Skip to main content
U.S. flag

An official website of the United States government

Here’s how you know

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

HTTPS

Secure .gov websites use HTTPS
A lock (LockA locked padlock) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

  • About HHS
  • Programs & Services
  • Grants & Contracts
  • Laws & Regulations
  • Radical Transparency
  • Big Wins
Breadcrumb
  1. Home
  2. About
  3. Agencies
  4. ASA
  5. Office of the Chief Information Officer (OCIO)
  6. Health Sector Cybersecurity Coordination Center (HC3)
  7. HC3 Products
  • Assistant Secretary for Administration (ASA)
  • Fair Chance to Compete for Jobs Act
  • About ASA
  • EEO
    • About EEO
      • No Fear
      • Programs & Offices
      • Contact Reasonable Accommodation Coordinators
      • Personal Assistant Services
    • EEO Policy Statement
  • Office of Organizational Management (OOM)
    • About OOM
    • Consulting Services
    • Fair Act Inventory
    • Contact Us
  • Office of Human Resources (OHR)
    • About OHR
      • OHR Divisions
      • Mission and Vision
      • Leadership
      • Contact Us
    • Begin Your Career at HHS
    • New Employee Orientation
    • HR Policy Library
  • Office of the Chief Information Officer (OCIO)
    • About OCIO
      • What We Do
      • Our Mission
      • Plans & Reports
      • Contact Us
    • Cybersecurity
      • HC3 Home Page
      • HC3 About Us
      • HC3 FAQ
      • HC3 Products
      • HC3 Victim Notification
      • HC3 Contact Us
    • HHS IT Management Jobs
  • Program Support Center (PSC)
    • Accounting
    • Board for Correction
    • Building Operations
    • Debt Collection
    • Federal Real Property Assistance Program (FRPAP)
    • FedResponse Contact Center
    • Financial Reporting Services
    • Grants Management
    • Indirect Cost Negotiations
    • Intake, Suitability, and Badging
    • Mail and Publishing
    • Physical Security, Emergency Management, and Safety
    • Real Property Policy and Strategy
    • Space Design and Construction
    • Supply Chain Management
    • Transportation Services
  • PSC Federal Occupational Health (FOH)
    • Office of the Director
    • Behavioral Health Services
    • Clinical Health Services
    • Environmental Health and Safety Services
    • Wellness and Health Promotion Services

HC3 Products

Threat Briefs

  • October 17, 2024 – Living Off the Land Attacks
  • September 19, 2024 – Healthcare Technology Security
  • August 15, 2024 – Privileged User Compromise
  • June 13, 2024 – Cloud Security for the HPH
  • May 16, 2024 – Business Email Compromise (BEC) & Healthcare
  • April 11, 2024 – Social Engineering Targeting the HPH Sector
  • February 15, 2024 – Russian Threat Actors Targeting the HPH Sector*
  • January 18, 2024 - Ransomware & Healthcare*
  • December 7, 2023 - Open-Source Software Risks in the Health Sector*
  • November 16, 2023 - Emotet: The Enduring and Persistent Threat to the HPH*
  • October 12, 2023 - Cybersecurity Incident Response Plans
  • September 21, 2023 - DPRK and Chinese Cyber Crime Threats to the U.S. HPH*
  • August 10, 2023 - Multi-Factor Authentication & Smishing
  • July 13, 2023 - AI, Cybersecurity and the Health Sector*
  • June 8, 2023 - Types of Threat Actors That Threaten Healthcare*
  • April 6, 2023 - EMRs A Top Target for Cyber Threat Actors*
  • March 9, 2023 - Data Exfiltration Trends in Healthcare
  • February 9, 2023 - 2022 Retrospective & 2023 Look Ahead*
  • January 12, 2023 - Royal & BlackCat Ransomware*
  • December 8, 2022 - Automation and Hacking in Healthcare*
  • November 3, 2022 - Iranian Threat Actors and Healthcare
  • October 6, 2022 - Abuse of Legitimate Security Tools and the HPH
  • September 22, 2022 - APT41 and Recent Activity
  • September 8, 2022 - Emerging Technology and Security for the HPH
  • August 18, 2022 - The Impact of Social Engineering On Healthcare
  • August 4, 2022 - The OWASP Top 10
  • July 21, 2022 - Web Application Attacks in Healthcare
  • July 7, 2022 - Quantum Cryptography and the Health Sector
  • June 16, 2022 - Strengthening Cyber Posture in Healthcare
  • June 2, 2022 - The Return of Emotet
  • May 19, 2022 - Major Cyber Orgs of Russian Intelligence Services
  • May 5, 2022 - Ransomware Trends in Q1 2022
  • April 21, 2022 - Insider Threats in Healthcare
  • April 7, 2022 - Lapsus$ and the Health Sector*
  • March 17, 2022 - An Analysis of the Russia-Ukraine Conflict*
  • March 3, 2022 - Health Sector Cyber Security: 2021 Retrospective and 2022 Look Ahead*
  • February 17, 2022 - EMR in Healthcare*
  • February 3, 2022 - Lessons Learned from the HSE Attack
  • January 20, 2022 - Log4j Vulnerabilities and the Health Sector

