Cybersecurity
Cyber Threat Intelligence, Alerts and Reports
As part of the AHA’s commitment to helping hospitals and health systems prepare for and prevent cyber threats, we have gathered the latest government cyber threat intelligence and alerts and Health Information Sharing and Analysis Center (H-ISAC) reports.
You may be asked to enter your AHA member credentials to view certain reports and intelligence alerts.
Cybersecurity & Risk Advisory
Learn how AHA can help hospitals and health systems prepare for and mitigate cyber threats through the expertise of John Riggi, AHA’s National Advisor for Cybersecurity and Risk.
The Health Information Sharing and Analysis Center (H-ISAC) Sept. 19 alerted the health sector to an emerging threat that targets senior executives through phishing emails that contain malicious QR codes, also known as quishing.
The Department of Health and Human Services Sept. 18 alerted the health care sector to a critical vulnerability in ManageEngine products that allows an attacker to perform remote code execution and which a North Korean state-sponsored actor is reportedly using to target health care entities in…
A recent uptick in threat actors delivering phishing emails laced with malicious QR codes has beenobserved. Quishing, also known as QR code phishing, involves sending a seemingly time sensitive emailcontaining lures to trick the recipient into taking action and scanning an innocuous QR code.
H-ISAC TLP Green Daily Cyber Headlines for September 19, 2023
A daily ransomware tracker at TLP:GREEN for the purpose of increasing ransomware threat awareness.
Cisco Talos has published an open-source report regarding the North Korean state-sponsored actor, the Lazarus Group, reported to be targeting internet backbone infrastructure and healthcare entities in Europe and the United States.
Report published on September 17, 2023.
H-ISAC TLP Green Daily Physical Security Report for September 18, 2023
This document refines and clarifies the CDM Program’s Identity and Access Management (IDAM) scope by providing a reference for how CDM IDAM capabilities may integrate into an agency’s ICAM architecture. A description of the federal ICAM practice area, including how ICAM services and components…
On September 15, 2023, CISA released the Continuous Diagnostics and Mitigation Program: Identity, Credential, and Access Management (ICAM) Reference Architecture to help federal civilian departments and agencies integrate their identity and access management (IDAM) capabilities into their ICAM…