Cybersecurity

Cyber Threat Intelligence, Alerts and Reports

As part of the AHA’s commitment to helping hospitals and health systems prepare for and prevent cyber threats, we have gathered the latest government cyber threat intelligence and alerts and Health Information Sharing and Analysis Center (H-ISAC) reports.

You may be asked to enter your AHA member credentials to view certain reports and intelligence alerts.

Cybersecurity & Risk Advisory

Learn how AHA can help hospitals and health systems prepare for and mitigate cyber threats through the expertise of John Riggi, AHA’s National Advisor for Cybersecurity and Risk.

Learn More

Headline
News

Organizations urged to immediately patch SAP server vulnerability
The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency yesterday alerted organizations to a critical vulnerability affecting the SAP NetWeaver Application Server, which an attacker could exploit through the Hypertext Transfer Protocol (HTTP) to take control of…
HC3 Sector Alert
HC3 Sector Alert

HC3 Sector Alert TLP Green - China Targets HPH, July 13, 2020
     
HC3 Sector Alert
HC3 Sector Alert

HC3 Sector Alert TLP White - CISA Top 3 Malware Detections for May 2020, July 10, 2020
Top malware detections for the month of May 2020 by the EINSTEIN national IDS included NetSupport Manager RAT, Kovter, and XMRig.
Other Cybersecurity Reports
Other Cybersecurity Reports

HC3 Threat Briefing TLP White: Business Email Compromise and the Health Sector - July 9, 2020
Business email compromise can go by different names - be aware of them all.
H-ISAC: White Reports
H-ISAC: White Reports

H-ISAC Report: Hacking Healthcare - TLP White, July 7, 2020
This edition of Hacking Healthcare begins by providing a brief overview of how a major European law enforcement operation, made possible by cracked encryption, is likely to further fuel the long simmering encryption debate within the United States, and wraps up by exploring the FCC’s decision…
HC3 Analyst Note
HC3 Analyst Note

HC3 Analyst Note TLP White: Critical Vulnerability in F5 Network Management/Security (BIG-IP) Tools
The information technology vendor, F5, disclosed a significant vulnerability in their BIG-IP suite of tools which, when exploited, allows for remote code execution ultimately leading to complete compromise of the host and the potential for further compromise of the network which it sits on.
H-ISAC: White Reports
H-ISAC: White Reports

H-ISAC Report: Hacking Healthcare - TLP White, July 1, 2020

This edition takes an in-depth look at one of the more unique and interesting governmental processes that has a significant influence on cybersecurity in the private sector.
Headline
News

Government agencies issue urgent alert on network vulnerability
The departments of Homeland Security and Health and Human Services and the National Security Agency alerted the field to a significant vulnerability affecting the Palo Alto Networks’ PAN-OS firewall software that cyber attackers could easily exploit remotely via the internet.
HC3 Sector Alert
HC3 Sector Alert

HC3 Sector Alert TLP White: CVE-2020-2021 PAN-OS: Authentication Bypass in SAML Authentication, June 30, 2020
On June 29, 2020, Palo Alto Networks announced a vulnerability (CVE-2020-2021) affecting their PAN-OS firewall software.
Other Cybersecurity Reports
Other Cybersecurity Reports

HC3 Threat Briefing TLP White: Dridex Malware Report, June 25, 2020
Dridex was originally developed as a financial Trojan that initially makes contact with its victims via phishing/spam email campaigns.
Subscribe to Cybersecurity