Sector Alerts

  • November 19, 2024 – DocuSign Abuse Sector Alert
  • October 29, 2024 – ClickFix Attacks Sector Alert
  • September 4, 2024 – Apache Tomcat Vulnerabilities Sector Alert
  • August 16, 2024 – Grant Donation Scam Sector Alert
  • July 23, 2024 – Global Technology Outage Sector Alert
  • June 27, 2024 – MOVEit Sector Alert
  • June 12, 2024 – PHP Programming Language Sector Alert
  • June 7, 2024 – Snowflake Sector Alert
  • June 4, 2024 – Baxter Welch Allyn Vulnerabilities Sector Alert
  • April 18, 2024 – Updated Palo Alto Networks Firewalls
  • April 12, 2024 – Palo Alto Networks Firewalls Sector Alert
  • April 3, 2024 – Help Desk Social Engineering Sector Alert
  • March 18, 2024 – Credential Harvesting Sector Alert
  • March 12, 2024 – E-mail Bombing Sector Alert
  • March 1, 2024 – Threats from Fraudulent Websites Sector Alert
  • February 26, 2024 – ScreenConnect Server Vulnerabilities Sector Alert
  • January 22, 2024 - Threat of Unauthorized Access to HPH Orgs Sector Alert
  • November 22, 2023 - Lockbit 3.0 Exploiting Citrix Bleed Sector Alert*
  • November 21, 2023 - Fortinet FortiSIEM Vulnerability Sector Alert*
  • October 6, 2023 - Cisco Emergency Responder Sector Alert*
  • September 29, 2023 - WS FTP Vulnerabilities Sector Alert*
  • September 18, 2023 - ManageEngine Vulnerability Sector Alert
  • September 12, 2023 - Akira Ransomware Sector Alert
  • August 4, 2023 - Rhysida Ransomware Sector Alert
  • July 20, 2023 - Citrix ADC and Citrix Gateway Vulnerabilities Sector Alert
  • June 16, 2023 - Critical Vulnerability in MOVEit Transfer Software Sector Alert
  • June 2, 2023 - MOVEit Transfer Software Sector Alert
  • May 10, 2023 - Veeam Backup & Replication Sector Alert
  • April 28, 2023 - Cl0p and Lockbit New Data Breaches Sector Alert
  • April 7, 2023 - DNS NXDOMAIN Attacks Sector Alert
  • February 22, 2023 - Clop Allegedly Targeting Healthcare Industry Sector Alert
  • January 31, 2023 - OpenEMR Sector Alert
  • December 16, 2022 - Citrix ADC-Gateway Sector Alert
  • October 28, 2022 - OpenSSL Critical Patch*
  • September 19, 2022 - Monkeypox-Themed Phishing Campaign Sector Alert
  • August 18, 2022 - Apple Zero Day Sector Alert
  • August 10, 2022 - Secure Message/Evernote-Themed Phishing Campaign
  • April 7, 2022 - Mailchimp Sector Alert*

