Cybersecurity
Cyber Threat Intelligence, Alerts and Reports
As part of the AHA’s commitment to helping hospitals and health systems prepare for and prevent cyber threats, we have gathered the latest government cyber threat intelligence and alerts and Health Information Sharing and Analysis Center (H-ISAC) reports.
You may be asked to enter your AHA member credentials to view certain reports and intelligence alerts.
Cybersecurity & Risk Advisory
Learn how AHA can help hospitals and health systems prepare for and mitigate cyber threats through the expertise of John Riggi, AHA’s National Advisor for Cybersecurity and Risk.
Learn More
Formbook is an information stealing malware, also known as “form grabber” malware. The malware is installed on victims’ computers when they visit malicious websites or domains.
Lokibot is an information stealer; the main functionality of its binary is to collect system and application credentials and user information to send back to the attacker.
Nanocore is a particularly sophisticated Remote Access Trojan (RAT) that has been used by criminals to gain complete control over victim’s devices, including logging keystrokes and screen activity, manipulating private files and sensitive data, controlling surveillance systems like the webcam and…
Agent Tesla is an established Remote Access Trojan (RAT) written in .Net. A successful deployment of Agent Tesla provides attackers with full computer or network access; it is capable of stealing credentials, sensitive information, keystrokes, screen and video activity, and form-grabbing.
Remcos RAT, or remote access tool, is a legitimate application intended for use by administrators for remote access and maintenance. It has recently been used as part of attempted cyberattacks, leveraging COVID-related phishing themes to disguise it as part of the payload.
Dridex was originally developed as a financial Trojan that makes initial contact with its victims via phishing email campaigns and is one of the most prevalent malwares in use today.
Ursnif (aka Gozi, Gozi-ISFB, Dreambot, Papras) is a modified modular banking malware with backdoor capabilities.
The Federal Communications Commission is investigating a T-Mobile network outage that impacted customers across the United States, FCC Chairman Ajit Pai said.
This guide provides participants with instructions and helpful tips for the Health Sector Cybersecurity Coordination Center (HC3) Cybersecurity Threat Briefing Series, hosted via WebEx.