ºÚÁÏÕýÄÜÁ¿

Microsoft July 22 released an update on the ongoing cyberattacks to SharePoint servers used within organizations, attributing the incidents to China-based threat actors.

The FBI, Cybersecurity and Infrastructure Security Agency, Department of Health and Human Services and Multi-State Information Sharing and Analysis Center July 23 released a joint advisory detailing malicious activity from Interlock ransomware.

Microsoft July 19 issued an alert about active attacks from vulnerabilities targeting SharePoint servers used within organizations.

In his latest AHA Cyber and Risk Intel blog, Scott Gee, AHA deputy national advisor for cybersecurity and risk, explains how hospitals can prepare for and mitigate risk for both cyber and physical threats to the hospital environment.

Physical threats and cyberthreats are intertwined challenges that pose risks to your entire enterprise. Learn ways to respond from AHA Deputy National Advisor for Cybersecurity and Risk Scott Gee.

In a statement submitted to the Senate Health, Education, Labor and Pensions Committee for a hearing July 9 on health care cybersecurity and patient privacy, the AHA said the highest cyber risk for patient data is often through third-party service and software providers. The AHA encouraged Congress to use federal agencies and resources to protect hospitals and health systems, especially in rural areas.

Cyberattacks on hospitals are urgent threats to patient safety, care delivery and public trust. In this conversation, Ajay Gupta, board chair of Trinity Health Mid-Atlantic and CEO of HSR.health, speaks about the vital role hospital boards play in preparing for and responding to cyber incidents.

The Food and Drug Administration yesterday released a safety notice announcing a software patch is available to address cybersecurity vulnerabilities in certain Contec and Epsimed patient safety monitors.

The Cybersecurity and Infrastructure Security Agency, FBI, Department of Defense Cyber Crime Center and the National Security Agency June 30 released a fact sheet on Iranian-affiliated cyber actors who may target U.S. devices and networks due to geopolitical tensions.

The Centers for Medicare & Medicaid Services today announced it has identified a fraud scheme targeting Medicare providers and suppliers.

The FBI, Cybersecurity and Infrastructure Security Agency and Australian Cyber Security Centre June 4 released an advisory on updated actions and tactics used by the Play ransomware group.

The National Security Agency, Cybersecurity and Infrastructure Security Agency and international partners May 22 released guidance on securing data used for artificial intelligence and machine learning systems.

The FBI, along with the National Security Agency, and other international cybersecurity agencies, this week released a joint agency advisory on cyber operations by the Russian General Staff Main Intelligence Directorate (GRU), also known as APT28, Fancy Bear, Forest Blizzard, Blue Delta and other identifiers, targeting U.S. and global entities.

The FBI's Internet Crime Complaint Center released an alert May 7 warning of cyber actors exploiting vulnerabilities in end-of-life routers.

The FBI’s Internet Criminal Complaint Center May 15 released an alert warning of a malicious text and voice messaging campaign involving impersonators pretending to be senior U.S. officials.

In his latest AHA Cyber Intel blog, John Riggi, AHA national advisor for cybersecurity and risk, examines the state of cyber and physical threats in 2025 as well as the opportunities for progress across the health care sector.

Health care had more cyberthreats last year than any other critical infrastructure industry, according to the FBI's 2024

The National Security Agency April 23 released a report on operational technology systems that includes recommendations for security policies and technical requirements for devices installed in national security systems.

I welcomed John Riggi, AHA’s National Advisor for Cybersecurity and Risk, to our Leadership Dialogue to have a conversation about planning for and navigating cyber and physical threats.

The Cybersecurity and Infrastructure Security Agency April 16 released guidance to reduce risks associated with a reported breach of Oracle cloud services.