Cybersecurity
Cyber Threat Intelligence, Alerts and Reports
As part of the AHA’s commitment to helping hospitals and health systems prepare for and prevent cyber threats, we have gathered the latest government cyber threat intelligence and alerts and Health Information Sharing and Analysis Center (H-ISAC) reports.
You may be asked to enter your AHA member credentials to view certain reports and intelligence alerts.
Cybersecurity & Risk Advisory
Learn how AHA can help hospitals and health systems prepare for and mitigate cyber threats through the expertise of John Riggi, AHA’s National Advisor for Cybersecurity and Risk.
September vulnerabilities of interest to the health sector.
Third-party cyberattacks pose one of the biggest challenges on the health care cyber-risk landscape. Hospitals and health systems are at increasing risk of cyberattacks on third parties — such as business associates, medical device providers and supply chain vendors.
A trio of federal agencies is warning of a new ransomware threat perpetuated by the “Daixin Team” cybercrime group that is targeting U.S. health care and public health organizations.
H-ISAC TLP White Daily Cyber Headlines for October 24, 2022.
On October 20, 2022, the Health-ISAC Threat Intelligence Committee (TIC) evaluated the current Cyber Threat Level and collectively decided to maintain the Cyber Threat Level at Blue (Guarded).
A daily ransomware tracker as TLP:GREEN for purposes of increasing ransomware threat awareness.
The FBI, Cybersecurity and Infrastructure Security Agency and Department of Health and Human Services today alerted U.S. organizations to a cybercrime group targeting the health care sector with ransomware and data extortion operations. The group has attacked multiple organizations since June,…
This joint CSA provides TTPs and IOCs of Daixin actors obtained from FBI threat response activities and third-party reporting.
The FBI yesterday recommended U.S. organizations take certain actions to protect their networks against the Iranian cybergroup Emennet Pasargad, which has recently used hack-and-leak techniques and false personas to target organizations, including one in the United States.
On October 21, Advanced Intelligence confirmed that the threat group Zeon began leveraging CVE-2022-41040 and CVE-2022-41082 Microsoft Exchange remote code execution (RCE) vulnerabilities.