Threat Intelligence

FBI, Health-ISAC Discuss Latest Ransomware Attacks on Hospitals

Link to this podcast and other resources on the American Hospital Association website: https://www.aha.org/advancing-health-podcast/2021-11-22-fbi-h-isac-discuss-latest-ransomware-attacks-hospitals PUBLIC / PRIVATE INFORMATION SHARING In this podcast John Riggi, AHA’s senior advisor...

Microsoft Guidance for Mitigating PetitPotam NTLM Relay Attacks

MS Alert KB5005413 Microsoft has publicly released an alert, KB5005413: Mitigating NTLM Relay Attacks on Active Directory Certificate Services (AD CS), to address a NTLM Relay Attack, designated PetitPotam. The alert is supplied with active mitigation strategies and recommendations for...

Dell Boot Recovery Remote Code Execution (RCE)

TLP White Dell Boot Recovery Remote Code Execution (RCE) Vulnerability Impacts Millions of Devices Finished Intelligence Reports Jun 24, 2021, 09:19 AM Eclypsium security researchers have discovered a vulnerability in the Dell BIOSConnect feature available on at least 180 models of consumer and...

PREPARING FOR THE NEXT “SOLARWINDS” EVENT

TLP WHITE Health-ISAC / AHA Threat Intelligence   STRATEGIC THREAT INTELLIGENCE: PREPARING FOR THE NEXT “SOLARWINDS” EVENT   Health-ISAC, in cooperation with the American Hospital Association, has published our Strategic Threat Intelligence: Preparing for the Next "SolarWinds"...

INSIDER THREATS & CYBER ESPIONAGE

--TLP: White HEALTHCARE INNOVATION CAPITAL: Insider Threats & Cyber Espionage The Health-ISAC Threat Operations Center has created a one-page executive summary of our 14-page reportto publicly share key findings with the Health Sector. Membership has access to the full report here: Cyware...

Distributed Denial of Service (DDoS) Attacks

TLP WHITE: March 19, 2021 As information systems become more sophisticated, so do the methods used by the attackers. Criminal and nation state actors have long recognized the value of denial-of-service attacks which can cause serious business interruptions for any organization connected to the...

Health-ISAC Vulnerability Bulletin: Hafnium

China-backed Threat Actor HAFNIUM Exploiting Four Microsoft Exchange Zero-Days Pdf version: [pdf-embedder url="https://h-isac.org/wp-content/uploads/2021/03/China-backed-Threat-Actor-Hafnium-Exploiting-Four-Microsoft-Exchange-Zero-Days.pdf" title="China-backed Threat Actor Hafnium Exploiting...

Microsoft Urges Customers to Patch Critical Windows TCP/IP Bugs

  TLP WHITE: H-ISAC Threat Bulletin -- February 9, 2021 --- Microsoft has released a set of fixes affecting Windows TCP/IP implementation that includes two Critical Remote Code Execution (RCE) vulnerabilities (CVE-2021-24074, CVE-2021-24094) and an Important Denial of Service (DoS)...

Translate »