Public
American Hospital Association content that is available to the public and all website users.
A new report released by the World Economic Forum finds that freeing ourselves of passwords will actually make us safer and businesses more efficient.
In this edition of Hacking Healthcare, we tackle three significant document releases that will
affect numerous aspects of the healthcare sector. First, we dive into the final report issued by
the Cyberspace Solarium Commission and recap a handful of recommendations that are likely
to have the…
As the nation’s hospitals and health systems, physicians, caregivers and staff treat and care for patients and our communities, there are others in the world seeking to exploit the COVID-19 pandemic for financial gain. Particularly, cyber criminals.
A malicious website pretending to be the live map for Coronavirus COVID-19 Global Cases by Johns Hopkins University is circulating on the internet waiting for unwitting internet users to visit the website. Visiting the website infects the user with the AZORult trojan, an information stealing…
This document describes a particular problem that is relevant across the healthcare sector. NCCoE cybersecurity experts will address this challenge through collaboration with members of the healthcare sector and vendors of cybersecurity solutions. The resulting reference design will detail an…
AHA, health care associations letter to Vice President Pence, Speaker Pelosi, Leader McConnell, Leader McCarthy, and Leader Schumer regarding the unprecedented challenge with COVID-19. From expanding public health capacity and access to and the availability of testing, to taking action to mitigate…
Since August 2019, unidentified cyber actors have used a Pulse Secure VPN Vulnerability CVE-2019-11510, which was disclosed this past summer, to exploit notable US entities. In August 2019, cyber actors gained unauthorized access to a US financial entity’s research network using CVE-2019-11510. In…
Since June 2019, unidentified cyber actors have used a SharePoint vulnerability, CVE-2019-0604, to exploit notable US entities. Following a widespread scanning for CVE-2019-0604 in May, June, and October 2019, respectively, cyber actors compromised the network of two…
Multiple Nation State Advanced Persistent Threat (APT) actors have weaponized CVE-2019-11510, CVE-2019-11539, and CVE-2018-13379 to gain access to vulnerable VPN devices.
In August, 2019, the Canadian Centre for Cyber Security released guidance for mitigating vulnerabilities in 3 major VPN…
The FBI assesses foreign cyber actors operating in the Islamic Republic of Iran, one of two nation-states known to have conducted destructive cyber attacks inside the United States, could potentially use a range of Computer Network Operations (CNO) against US-based networks in retaliation for last…