Other Products

  • January 16, 2025 – December 2024 Vulnerability Bulletin*
  • December 17, 2024 – Credential Harvesting Analyst Note*
  • December 9, 2024 – November 2024 Vulnerability Bulletin
  • November 13, 2024 – New Midnight Blizzard Campaign Analyst Note
  • November 12, 2024 – Godzilla Webshell Analyst Note
  • November 7, 2024 – October 2024 Vulnerability Bulletin
  • October 28, 2024 – The Miracle Exploit Analyst Note
  • October 9, 2024 – September 2024 Vulnerability Bulletin
  • October 8, 2024 – F5 Misconfiguration Analyst Note
  • October 4, 2024 – Trinity Ransomware Threat Actor Profile
  • September 25, 2024 – Malvertising Analyst Note
  • September 13, 2024 – August 2024 Vulnerability Bulletin
  • July 9, 2024 - June 2024 Vulnerability Bulletin*
  • July 2, 2024 – Vidar Malware Analyst Note
  • June 26, 2024 – Seashell Blizzard Threat Actor Profile
  • June 18, 2024 – Qilin/Agenda Ransomware Threat Profile
  • June 13, 2024 – May 2024 Vulnerability Bulletin
  • May 30, 2024 – Healthcare Sector DDoS Guide Analyst Note
  • May 15, 2024 – April 2024 Vulnerability Bulletin
  • April 10, 2024 – March 2024 Vulnerability Bulletin*
  • April 8, 2024 – Baza(r)Call Campaigns Analyst Note
  • April 5, 2024 – HC3’s Top 10 Most Active Ransomware Groups Analyst Note
  • March 19, 2024 – February 2024 Vulnerability Bulletin
  • February 27, 2024 – ALPHV Blackcat Joint Cybersecurity Advisory*
  • February 7, 2024 – Akira Ransomware Analyst Note*
  • February 5, 2024 – January 2024 Vulnerability Bulletin
  • January 4, 2024 – December 2023 Vulnerability Bulletin
  • December 5, 2023 - ownCloud Vulnerability White Paper
  • December 4, 2023 – November 2023 Vulnerability Bulletin
  • November 6, 2023 - BlackSuit Ransomware Analyst Note
  • November 3, 2023 - October 2023 Vulnerability Bulletin*
  • November 1, 2023 - 8Base Ransomware Analyst Note
  • October 26, 2023 - AI and Phishing as a Threat to the HPH White Paper
  • October 25, 2023 - SolarWinds ARM Vulnerabilities Analyst Note*
  • October 23, 2023 - QR Codes and Phishing as a Threat to the HPH White Paper*
  • October 18, 2023 - ServiceNow Vulnerability Analyst Note
  • October 12, 2023 - NoEscape Ransomware Analyst Note
  • October 5, 2023 - September 2023 Vulnerability Bulletin*
  • October 4, 2023 - Securing Remote Access Software Alert*
  • September 29, 2023 - LokiBot Malware Analyst Note
  • September 20, 2023 - August 2023 Vulnerability Bulletin
  • August 23, 2023 - July 2023 Vulnerability Bulletin*
  • August 16, 2023 - China-Based Threat Actor Profiles
  • July 21, 2023 - Remote Identity Management Analyst Note
  • July 13, 2023 - June 2023 Vulnerability Bulletin
  • June 22, 2023 - SEO Poisoning Analyst Note
  • June 16, 2023 - Healthcare and Public Health Sector Cybersecurity Notification*
  • June 14, 2023 - May 2023 Vulnerability Bulletin*
  • June 13, 2023 - FIN11 Threat Profile*
  • May 16, 2023 - April 2023 Vulnerability Bulletin
  • April 17, 2023 - March 2023 Vulnerability Bulletin
  • April 6, 2023 - Q1 2023 Healthcare Cybersecurity Bulletin
  • April 5, 2023 - KillNet Analyst Note*
  • March 23, 2023 - HPH Mobile Device Security Checklist
  • March 15, 2023 - Black Basta Threat Profile
  • March 13, 2023 - February 2023 Vulnerability Bulletin
  • February 24, 2023 - MedusaLocker Ransomware Analyst Note
