H-ISAC: White Reports
On August 04, 2023, the Health Sector Cybersecurity Coordination Center (HC3) released a sector alert regarding a ransomware variant and threat group, identified as Rhysida Ransomware.
The Cybersecurity and Infrastructure Security Agency (CISA) has released its three-year strategic plan for 2023-2025 that outlines the key goals of the agency as the new National Cybersecurity Strategy comes to fruition.
CISA, NSA, and the FBI, in collaboration with international agencies, have released a joint Cybersecurity Advisory (CSA) detailing the top routinely exploited vulnerabilities in 2022.
This week, Hacking HealthcareTM examines the newly released National Cyber Strategy Implementation Plan.
Health-ISAC is encouraging members to remain vigilant due to potentially elevated risks from threat actors known to exploit the MOVEit vulnerability. Health-ISAC recommends cyber security teams also be wary of attacks on FTP and SFTP.
Recently Accu Weather meteorologists have been monitoring a potential high-powered, long tracking and fast-moving batch of thunderstorms to develop later this week across parts of the central United States, known as a derecho.
Search engine optimization (SEO) poisoning, considered a type of malvertising (malicious advertising), is a technique used by threat actors to increase the prominence of their malicious websites.
On June 14, 2023, the Health Sector Cybersecurity Coordination Center (HC3) shared a report "May 2023 Vulnerability Bulletin" regarding vulnerabilities to the health sector have been released that require attention.
FIN11 is a cybercriminal group that has been active since at least 2016, originating from the Commonwealth of Independent States (CIS).
On June 12, Fortinet issued a PSIRT advisory and a blog post on a critical heap-based buffer overflow vulnerability in SSL-VPN pre-authentication, that was speculated to be a trigger for the latest security updates.