Threat Briefs
Highlights relevant cybersecurity topics and raise the HPH sector's situational awareness of current cyber threats, threat actors, best practices, and mitigation tactics.
- December 2, 2021 - FIN12 as a Threat to Healthcare*
- November 18, 2021 - Zero-Day Attacks*
- November 4, 2021 - Cobalt Strike*
- October 21, 2021 - Hive Ransomware*
- October 7, 2021 - Blockchain for Healthcare*
- September 23, 2021 - LockBit Ransomware*
- September 2, 2021 - Demystifying BlackMatter*
- August 19, 2021 - REvil Update*
- August 5, 2021 - Qbot/QakBot Ransomware*
- July 8, 2021 - Conti Ransomware*
- June 17, 2021 - The Evolution of Cyber Hunt Processes*
- June 3, 2021 - Ransomware Trends 2021*
- May 20, 2021 - API for the HPH*
- May 06, 2021 - China's 14th FYP and the HPH*
- April 22, 2021 - Cyber Supply Chain Risk Management*
- April 8, 2021 - Ryuk Variants*
- March 25, 2021 - DPRK Cyber Espionage*
- March 18, 2021 - HPH Cyberthreats to Biotechnology*
- March 11, 2021 - 2021 HPH Cybersecurity Forecast*
- March 4, 2021 - DNS Tunneling*
- February 25, 2021 - Securing SSL/TLS in Healthcare*
- February 18, 2021 - 2020 HPH Cybersecurity Retrospective*
- February 11, 2021 - Threat Posed by Bulk Email Services*
- February 4, 2021 -Threats in Healthcare Cloud Computing*
- January 28, 2021 - ATTACK for Emotet*
- January 21, 2021 - Laying a Strong Cyber Foundation for the HPH*
- January 14, 2021 - HPH Distributed Attack Vectors TLP WHITE*
- December 10, 2020 - Evasive Methods Against Healthcare*
- November 12, 2020 - Trickbot and Ryuk*
- November 5, 2020 - SMB Vulnerabilities in Healthcare*
- October 29, 2020 - QakBot*
- October 22, 2020 - Using Honeypots for Network Intrusion Detection*
- October 15, 2020 - Unix/Mac/Linux OS Malware*
- October 8, 2020 - True Fighter RDP*
- October 1, 2020 - Zero Trust*
- September 24, 2020 - Netwalker*
- September 17, 2020 - Malspam*
- September 3, 2020 - CIS Controls in HPH*
- August 27, 2020 - Pulse Secure VPN*
- August 20, 2020 - 5G Security for Healthcare*
- August 13, 2020 - COVID-19 Cyber Threats (Update)*
- August 6, 2020 - Cybersecurity Maturity Models*
- July 23, 2020 - Dark Web and Cybercrime*
- July 23, 2020 - HPH-Sector Cyber Threat Actor Modeling with Mitre ATT&CK*
- July 9, 2020 - Business Email Compromise in the Health Sector*
- June 9, 2020 - APT and Cybercriminal Targeting of HCS*
- June 4, 2020 - Social Media Attacks*
- May 21, 2020 - Web Shell Malware:Threats and Mitigations*
- May 14, 2020 - COVID-19 Related Nation-State and Cyber Criminal Targeting of the Healthcare Sector*
- May 7, 2020 - Quantitative Risk Management for Healthcare Cybersecurity*
- April 30, 2020 - Threat Modeling for Mobile Health Systems*
- April 23, 2020 - COVID-19 Cyber Threats*
- April 16, 2020 - AZORult Malware*
- April 9, 2020 - Access Control on Health Information Systems*
- April 2, 2020 - 2019 Threats Posed to Healthcare Sector by Use of Third-Party Services*
- March 26, 2020 - Securely Teleworking in Healthcare*
- March 19, 2020 - Multifactor Authentication*
- March 19, 2020 - NIST Privacy Framework: A Tool for Improving Privacy Through Enterprise Risk Management*
- March 19, 2020 - Wearable Device Security*
- March 19, 2020 - Wearable Device Security and SweynTooth Vulnerabilities*
- March 5, 2020 - Incident Response*
- February 28, 2020 - "SweynTooth" Devices in the Medical Environment*
- February 20, 2020 - PyXie Remote Access Trojan (RAT)*
- February 20, 2020 - Botnet Threat to the Healthcare Industry*
- February 13, 2020 - Electronic Health Record Systems*
- February 6, 2020 - A.I. Application and Security Implications in the Healthcare Industry*
- January 30, 2020 - Ryuk Update*
- January 9, 2020 - Trickbot*
- December 19, 2019 - Emotet Update*
- December 12, 2019 - Maze Ransomware*
- December 5, 2019 - BlueKeep Update*
- November 14, 2019 - Physical Access Control*
- October 24, 2019 - APT41*
- September 12, 2019 - Blockchain Application in the Healthcare Industry*
- September 4, 2019 - Sodinokibi: Aggressive Ransomware Impacting HPH Sector*
- August 1, 2019 - 5G Security Implications for the Healthcare Enterprise*
- July 11, 2019 - Medical Device Image Tampering*
- May 9, 2019 - Credential Stuffing*
- April 25, 2019 - Free Web Scanning Resources*
Sector Alerts
Provides high-level, situational background information and context for technical and executive audiences. Designed to assist the sector with defense of large scale and high level vulnerabilities.
