Bluetooth Impersonation Attacks (BIAS)
Health-ISAC Vulnerability Bulletin: Bluetooth Impersonation Attacks (BIAS) Allow Impersonation on Thousands of Devices TLP-WHITE. May 20, 2020 Summary: Bluetooth (BR/EDR) is a pervasive technology for wireless communication used by over a billion devices across the globe. The...
Top 10 Routinely Exploited Common Vulnerabilities & Exposures
Health-ISAC Vulnerability Bulletin Date: May 14, 2020 TLP:WHITE Event: Top 10 Routinely Exploited Common Vulnerabilities & Exposures (CVEs) Summary: This alert provides details on vulnerabilities that are routinely being exploited by nation state cyber actors. Organizations can...
People’s Republic of China Targeting COVID-19 Research Organizations
Health-ISAC Threat Bulletin Date: May 13, 2020 TLP-White Event: People’s Republic of China (PRC) Targeting of COVID-19 Research Organizations Summary: On May 13, 2020, the Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency...
Quantitative Risk Management in Healthcare Cybersecurity
TLP:WHITE Please see the below the weekly threat brief from the HHS Health Sector Cybersecurity Coordination Center (HC3). This week's briefing is on Quantitative Risk Management in Healthcare Cybersecurity and covers the following topics: - Risk Management - Risk Frameworks -...
H-ISAC Physical Security Alert: Hurricane Preparedness
Health-ISAC Physical Security Alert Date: May 7, 2020 TLP: WHITE Event: Hurricane Preparedness Week, May 3-9, 2020 Summary: Hurricane season can place a heavy burden on our Health ISAC membership as Healthcare and Public Health professionals are already operating under great...
NSA Releases Telehealth Guidelines During COVID-19
Health-ISAC Threat Bulletin Date: May 4, 2020 TLP: White Event: NSA Releases Telehealth Guidelines During COVID-19 Summary: The National Security Agency (NSA) recently shared cybersecurity guidance with high-level security assessments to help organizations select and safely use collaboration...
Threat Modeling for Mobile Health Systems
HC3 Threat Briefing – Threat Modeling for Mobile Health Systems Please see below the HHS Health Sector Cybersecurity Coordination Center (HC3) threat brief. This brief focuses on Threat Modeling for Mobile Health Systems and covers the following topics: - Introduction - Threat Modeling...
Threat Actor Exploitation Post Pulse Secure VPN Patching
Health-ISAC Vulnerability Bulletin Date: April 17, 2020 TLP: White Event: Continued Threat Actor Exploitation Post Pulse Secure VPN Patching Summary: On April 16, 2020, DHS Cybersecurity and Infrastructure Security Agency (CISA) published an Activity Alert "Continued threat actor exploitation...
Capturing Lessons Learned: COVID-19 After-Action Report
Capturing Lessons Learned: COVID-19 After-Action Report and Improvement Plan – It's never too late to start Download pdf of blog with graphics here: [pdf-embedder url="https://h-isac.org/wp-content/uploads/2020/04/H-ISAC-COVID-19-AAR-Blog_4.16.20.pdf" title="H-ISAC COVID-19 AAR...
Free internet-facing Vulnerability Scanning
Free internet-facing Vulnerability Scanning service from DHS CISA for H-ISAC members During this critical time of our Nations’ Healthcare Sector, DHS Cybersecurity & Infrastructure Security Agency (CISA) has partnered with H-ISAC to make available a free, continuous vulnerability scanning...