Cybersecurity

Cyber Threat Intelligence, Alerts and Reports

As part of the AHA’s commitment to helping hospitals and health systems prepare for and prevent cyber threats, we have gathered the latest government cyber threat intelligence and alerts and Health Information Sharing and Analysis Center (H-ISAC) reports.

You may be asked to enter your AHA member credentials to view certain reports and intelligence alerts.

Cybersecurity & Risk Advisory

Learn how AHA can help hospitals and health systems prepare for and mitigate cyber threats through the expertise of John Riggi, AHA’s National Advisor for Cybersecurity and Risk.

Learn More

Advisory
Advisory

MOVEit Transfer Vulnerability Strikes — Here’s What Hospitals & Health Systems Must Know About New Ransomware Risk
A Russia-linked ransomware gang is exploiting a security flaw in MOVEit Transfer, a tool used by hospitals, health systems, corporations and government agencies to share large files over the internet, resulting in a serious ransomware threat against critical infrastructure.
Cybersecurity Government Intelligence Reports
Cybersecurity Government Intelligence Reports

ASPR Healthcare and Public Health Sector Cybersecurity Notification June 16, 2023
A ransomware variant and threat group, identified as TimisoaraHackerTeam, resurfacing in a recent ransomware attack on a medical facility.
H-ISAC: White Reports
H-ISAC: White Reports

H-ISAC TLP Green Informational Report: HC3: Monthly Cybersecurity Vulnerability Bulletin - June 14, 2023
On June 14, 2023, the Health Sector Cybersecurity Coordination Center (HC3) shared a report "May 2023 Vulnerability Bulletin" regarding vulnerabilities to the health sector have been released that require attention.
Headline
News

Agencies recommend action to defend against LockBit ransomware threat
The Cybersecurity and Infrastructure Security Agency, FBI, Multi-State Information Sharing and Analysis Center (MS-ISAC) and international partners June 14 recommended health care and other critical infrastructure organizations take certain actions to defend their networks against LockBit…
Cybersecurity Government Intelligence Reports
Cybersecurity Government Intelligence Reports

Joint Cybersecurity Advisory TLP Clear: Understanding Ransomware Threat Actors: Lockbit

SUMMARY In 2022, LockBit was the most deployed ransomware variant across the world and continues to be prolific in 2023. Since January 2020, affiliates using LockBit have attacked organizations of varying sizes across an array of critical infrastructure sectors, including financial services,…
H-ISAC: White Reports
H-ISAC: White Reports

H-ISAC TLP White Informational: HC3: Threat Profile - FIN11 – June 14, 2023
FIN11 is a cybercriminal group that has been active since at least 2016, originating from the Commonwealth of Independent States (CIS).
H-ISAC: Green Reports
H-ISAC: Green Reports

H-ISAC TLP Green Ransomware Data Leak Sites Report - June 14, 2023
A daily ransomware tracker as TLP:GREEN for purposes of increasing ransomware threat awareness.
Cybersecurity Government Intelligence Reports
Cybersecurity Government Intelligence Reports

HC3 TLP Clear FIN11 Threat Profile June 13, 2023
FIN11 is a cybercriminal group that has been active since at least 2016, originating from the Commonwealth of Independent States (CIS).
H-ISAC: Green Reports
H-ISAC: Green Reports

H-ISAC TLP Green Daily Cyber Headlines - June 13, 2023
H-ISAC TLP Green Daily Cyber Headlines for June 13, 2023.
H-ISAC: Green Reports
H-ISAC: Green Reports

Daily Alert Report for June 12, 2023
Alerts published on June 12, 2023.
Subscribe to Cybersecurity