H-ISAC: White Reports
Hacking HealthcareTM begins by providing a breakdown of what we know and might expect from an upcoming proposed rule to modify the HIPAA Security Rule. We assess what kinds of expectations members should have about the timing of such a revision and what members might want to do in the…
On November 13, 2023, the Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) and the Cybersecurity and Infrastructure Security Agency (CISA) released communications to bolster organizations' resiliency and stand up critical business functions during or following a cyber…
On November 01, 2023, CISA released Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities.
On October 23, 2023, HHS published QR Code-Based Phishing (Quishing) as a Threat to the Health Sector, a white paper focused on QR code phishing.
Interest in broadening and deepening the expectations and responsibilities of senior leadership when it comes to cybersecurity is increasingly taking hold in policy circles globally and in particular in the US and Europe.
Social engineering is the attempt to trick someone into revealing information (e.g., a password) or taking an action that can be used to compromise systems or networks.
On October 06, 2023, the Health Sector Cybersecurity Coordination Center (HC3) released a sector alert regarding Critical Vulnerability in Cisco Emergency Responder.
On September 09, 2023, Progress Software released a hotfix to address multiple critical vulnerabilities in the WS_FTP Server and the WS_FTP Server Ad hoc Transfer Module.
Summary:
On September 18, 2023, the Health Sector Cybersecurity Coordination Center (HC3) released a sector alert regarding the Lazarus group exploiting a ManageEngine vulnerability.