H-ISAC: White Reports
On January 25, 2023, the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Multi-State Information Sharing and Analysis Center (MS-ISAC) (hereafter referred to as the “authoring organizations”) released this joint Cybersecurity Advisory (CSA) to warn…
On January 19, 2022, the Health Sector Cybersecurity Coordination Center (HC3) shared a report "December 2022 Vulnerability Bulletin" regarding vulnerabilities impacting information systems relevant to the health sector.
Recently, DeepSeas Darkweb team discovered a post from a credible XSS crime forum account selling access to a cryptor for a cracked version of Cobalt Strike 4.7.2 and claims it will bypass several popular security sensors.
To kick off 2023, Hacking Healthcare begins by examining an end of year ransomware attack against a Canadian children’s hospital. Beyond assessing the unique aspects of the attack, such as why a notorious ransomware group apologized and offered a free decryptor to its victim, we take a broader…
On December 13, 2022, the National Security Agency (NSA) released a Cybersecurity Advisory (CSA) to provide threat hunting guidance for Citrix Application Delivery Controller (ADC) deployments.
In November 2022, vulnerabilities to the health sector have been released that require attention.
Summary:
Eclypsium Research has discovered and reported 3 vulnerabilities in American Megatrends, Inc. (AMI) MegaRAC Baseboard Management Controller (BMC) software. Eclypsium is referring to the vulnerabilities collectively as BMC&C.
This week, Hacking Healthcare examines what to make of the White House’s second annual summit on combating ransomware.
This week, Hacking Healthcare dives into a recent regulatory fine against a large UK organization for General Data Protection Regulation (“GDPR”) violations.
On October 31, 2022, the Cybersecurity Infrastructure Security Agency (CISA) released two fact sheets highlighting threats against accounts and systems using certain forms of multifactor authentication (MFA).