H-ISAC: White Reports
On November 13, 2023, the Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) and the Cybersecurity and Infrastructure Security Agency (CISA) released communications to bolster organizations' resiliency and stand up critical business functions during or following a cyber…
On November 01, 2023, CISA released Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities.
On October 23, 2023, HHS published QR Code-Based Phishing (Quishing) as a Threat to the Health Sector, a white paper focused on QR code phishing.
Interest in broadening and deepening the expectations and responsibilities of senior leadership when it comes to cybersecurity is increasingly taking hold in policy circles globally and in particular in the US and Europe.
Social engineering is the attempt to trick someone into revealing information (e.g., a password) or taking an action that can be used to compromise systems or networks.
On October 06, 2023, the Health Sector Cybersecurity Coordination Center (HC3) released a sector alert regarding Critical Vulnerability in Cisco Emergency Responder.
On September 09, 2023, Progress Software released a hotfix to address multiple critical vulnerabilities in the WS_FTP Server and the WS_FTP Server Ad hoc Transfer Module.
Summary:
On September 18, 2023, the Health Sector Cybersecurity Coordination Center (HC3) released a sector alert regarding the Lazarus group exploiting a ManageEngine vulnerability.
A recent uptick in threat actors delivering phishing emails laced with malicious QR codes has beenobserved. Quishing, also known as QR code phishing, involves sending a seemingly time sensitive emailcontaining lures to trick the recipient into taking action and scanning an innocuous QR code.