Cybersecurity

Cyber Threat Intelligence, Alerts and Reports
As part of the AHA’s commitment to helping hospitals and health systems prepare for and prevent cyber threats, we have gathered the latest government cyber threat intelligence and alerts and Health Information Sharing and Analysis Center (H-ISAC) reports.
You may be asked to enter your AHA member credentials to view certain reports and intelligence alerts.
Cybersecurity & Risk Advisory
Learn how AHA can help hospitals and health systems prepare for and mitigate cyber threats through the expertise of John Riggi, AHA’s National Advisor for Cybersecurity and Risk.
AHA can help hospitals and health systems prepare for and mitigate cyber threats with John Riggi, a recognized expert, as a powerful resource.
APT5 has demonstrated capabilities against Citrix® Application Delivery Controller™ (ADC™) deployments (“Citrix ADCs”).
The AHA is advising hospitals and health systems to be alert for potential scam calls where actors are impersonating Drug Enforcement Agency agents. An AHA member recently contacted the association to report pharmacists in their region have and continue to receive targeted calls from individuals…
From March to November 2024, Health-ISAC held ten workshops as part of the Discussion Based Exercise Series involving over 100 member organizations, potential members, and strategic partners.
A daily ransomware tracker at TLP:GREEN for the purpose of increasing ransomware threat awareness.
On February 5, 2025, Cisco released a security advisory addressing two critical vulnerabilities in its Identity Services Engine (ISE) tracked as CVE-2025-20124 and CVE-2025-20125.
H-ISAC TLP Green Daily Cyber Headlines for February 6, 2025.
daily ransomware tracker at TLP:GREEN for the purpose of increasing ransomware threat awareness.
A daily ransomware tracker at TLP:GREEN for the purpose of increasing ransomware threat awareness.
The Cybersecurity and Infrastructure Security Agency and Food and Drug Administration Jan. 30 released notices warning of vulnerabilities found in the Contec CMS8000, a patient monitoring device used to display patient vital signs. The vulnerabilities also apply to Epsimed MN-120 patient monitors,…