- December 17, 2021 - Log4j Update Sector Alert*
- December 10, 2021 - Log4j Sector Alert*
- November 16, 2021 - Intel BIOS Vulnerabilities Sector Alert*
- November 12, 2021 - ManageEngine APT27 Sector Alert*
- October 8, 2021 - Medusa TangleBot Malware Sector Alert*
- September 22, 2021 - VMware Vulnerabilities Sector Alert*
- August 27, 2021 - Pulse Secure Vulnerabilities*
- August 19, 2021 - Fortinet Sector Alert*
- August 3, 2021 - PwnedPiper Impact on Healthcare*
- July 30, 2021 - HiveNightmare/SeriousSAM Potential HPH Impact Sector Alert
- July 9, 2021 - Phillips Vue PACS Sector Alert*
- June 29, 2021 - PACS Vulnerabilities Sector Alert*
- June 4, 2021 - Vulnerabilities Reported by MesaLabs for AmegaView*
- May 28, 2021 - New Phishing Campaign Launched by SOLARWINDS Attackers*
- May 12, 2021 - CISCO Sector Alert*
- May 6, 2021 - EXIM Sector Alert*
- April 22, 2021 - SonicWall Sector Alert*
- December 16, 2020 - Sector Alert COVID Phishing TLP WHITE*
- October 2, 2020 - Bazarloader*
- September 8, 2020 - Maldoc Information Stealer*
- August 27, 2020 - Agent Tesla Phishing*
- August 21, 2020 - Thales Vulnerability*
- August 13, 2020 - XenMobile Sector Alert*
- July 21, 2020 - SharePoint CVE-2020-1147*
- May 19, 2020 - Cybersecurity Vulnerabilities Of Interest to the Health Sector*
- April 16, 2020 - Fake Online Coronavirus Map Delivers Well-known Malware*
- April 16, 2020 - Multiple Vulnerabilities in Cisco UCS Director and Cisco UCS Director Express for Big Data*
- April 15, 2020 - VMWare Directory Service Critical Vulnerability*
- March 26, 2020 - APT41 Citrix and Zoho Attacks on Healthcare*
Other Products
Includes quick information Analyst Notes and in-depth White Papers, which increase comprehensive cybersecurity situational awareness and provide recommendations to a wide audience.