  • February 13, 2023 - Healthcare Sector DDoS Guide Analyst Note
  • February 6, 2023 - January 2023 Vulnerability Bulletin
  • January 30, 2023 - KillNet Analyst Note
  • January 19, 2023 - December 2022 Vulnerability Bulletin
  • January 18, 2023 - 2022 Q4 Healthcare Cybersecurity Bulletin*
  • January 17, 2023 - AI for Malware Development Analyst Note
  • January 4, 2023 - Clop Ransomware Analyst Note
  • December 22, 2022 - KillNet Analyst Note
  • December 12, 2022 - LockBit 3.0 Analyst Note
  • December 12, 2022 - BlackCat Analyst Note
  • December 8, 2022 - November 2022 Vulnerability Bulletin
  • December 7, 2022 - Royal Ransomware Analyst Note
  • December 2, 2022 - Cuba Ransomware Alert
  • November 21, 2022 - Lorenz Ransomware Analyst Note
  • November 14, 2022 - October 2022 Vulnerability Bulletin
  • November 9, 2022 - Venus Ransomware Analyst Note
  • October 25, 2022 - September 2022 Vulnerability Bulletin
  • September 30, 2022 - Microsoft Exchange Zero-Day Alert
  • September 6, 2022 - August 2022 Vulnerability Bulletin
  • August 29, 2022 - Evil Corp Threat Profile
  • August 24, 2022 - Karakurt Threat Profile Analyst Note
  • August 19, 2022 - Vishing Attacks on the HPH Sector Analyst Note
  • August 15, 2022 - July 2022 Vulnerability Bulletin
  • August 9, 2022 - Cloud Security Analyst Note
  • August 9, 2022 - OSINT How-To Analyst Note
  • August 4, 2022 - Internet of Things Security Analyst Note
  • July 13, 2022 - June 2022 Vulnerability Bulletin
  • June 8, 2022 - May 2022 Vulnerability Bulletin
  • May 6, 2022 - April 2022 Vulnerability Report
  • April 27, 2022 - 2021 Top Exploited Vulnerabilities Alert
  • April 26, 2022 - Russia Threats to Critical Infrastructure Alert
  • April 26, 2022 - BlackCat ALPHV IOCs Alert
  • April 18, 2022 - Hive Ransomware Analyst Note
  • April 13, 2022 - Aethon TUG Home Base Server Alert
  • April 6, 2022 - Philips Vue PACS Alert Update B*
  • April 5, 2022 - March 2022 Vulnerability Bulletin*
  • March 30, 2022 - UPS Attack Mitigation Alert
  • March 25, 2022 - AA22-083A Alert
  • March 22, 2022 - Health-ISAC and HC3 Joint Threat Bulletin on Potential Russian Cyberattacks*
  • March 18, 2022 - February 2022 Vulnerability Bulletin
  • March 16, 2022 - Russian Cyber Actors Gain Access by Exploiting Default MFA Protocols and “PrintNightmare” Vulnerability
  • March 10, 2022 - Conti Update
  • March 8, 2022 - PTC Axeda agent and Axeda Desktop Server Vulnerabilities Alert
  • March 1, 2022 - The Russia-Ukraine Cyber Conflict
  • February 28, 2022 - Destructive Malware Targeting Ukraine Alert
  • February 25, 2022 - Hermetic Wiper Malware
  • February 23, 2022 - Preparing for Foreign Influence Operations Targeting Critical Infrastructure*
  • February 14, 2022 - 2021 CISA Shields Up Alert
  • February 9, 2022 - 2021 Global Ransomware Trends Alert
  • February 7, 2022 - LockBit 2.0 IOCs Alert
  • February 4, 2022 - January 2022 Vulnerability Bulletin
  • January 28, 2022 - Reduced Threat Posed by BlackMatter Analyst Note
  • January 21, 2022 - 2021 Q4 HC3 Healthcare Cybersecurity Bulletin
  • January 11, 2022 - Russian Sponsored Threats Alert
  • January 10, 2022 - December 2021 Vulnerability Bulletin
  • January 6, 2022 - Mespinoza-GOLD BURLAP-Cyborg Spider Analyst Note

