Cybersecurity

Cyber Threat Intelligence, Alerts and Reports

As part of the AHA’s commitment to helping hospitals and health systems prepare for and prevent cyber threats, we have gathered the latest government cyber threat intelligence and alerts and Health Information Sharing and Analysis Center (H-ISAC) reports.

You may be asked to enter your AHA member credentials to view certain reports and intelligence alerts.

Cybersecurity & Risk Advisory

Learn how AHA can help hospitals and health systems prepare for and mitigate cyber threats through the expertise of John Riggi, AHA’s National Advisor for Cybersecurity and Risk.

Learn More

H-ISAC: Green Reports
H-ISAC: Green Reports

H-ISAC TLP Green Ransomware Data Leak Sites Report - July 29, 2025

A daily ransomware tracker at TLP:GREEN to increase awareness of the ransomware threat.
H-ISAC: White Reports
H-ISAC: White Reports

H-ISAC TLP White Threat Bulletin: Russia-Nexus Threat Actors May Retaliate Against Ukraine Weapons Deal

On July 14, 2025, the US announced a new foreign policy stating that it would supply Ukraine with a large amount of advanced weapons through NATO if Russia did not broker a ceasefire deal in the following 50 days.
H-ISAC: Green Reports
H-ISAC: Green Reports

H-ISAC TLP Green Daily Cyber Headlines - July 28, 2025
H-ISAC TLP Green Daily Cyber Headlines for July 28, 2025.
H-ISAC: Green Reports
H-ISAC: Green Reports

H-ISAC TLP Green Ransomware Data Leak Sites Report - July 28, 2025
A daily ransomware tracker at TLP:GREEN to increase awareness of the ransomware threat.
Headline
News

Microsoft says China-based threat actors behind SharePoint attacks 
Microsoft July 22 released an update on the ongoing cyberattacks to SharePoint servers used within organizations, attributing the incidents to China-based threat actors.
Headline
News

Agencies warn of activity by Interlock ransomware

The FBI, Cybersecurity and Infrastructure Security Agency, Department of Health and Human Services and Multi-State Information Sharing and Analysis Center July 23 released a joint advisory detailing malicious activity from Interlock ransomware.
Advisory
Advisory

Ongoing Attack Impacting Microsoft SharePoint Servers Managed on Premises
There is an ongoing attack targeting flaws in Microsoft’s SharePoint server software. Microsoft has published guidance on protecting vulnerable systems, and these vulnerabilities only impact on-premises installations of SharePoint.
Headline
News

Microsoft issues alert on vulnerabilities in ongoing SharePoint attacks 
Microsoft July 19 issued an alert about active attacks from vulnerabilities targeting SharePoint servers used within organizations.
Headline
News

AHA blog: Why and How to Incorporate Physical Security Risk into Your Enterprise Risk Management

In his latest AHA Cyber and Risk Intel blog, Scott Gee, AHA deputy national advisor for cybersecurity and risk, explains how hospitals can prepare for and mitigate risk for both cyber and physical threats to the hospital environment.
H-ISAC: Green Reports
H-ISAC: Green Reports

H-ISAC TLP Green Ransomware Data Leak Sites Report - July 16, 2025
A daily ransomware tracker at TLP:GREEN to increase awareness of the ransomware threat.
Subscribe to Cybersecurity