- December 21, 2021 - Log4j Scanner Alert*
- December 15, 2021 - November 2021 Vulnerability Bulletin*
- December 13, 2021 - Hillrom Welch Allyn Cardiology Products Vulnerability Alert*
- November 23, 2021 - BIO-ISAC Tardigrade Malware Alert*
- November 17, 2021 - October 2021 Vulnerability Bulletin*
- November 17, 2021 - CISA/FBI/ACSC/NCSC Iranians Fortinet Exchange Alert*
- November 12, 2021 - Forescout Nucleus TCPIP Alert*
- October 28, 2021 - Threat Actor Orange Targets US HPH Entities Analyst Note*
- October 26, 2021 - 2021 Q3 Healthcare Cybersecurity Bulletin*
- October 19, 2021 - Joint CISA/NSA/FBI BlackMatter Ransomware Alert*
- October 15, 2021 - September 2021 Vulnerability Bulletin*
- October 13, 2021 - Q3 2021 HPH Ransomware Trends Analyst Note*
- October 7, 2021 - Medtronic Alert*
- October 6, 2021 - Two Factor Authorization*
- October 1, 2021 - Hardening Remote Access VPN Alert*
- September 30, 2021 - Conti Ransomware Alert*
- September 28, 2021 - New Azure AD Brute-Force Alert
- September 23, 2021 - BrakTooth Analyst Note*
- September 7, 2021 - August 2021 Vulnerability Bulletin*
- September 2, 2021 - Phishing Analyst Note*
- September 1, 2021 - Holiday Ransomware Alert*
- August 25, 2021 - IOCs Associated with Hive Ransomware Alert*
- August 24, 2021 - OnePercent Group Ransomware Alert*
- August 18, 2021 - July Vulnerability Bulletin*
- August 18, 2021 - BlackBerry QNX RTOS Alert*
- August 6, 2021 - Lazio Ransomware Attack Analyst Note*
- July 29, 2021 - Top Routinely Exploited Vulnerabilities for 2020 and 2021
- July 28, 2021 - Geutebrück G-Cam E2 Series Camera Vulnerabilities Alert
- July 22, 2021 - Exploitation of Pulse Connect Secure Vulnerabilities*
- July 15, 2021 - PrintNightmare Vulnerability Update 1*
- July 8, 2021 - Phobos Ransomware Analyst Note*
- July 6, 2021 - PrintNightmare Vulnerability*
- June 11, 2021 - May 2021 Vulnerability Bulletin*
- May 25, 2021 - Conti Ransomware Analyst Note*
- May 11, 2021 - April 2021 Vulnerability Bulletin*
- April 26, 2021 - API Security for the HPH*
- April 21, 2021 - Pulse Secure Vulnerabilities Analyst Note*
- April 15, 2021 - NAME WRECK Analyst Note*
- April 13, 2021 - Vishing Analyst Note*
- March 23, 2021 - CL0P Analyst Note*
- March 12, 2021 - New Ryuk Variant Analyst Note*
- March 8, 2021 - February 2021 HPH Cybersecurity Vulnerability Bulletin*
- March 8, 2021 - Microsoft Exchange Server Detection Analyst Note*
- March 3, 2021 - Microsoft Exchange Server Analyst Note*
- February 23, 2021 - Accellion Analyst Note*
- February 12, 2021 - HC3 January 2021 HPH Vulnerability Bulletin*
- January 12, 2021 - December 2020 Vulnerability Bulletin*
- January 4, 2021 - TCP-IP Stack Analyst Note
- December 9, 2020 - November Monthly Cybersecurity Vulnerability Bulletin*
- November 17, 2020 - SDBBot Analyst Note*
- November 16, 2020 - Cl0p Ransomware*
- October 1, 2020 - September Monthly Cybersecurity Vulnerability Bulletin*
- July 20, 2020 - July Vulnerability Bulletin*
- June 16, 2020 - Dridex Malware - a Growing Threat to the HPH Sector*
- June 16, 2020 - Formbook Malware Phishing Campaigns*
- June 16, 2020 - LokiBot Malware Threat to Healthcare*
- June 16, 2020 - Pony/Fareit Malware: A Growing Threat to the Healthcare and Public Health Sector*
- June 16, 2020 - Remcos RAT*
- June 16, 2020 - Remote Access Trojan "Agent Tesla" Targets Organizations with COVID-themed Phishing Attacks*
- June 16, 2020 - Remote Access Trojan Nanocore Poses Risk to HPH Sector*
- June 16, 2020 - Ursnlf Malware*
- May 12, 2020 - Mobile Browser Hijacker Attempts to Social Engineer Users to Install a Potentially Unwanted Program (PUP)*
- April 3, 2020 - COVID-19 VTC Exploitation*
- February 3, 2020 - Coronavirus Themed E-mail Phishing*
- April 12, 2019 - A Cost Analysis of Healthcare Sector Data Breaches*
* This content is in the process of Section 508 review. If you need immediate assistance accessing this content, please submit a request to HC3@hhs.gov. Content will be updated pending the outcome of the Section 508 review.