Cybersecurity
Cyber Threat Intelligence, Alerts and Reports
As part of the AHA鈥檚 commitment to helping hospitals and health systems prepare for and prevent cyber threats, we have gathered the latest government cyber threat intelligence and alerts and Health Information Sharing and Analysis Center (H-ISAC) reports.
You may be asked to enter your AHA member credentials to view certain reports and intelligence alerts.
Cybersecurity & Risk Advisory
Learn how AHA can help hospitals and health systems prepare for and mitigate cyber threats through the expertise of John Riggi, AHA鈥檚 National Advisor for Cybersecurity and Risk.
The information technology vendor, F5, disclosed a significant vulnerability in their BIG-IP suite of tools which, when exploited, allows for remote code execution ultimately leading to complete compromise of the host and the potential for further compromise of the network which it sits on.
This edition takes an in-depth look at one of the more unique and interesting governmental processes that has a significant influence on cybersecurity in the private sector.
The departments of Homeland Security and Health and Human Services and the National Security Agency alerted the field to a significant vulnerability affecting the Palo Alto Networks鈥 PAN-OS firewall software that cyber attackers could easily exploit remotely via the internet.
On June 29, 2020, Palo Alto Networks announced a vulnerability (CVE-2020-2021) affecting their PAN-OS firewall software.
Dridex was originally developed as a financial Trojan that initially makes contact with its victims via
phishing/spam email campaigns.
In this edition, Hacking Healthcare revisits digital contact-tracing to keep you updated on the latest
developments around the world and will remind you about the ingenuity of malicious actors by recounting how LinkedIn was weaponized to compromise European aerospace and defense firms. Lastly鈥
On June 17, 2020, researchers reported on a bus driver installed by FabulaTech for their 鈥淯SB for Remote Desktop鈥 software that has a vulnerability (tracked as CVE-2020-9332). The vulnerability allows a non-privileged user to potentially take over a targeted device on the network.
LokiBot Malware Threat to Healthcare, June 16, 2020
Lokibot is an information stealer; the main functionality of its binary is to collect system and application credentials and user information to send back to the attacker.
Pony malware, also known as Fareit, Classified by Trend Micro as a Trojan-Spyware, this crimeware is primarily used to steal user and File Transfer Protocol (FTP) credentials and passwords, download other payloads, and bring compromised systems into a botnet.
Formbook is an information stealing malware, also known as 鈥渇orm grabber鈥 malware. The malware is installed on victims鈥 computers when they visit malicious websites or domains.