Progress MOVEit Transfer Critical Vulnerability Actively Exploited
TLP:WHITE On June 1, 2023, NHS published a critical vulnerability bulletin focused on the Progress MOVEit File Transfer (MFT) product. Progress discovered a vulnerability in MOVEit Transfer that could lead to escalated privileges and potential unauthorized access to the environment....
Stopping cybercriminals from abusing security tools
Microsoft’s Digital Crimes Unit (DCU), cybersecurity software company Fortra™ and Health Information Sharing & Analysis Center (Health-ISAC) are taking technical and legal action to disrupt cracked, legacy copies of Cobalt Strike and abused Microsoft software, which have been used by...
Report: Threat Landscape Growing Scarier for Healthcare
Health-ISAC Warns of Cybercrimes Involving Synthetic Accounts, 'Product Abuse' Marianne Kolbasuk McGee (HealthInfoSec) • March 23, 2023 Link to full article in Healthcare InfoSecurity:...
Health-ISAC Releases Annual Report on Current and Emerging Cyber Threats to Healthcare
Actionable intelligence enhances situational awareness for global healthcare security professionals. Link to press release: https://www.newswire.com/news/health-isac-releases-annual-report-on-current-and-emerging-cyber-21986323 Access the Executive Summary to the Threat Report...
2023 Health Cybersecurity Annual Threat Report
Health Cybersecurity Annual Threat ReportThe Current & Emerging Healthcare Cyber Threat Landscape report covers the top cyber threats to healthcare organizations. The intent of this report is to help influence cybersecurity budget and investment decisions for senior leaders and...
Pro-Russian Hacktivist DDoS Campaign Targeting Healthcare
TLP WHITE Health-ISAC Threat Bulletin - February 6, 2023 On January 27, pro-Russian hacktivists operating on cybercriminal forums threatened to demolish attack the networks of medical institutions in the United States, United Kingdom, and abroad. The threats were purported to be a...
Notorious Cybercrime Botnet Disrupted
From Microsoft's blog: https://blogs.microsoft.com/on-the-issues/2022/04/13/zloader-botnet-disrupted-malware-ukraine/ Notorious cybercrime gang’s botnet disrupted Apr 13, 2022 | Amy Hogan-Burney - General Manager, Digital Crimes Unit Today we’re announcing that Microsoft’s Digital...
Executive Summary to Health-ISAC’s Current and Emerging Healthcare Cyber Threat Landscape
This is the Executive Summary to Health-ISAC's First Annual Current and Emerging Healthcare Cyber Threat Landscape Executive Summary 2021 posed a challenging year for healthcare cybersecurity with the continuing COVID-19 pandemic at the forefront of everyone’s minds. In this first annual...
Health-ISAC and HC3 Joint Bulletin: Potential Malicious Cyber Attacks from Russia
Credible Threats to US Critical Infrastructure Sectors Threat Bulletins -- TLP:WHITE -- Alert ID : b4e3eb9d -- Mar 22, 2022, 09:17 AM Pdf version: [pdf-embedder...
Log4j Vulnerability Affects Multiple Apache and Legacy Services
Log4j Vulnerability Affects Multiple Apache and Legacy Services Exploit Code Publicly Released Vulnerability Bulletin Alert # ea51506b PDF Version Proof-of-concept exploit code for a critical zero-day vulnerability, designated CVE-2021-44228, in the Apache Log4j Java-based logging library has...