Current and Emerging Healthcare Cyber Threat Landscape: Executive Summary for CISOs
Actionable cybersecurity market trends that leadership can use for strategic decision-making. This report is a collaboration between Health-ISAC and the American Hospital Association (AHA.) This executive summary is intended to give Board of Directors, Chief Information Security Officers, Chief...
Change Healthcare / Optum Network Connectivity and Additional Recommendations
TLP WHITE - Feb 26, 2024, 06:32 AM On Wednesday, February 21, Change Healthcare began experiencing a cyber security issue and isolated its systems to prevent further impact. Health-ISAC is sharing this Threat Bulletin to provide additional information: - Maintaining network connectivity with...
Healthcare Heartbeat Q4 2023
Cybersecurity Trends and Threats in the Healthcare Sector Health-ISAC’s Q4 2023 Healthcare Heartbeat provides observations of ransomware, cybercrime trends, and malicious actor forum postings that could potentially impact healthcare sector organizations. This product is for your...
Healthcare Heartbeat Q3 2023
Cybersecurity Trends and Threats in the Healthcare Sector Health-ISAC’s Q3 2023 Healthcare Heartbeat provides observations of ransomware, cybercrime trends, and malicious actor forum postings that could potentially impact healthcare sector organizations. This product is for your...
Decoding HTTP/2 Rapid Reset Zero-Day (CVE-2023-44487) Exploited
Health-ISAC is distributing this bulletin for your situational awareness. On October 10, 2023, DDoS Protection firm CloudFlare, in conjunction with Google and Amazon AWS released a statement regarding the discovery of a zero-day vulnerability which could generate massive hyper-volumetric...
Observed Increase in QR Code Phishing Attacks
Sep 19, 2023, 03:12 PM Pdf version: Text version: A recent...
Ransomware Actors Target Healthcare
Threat Bulletin issued August 8, 2023, 4:07 PM Health-ISAC has observed multiple incidents involving ransomware threat actors attacking healthcare and medical research facilities around the globe. These victims include multiple subsectors within healthcare, including mental health....
UPDATE: Ongoing Progress MOVEit Transfer Vulnerabilities Discovered
TLP WHITE June 30, 2023, Update – Ransomware Awareness for Holidays and Weekends Health-ISAC is encouraging members to remain vigilant due to potentially elevated risks from threat actors known to exploit the MOVEit vulnerability. Health-ISAC recommends cyber security teams also be wary of...
Defined Responsibility Whitepaper RACI
Improving Medical Device Security by Moving from Shared to Defined Responsibility Maintaining medical devices and systems requires the knowledge and skills of several different specialists. Those specialists may be provided by different organizations depending on the limitations in skills and...
Progress MOVEit Transfer Critical Vulnerability Actively Exploited
TLP:WHITE On June 1, 2023, NHS published a critical vulnerability bulletin focused on the Progress MOVEit File Transfer (MFT) product. Progress discovered a vulnerability in MOVEit Transfer that could lead to escalated privileges and potential unauthorized access to the environment....