Archive of Resources

  • December 21, 2021 - Log4j Scanner Alert
  • December 15, 2021 - November 2021 Vulnerability Bulletin*
  • December 13, 2021 - Hillrom Welch Allyn Cardiology Products Vulnerability Alert
  • November 23, 2021 - BIO-ISAC Tardigrade Malware Alert*
  • November 17, 2021 - October 2021 Vulnerability Bulletin
  • November 17, 2021 - CISA/FBI/ACSC/NCSC Iranians Fortinet Exchange Alert
  • November 12, 2021 - Forescout Nucleus TCPIP Alert*
  • October 28, 2021 - Threat Actor Orange Targets US HPH Entities Analyst Note*
  • October 26, 2021 - 2021 Q3 Healthcare Cybersecurity Bulletin*
  • October 19, 2021 - Joint CISA/NSA/FBI BlackMatter Ransomware Alert*
  • October 15, 2021 - September 2021 Vulnerability Bulletin*
  • October 13, 2021 - Q3 2021 HPH Ransomware Trends Analyst Note*
  • October 7, 2021 - Medtronic Alert*
  • October 6, 2021 - Two Factor Authorization*
  • October 1, 2021 - Hardening Remote Access VPN Alert*
  • September 30, 2021 - Conti Ransomware Alert*
  • September 28, 2021 - New Azure AD Brute-Force Alert
  • September 23, 2021 - BrakTooth Analyst Note*
  • September 7, 2021 - August 2021 Vulnerability Bulletin*
  • September 2, 2021 - Phishing Analyst Note*
  • September 1, 2021 - Holiday Ransomware Alert*
  • August 25, 2021 - IOCs Associated with Hive Ransomware Alert*
  • August 24, 2021 - OnePercent Group Ransomware Alert*
  • August 18, 2021 - July Vulnerability Bulletin*
  • August 18, 2021 - BlackBerry QNX RTOS Alert*
  • August 6, 2021 - Lazio Ransomware Attack Analyst Note*
  • July 29, 2021 - Top Routinely Exploited Vulnerabilities for 2020 and 2021
  • July 28, 2021 - Geutebrück G-Cam E2 Series Camera Vulnerabilities Alert
  • July 22, 2021 - Exploitation of Pulse Connect Secure Vulnerabilities*
  • July 15, 2021 - PrintNightmare Vulnerability Update 1*
  • July 8, 2021 - Phobos Ransomware Analyst Note*
  • July 6, 2021 - PrintNightmare Vulnerability*
  • June 11, 2021 - May 2021 Vulnerability Bulletin*
  • May 25, 2021 - Conti Ransomware Analyst Note*
  • May 11, 2021 - April 2021 Vulnerability Bulletin*
  • April 26, 2021 - API Security for the HPH*
  • April 21, 2021 - Pulse Secure Vulnerabilities Analyst Note*
  • April 15, 2021 - NAME WRECK Analyst Note*
  • April 13, 2021 - Vishing Analyst Note*
  • March 23, 2021 - CL0P Analyst Note*
  • March 12, 2021 - New Ryuk Variant Analyst Note*
  • March 8, 2021 - February 2021 HPH Cybersecurity Vulnerability Bulletin*
  • March 8, 2021 - Microsoft Exchange Server Detection Analyst Note*
  • March 3, 2021 - Microsoft Exchange Server Analyst Note*
  • February 23, 2021 - Accellion Analyst Note*
  • February 12, 2021 - HC3 January 2021 HPH Vulnerability Bulletin*
  • January 12, 2021 - December 2020 Vulnerability Bulletin*
