H-ISAC: White Reports
CISA, NSA, and the FBI, in collaboration with international agencies, have released a joint Cybersecurity Advisory (CSA) detailing the top routinely exploited vulnerabilities in 2022.
This week, Hacking HealthcareTM examines the newly released National Cyber Strategy Implementation Plan.
Health-ISAC is encouraging members to remain vigilant due to potentially elevated risks from threat actors known to exploit the MOVEit vulnerability. Health-ISAC recommends cyber security teams also be wary of attacks on FTP and SFTP.
Recently Accu Weather meteorologists have been monitoring a potential high-powered, long tracking and fast-moving batch of thunderstorms to develop later this week across parts of the central United States, known as a derecho.
Search engine optimization (SEO) poisoning, considered a type of malvertising (malicious advertising), is a technique used by threat actors to increase the prominence of their malicious websites.
On June 14, 2023, the Health Sector Cybersecurity Coordination Center (HC3) shared a report "May 2023 Vulnerability Bulletin" regarding vulnerabilities to the health sector have been released that require attention.
FIN11 is a cybercriminal group that has been active since at least 2016, originating from the Commonwealth of Independent States (CIS).
On June 12, Fortinet issued a PSIRT advisory and a blog post on a critical heap-based buffer overflow vulnerability in SSL-VPN pre-authentication, that was speculated to be a trigger for the latest security updates.
On June 1, 2023, NHS published a critical vulnerability bulletin focused on the Progress MOVEit File Transfer (MFT) product.
On May 1, 2023, Health-ISAC was made aware of a Zyxel vulnerability that could be used for remote code execution attacks.