H-ISAC: White Reports
This report is a collaboration between Health-ISAC and the American Hospital Association (AHA)
On February 8, 2024, Ivanti warned of a new authentication bypass vulnerability, identified as CVE-2024-22024, impacting Connect Secure, Policy Secure, and ZTA gateways. Discovery of the new flaw comes as part of Ivanti’s ongoing investigation into vulnerabilities impacting the previously mentioned…
This week, Hacking HealthcareTM examines the publication of healthcare specific cybersecurity performance goals (CPGs).
January 24, 2024, HHS, through ASPR, released voluntary health care specific cybersecurity performance goals and a new gateway website.
Hacking HealthcareTM begins by providing a breakdown of what we know and might expect from an upcoming proposed rule to modify the HIPAA Security Rule. We assess what kinds of expectations members should have about the timing of such a revision and what members might want to do in the…
On November 13, 2023, the Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) and the Cybersecurity and Infrastructure Security Agency (CISA) released communications to bolster organizations' resiliency and stand up critical business functions during or following a cyber…
On November 01, 2023, CISA released Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities.
On October 23, 2023, HHS published QR Code-Based Phishing (Quishing) as a Threat to the Health Sector, a white paper focused on QR code phishing.
Interest in broadening and deepening the expectations and responsibilities of senior leadership when it comes to cybersecurity is increasingly taking hold in policy circles globally and in particular in the US and Europe.
Social engineering is the attempt to trick someone into revealing information (e.g., a password) or taking an action that can be used to compromise systems or networks.