H-ISAC: White Reports

On April 15, 2024, multiple cyber agencies released a joint Cybersecurity Information Sheet Deploying AI Systems Securely.
On April 14, Palo Alto Networks released security updates for the critical unauthenticated remote code execution flaw CVE-2024-3400 affecting GlobalProtect.
On March 26, 2024, Cisco released an advisory stating that its threat intelligence team, Cisco Talos, has observed a concerning uptick in password spray attacks against Remote Access Virtual Private Network (RAVPN) services on devices that use Cisco Secure Firewall.
Health-ISAC, in partnership with The American Hospital Association (AHA), has published the annual Executive Summary for CISOs: Current and Emerging Healthcare Cyber Threat Landscape. For 2024.
This report is a collaboration between Health-ISAC and the American Hospital Association (AHA)
On February 8, 2024, Ivanti warned of a new authentication bypass vulnerability, identified as CVE-2024-22024, impacting Connect Secure, Policy Secure, and ZTA gateways. Discovery of the new flaw comes as part of Ivanti’s ongoing investigation into vulnerabilities impacting the previously mentioned…
This week, Hacking HealthcareTM examines the publication of healthcare specific cybersecurity performance goals (CPGs).
January 24, 2024, HHS, through ASPR, released voluntary health care specific cybersecurity performance goals and a new gateway website.
Hacking HealthcareTM  begins by providing a breakdown of what we know and might expect from an upcoming proposed rule to modify the HIPAA Security Rule. We assess what kinds of expectations members should have about the timing of such a revision and what members might want to do in the…
On November 13, 2023, the Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) and the Cybersecurity and Infrastructure Security Agency (CISA) released communications to bolster organizations' resiliency and stand up critical business functions during or following a cyber…