report below.
Microsoft has released out-of-band security updates to address a remote code execution (RCE) vulnerability — known as PrintNightmare (CVE-2021-34527) — in the Windows Print spooler service.
Hospitals and health systems have frequently been the target of high-impact ransomware attacks. In this podcast, John Riggi, AHA senior advisor for cybersecurity and risk advisory services, speaks with John Delano, regional chief information officer at AdventHealth, and Michael Hamilton, chief…
Microsoft has released out-of-band security updates to address PrintNightmare, tracked as CVE-2021-34527, a remote code execution (RCE) vulnerability in the Windows Print Spooler service
On July 1, 2021, the National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and the UK’s National Cyber Security Centre (NCSC) released a Joint Cybersecurity Advisory regarding Russian General Staff Main Intelligence…
Since at least mid-2019 through early 2021, Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS), military unit 26165, used a Kubernetes® cluster to conduct widespread, distributed, and anonymized brute force access attempts against hundreds of…
This edition of Hacking Healthcare begins by evaluating the National Institute of Standards and Technology’s (NIST) definition of “critical software” and what that definition might mean for healthcare within the context of the cybersecurity executive order. Next, we take a look at a new US…
On July 6, 2021, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) published the Current Activity regarding customers affected by the Kaseya VSA Supply-Chain Ransomware Attack.