Cybersecurity Government Intelligence Reports
The American Hospital Association (AHA) Cybersecurity and Risk Advisory Service share cybersecurity government intelligence reports that are vital to the security of hospitals and health systems.
Executive Summary
The United States National Security Agency (NSA), the U.S. Federal Bureau of Investigation (FBI), the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Japan National Police Agency (NPA), and the Japan National Center of Incident Readiness and Strategy for…
In August 2023, vulnerabilities to the health sector have been released that require attention. This includes the monthly Patch Tuesday vulnerabilities released by several vendors on the second Tuesday of each month, along with mitigation steps and patches.
Cisco Talos has published an open-source report regarding the North Korean state-sponsored actor, the Lazarus Group, reported to be targeting internet backbone infrastructure and healthcare entities in Europe and the United States.
This document refines and clarifies the CDM Program’s Identity and Access Management (IDAM) scope by providing a reference for how CDM IDAM capabilities may integrate into an agency’s ICAM architecture. A description of the federal ICAM practice area, including how ICAM services and components…
Threats from synthetic media, such as deepfakes, present a growing challenge for all users of modern technology and communications, including National Security Systems (NSS), the Department of Defense (DoD), the Defense Industrial Base (DIB), and national critical infrastructure owners and…
Akira is a Ransomware-as-a-Service (RaaS) group that started operations in March 2023.
This white paper outlines Chinese cyber threat actors who are known to target the U.S. public health and private health sector entities in cyberspace.
Rhysida is a new ransomware-as-a-service (RaaS) group that has emerged since May 2023. The group drops an eponymous ransomware via phishing attacks and Cobalt Strike to breach targets’ networks and deploy their payloads.
This advisory provides details on the Common Vulnerabilities and Exposures (CVEs) routinely and
frequently exploited by malicious cyber actors in 2022 and the associated Common Weakness
Enumeration(s) (CWE).
SUMMARY
The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), U.S. Cybersecurity and Infrastructure Security Agency (CISA), and U.S. National Security Agency (NSA) are releasing this joint Cybersecurity Advisory to warn vendors, designers, and developers of web…