Cybersecurity
Cyber Threat Intelligence, Alerts and Reports
As part of the AHA’s commitment to helping hospitals and health systems prepare for and prevent cyber threats, we have gathered the latest government cyber threat intelligence and alerts and Health Information Sharing and Analysis Center (H-ISAC) reports.
You may be asked to enter your AHA member credentials to view certain reports and intelligence alerts.
Cybersecurity & Risk Advisory
Learn how AHA can help hospitals and health systems prepare for and mitigate cyber threats through the expertise of John Riggi, AHA’s National Advisor for Cybersecurity and Risk.
Learn More
HC3 Threat Briefing TLP White: Fileless Malware Sept 10, 2020
The NCSC continues to investigate a large number of UK cyber incidents involving the Cobalt Strike framework. The number of such incidents handled by the NCSC has increased significantly in recent years. This includes both cyber criminals conducting financially-motivated attacks and cyber espionage…
The HC3 team originally sent an invitation for September 17th for the Monthly webinar. This has been moved to September 24th please reference the invitation below.
In August 2020, security researchers identified a malicious email campaign impersonating a US hospital that was observed delivering a variety of information stealing trojans, including AgentTesla, Formbook, Matiex, and njRatAzorult.
CIS Controls:
• Provide a quick security win for the Healthcare and Public Health (HPH) Sector
• They offer an initial starting point for execution of a cyber security strategy
• They are scalable to meet the needs of the smallest to largest organizations
• Execution of the initial 43 sub-controls…
The following webinar invite is a redistribution from partners at HHS-ASPR
=================
This edition of Hacking Healthcare includes an examination of Health and Human Services’ (HHS) Office of Civil Rights’ (OCR) summer cybersecurity newsletter; a brief on the recent charges levied against ex-Uber Chief Security Officer (CSO) Joe Sullivan for his role in covering up a 2016 data breach…
HC3 Threat Briefing - Pulse Secure VPN Servers Leak: Incident Case Study 8 27 2020
A new phishing campaign is using COVID-19 personal protective equipment (PPE)-themed lures to spread Agent Tesla malware. This difficult-to-detect remote access Trojan (RAT) provides attackers with a dashboard to monitor the malware’s keylogging and information stealing capabilities.
This edition of Hacking Healthcare is devoted to exploring the physical aspects of data security that, while sometimes easy to overlook, are no less important. This issue examines the types of incidents members should consider, various legal and regulatory elements, the applicability of…