Cybersecurity Government Intelligence Reports
The American Hospital Association (AHA) Cybersecurity and Risk Advisory Service share cybersecurity government intelligence reports that are vital to the security of hospitals and health systems.
What is artificial intelligence? How does it work? What does it mean for cybersecurity, especially for healthcare?
Foreign adversaries attend trade shows and industry conferences because they bring together likeminded individuals, including subject matter experts, at a single venue to discuss critical and emerging technologies of interest.
Search engine optimization (SEO) poisoning, considered a type of malvertising (malicious advertising), is a technique used by threat actors to increase the prominence of their malicious websites.
A ransomware variant and threat group, identified as TimisoaraHackerTeam, resurfacing in a recent ransomware attack on a medical facility.
SUMMARY
In 2022, LockBit was the most deployed ransomware variant across the world and continues to be prolific in 2023. Since January 2020, affiliates using LockBit have attacked organizations of varying sizes across an array of critical infrastructure sectors, including financial services,…
FIN11 is a cybercriminal group that has been active since at least 2016, originating from the Commonwealth of Independent States (CIS).
SUMMARY
Note: this joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed…
Remote access software and tools comprise a broad array of capabilities used to maintain and improve IT, operational technology (OT), and industrial control systems (ICS) services.
Executive Summary
On May 31, 2023, a Progress Software (formerly IPSwitch) published a notification disclosing that a critical vulnerability exists in their MOVEit Transfer software, which could result in unauthorized access and privilege escalation. The vulnerability is a SQL injection flaw…
The United States and international cybersecurity authorities are issuing this joint Cybersecurity Advisory (CSA) to highlight a recently discovered cluster of activity of interest associated with a People’s Republic of China (PRC) state-sponsored cyber actor, also known as Volt Typhoon.