Cybersecurity Government Intelligence Reports
The 黑料正能量 Association (AHA) Cybersecurity and Risk Advisory Service share cybersecurity government intelligence reports that are vital to the security of hospitals and health systems.
Alerts published on December 2, 2022.
Executive Summary
Lorenz is human-operated ransomware that has been in operation for approximately two years. In that time, HC3 is aware of the compromise of healthcare and public sector targets. It is used to target larger organizations in what is called 鈥渂ig-game hunting鈥, and publishes data鈥
SUMMARY
Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors.
From mid-June through mid-July 2022, CISA conducted an incident response engagement at a Federal Civilian Executive Branch (FCEB) organization where CISA observed suspected advanced persistent threat (APT) activity.
In October 2022, vulnerabilities to the health sector have been released that require attention. This includes the monthly Patch Tuesday vulnerabilities released by several vendors on the second Tuesday of each month, along with mitigation steps and patches.
The Federal Bureau of Investigation (FBI) is releasing this Private Industry Notification to highlight hacktivism activity and encourage organizations to implement the recommendations in the Mitigations section to reduce the likelihood and impact of distributed denial of service1 (DDoS) attacks.
HHS OCIO HC3 TLP Clear Threat Brief Iranian Threat Actors and Healthcare November 3, 2022.
OpenSSL has released a security advisory to address two vulnerabilities, CVE-2022-3602 and CVE-2022-3786, affecting OpenSSL versions 3.0.0 through 3.0.6.
Joint CISA FBI MS-ISAC Report: Understanding and Responding to Distributed Denial-of-Service Attacks
The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) are releasing this joint guide to provide organizations proactive steps to reduce the likelihood and impact of distributed鈥
A software library called OpenSSL 鈥 used with many of the most common operating systems and applications for secure communications 鈥 is going to receive an important update on Tuesday, November 1, 2022.