Cybersecurity Government Intelligence Reports
The American Hospital Association (AHA) Cybersecurity and Risk Advisory Service share cybersecurity government intelligence reports that are vital to the security of hospitals and health systems.
The Everest ransomware group has been active since 2020, and has engaged in data extortion and ransomware operations, along with initial access broker (IAB) activity.
Note: This joint Cybersecurity Advisory is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors.
The U.S. Federal Bureau of Investigation (FBI) and Cyber National Mission Force (CNMF), in partnership
with the Netherlands General Intelligence and Security Service (AIVD), Netherlands Military Intelligence and
Security Service (MIVD), the Netherlands Police (DNP), and the Canadian Centre for…
BackgroundThis advisory, authored by the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), the United States Cybersecurity and Infrastructure Security Agency (CISA), the United States National Security Agency (NSA), the United States Federal Bureau of Investigation (…
Executive Summary A critical vulnerability has been identified in MOVEit, a common file transfer platform utilized in the health sector. This vulnerability exposes healthcare organizations to cyberattacks, especially ransomware and data breaches. Progress, the company that owns and operates…
Trusted Partners,Please see the attached Joint Cyber Security Advisory 20240624-001 TLP: CLEAR: “Social Engineering Tactics Targeting Healthcare & Public Health Entities and Providers”.Please be advised that the product may be distributed or briefed without restrictions to private sector…
The Federal Bureau of Investigation (FBI) and the Department of Health and Human Services (HHS) are releasing this joint Cybersecurity Advisory (CSA) to disseminate known indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) used in a social engineering campaign targeting…
Qilin is a ransomware-as-a-service (RaaS) offering in operation since 2022, and which continues to target healthcare organizations and other industries worldwide.
Administrators are being advised to update their systems following the disclosure of a critical remote code execution vulnerability in PHP. PHP, or Hypertext Preprocessor, is a widely used open-source scripting language that is used to create dynamic web pages and applications on both Windows and…
In January 2024, security teams for two American multinational technology companies detected a nation-state attack on their corporate e-mail systems. The threat actor attributed to the cyberattacks was identified as Midnight Blizzard.