Cybersecurity

Cyber Threat Intelligence, Alerts and Reports

As part of the AHA’s commitment to helping hospitals and health systems prepare for and prevent cyber threats, we have gathered the latest government cyber threat intelligence and alerts and Health Information Sharing and Analysis Center (H-ISAC) reports.

You may be asked to enter your AHA member credentials to view certain reports and intelligence alerts.

Cybersecurity & Risk Advisory

Learn how AHA can help hospitals and health systems prepare for and mitigate cyber threats through the expertise of John Riggi, AHA’s National Advisor for Cybersecurity and Risk.

Learn More

Issue Landing Page
Issue Landing Page

Cybersecurity & Risk Advisory Service
AHA can help hospitals and health systems prepare for and mitigate cyber threats with John Riggi, a recognized expert, as a powerful resource.
Cybersecurity Government Intelligence Reports
Cybersecurity Government Intelligence Reports

TLP White: NSA | APT5: Citrix ADC Threat Hunting Guidance - December 2022
APT5 has demonstrated capabilities against Citrix® Application Delivery Controller™ (ADC™) deployments (“Citrix ADCs”).
Headline
News

Microsoft says China-based threat actors behind SharePoint attacks 
Microsoft July 22 released an update on the ongoing cyberattacks to SharePoint servers used within organizations, attributing the incidents to China-based threat actors.
Headline
News

Agencies warn of activity by Interlock ransomware

The FBI, Cybersecurity and Infrastructure Security Agency, Department of Health and Human Services and Multi-State Information Sharing and Analysis Center July 23 released a joint advisory detailing malicious activity from Interlock ransomware.
Advisory
Advisory

Ongoing Attack Impacting Microsoft SharePoint Servers Managed on Premises
There is an ongoing attack targeting flaws in Microsoft’s SharePoint server software. Microsoft has published guidance on protecting vulnerable systems, and these vulnerabilities only impact on-premises installations of SharePoint.
Headline
News

Microsoft issues alert on vulnerabilities in ongoing SharePoint attacks 
Microsoft July 19 issued an alert about active attacks from vulnerabilities targeting SharePoint servers used within organizations.
Headline
News

AHA blog: Why and How to Incorporate Physical Security Risk into Your Enterprise Risk Management

In his latest AHA Cyber and Risk Intel blog, Scott Gee, AHA deputy national advisor for cybersecurity and risk, explains how hospitals can prepare for and mitigate risk for both cyber and physical threats to the hospital environment.
H-ISAC: Green Reports
H-ISAC: Green Reports

H-ISAC TLP Green Ransomware Data Leak Sites Report - July 16, 2025
A daily ransomware tracker at TLP:GREEN to increase awareness of the ransomware threat.
H-ISAC: Green Reports
H-ISAC: Green Reports

H-ISAC TLP Green Daily Cyber Headlines - July 16, 2025
H-ISAC TLP Green Daily Cyber Headlines for July 16, 2025.
H-ISAC: Green Reports
H-ISAC: Green Reports

H-ISAC TLP Green Daily Cyber Headlines - July 15, 2025
H-ISAC TLP Green Daily Cyber Headlines for July 15, 2025.
Subscribe to Cybersecurity