  • January 4, 2021 - TCP-IP Stack Analyst Note
  • December 17, 2021 - Log4j Update Sector Alert*
  • December 10, 2021 - Log4j Sector Alert
  • November 16, 2021 - Intel BIOS Vulnerabilities Sector Alert*
  • November 12, 2021 - ManageEngine APT27 Sector Alert*
  • October 8, 2021 - Medusa TangleBot Malware Sector Alert*
  • September 22, 2021 - VMware Vulnerabilities Sector Alert*
  • August 27, 2021 - Pulse Secure Vulnerabilities*
  • August 19, 2021 - Fortinet Sector Alert*
  • August 3, 2021 - PwnedPiper Impact on Healthcare*
  • July 30, 2021 - HiveNightmare/SeriousSAM Potential HPH Impact Sector Alert
  • July 9, 2021 - Phillips Vue PACS Sector Alert*
  • June 29, 2021 - PACS Vulnerabilities Sector Alert*
  • June 4, 2021 - Vulnerabilities Reported by MesaLabs for AmegaView*
  • May 28, 2021 - New Phishing Campaign Launched by SOLARWINDS Attackers*
  • May 12, 2021 - CISCO Sector Alert*
  • May 6, 2021 - EXIM Sector Alert*
  • April 22, 2021 - SonicWall Sector Alert*
  • December 2, 2021 - FIN12 as a Threat to Healthcare*
  • November 18, 2021 - Zero-Day Attacks
  • November 4, 2021 - Cobalt Strike*
  • October 21, 2021 - Hive Ransomware*
  • October 7, 2021 - Blockchain for Healthcare*
  • September 23, 2021 - LockBit Ransomware*
  • September 2, 2021 - Demystifying BlackMatter*
  • August 19, 2021 - REvil Update*
  • August 5, 2021 - Qbot/QakBot Ransomware*
  • July 8, 2021 - Conti Ransomware*
  • June 17, 2021 - The Evolution of Cyber Hunt Processes*
  • June 3, 2021 - Ransomware Trends 2021*
  • May 20, 2021 - API for the HPH*
  • May 06, 2021 - China's 14th FYP and the HPH*
  • April 22, 2021 - Cyber Supply Chain Risk Management*
  • April 8, 2021 - Ryuk Variants*
  • March 25, 2021 - DPRK Cyber Espionage*
  • March 18, 2021 - HPH Cyberthreats to Biotechnology*
  • March 11, 2021 - 2021 HPH Cybersecurity Forecast*
  • March 4, 2021 - DNS Tunneling*
  • February 25, 2021 - Securing SSL/TLS in Healthcare*
  • February 18, 2021 - 2020 HPH Cybersecurity Retrospective*
  • February 11, 2021 - Threat Posed by Bulk Email Services*
  • February 4, 2021 -Threats in Healthcare Cloud Computing*
  • January 28, 2021 - ATTACK for Emotet*
  • January 21, 2021 - Laying a Strong Cyber Foundation for the HPH*
  • January 14, 2021 - HPH Distributed Attack Vectors TLP WHITE*
  • December 10, 2020 - Evasive Methods Against Healthcare*
  • November 12, 2020 - Trickbot and Ryuk*
  • November 5, 2020 - SMB Vulnerabilities in Healthcare*
  • October 29, 2020 - QakBot*
  • October 22, 2020 - Using Honeypots for Network Intrusion Detection*
  • October 15, 2020 - Unix/Mac/Linux OS Malware*
  • October 8, 2020 - True Fighter RDP*
  • October 1, 2020 - Zero Trust*
  • September 24, 2020 - Netwalker*
  • September 17, 2020 - Malspam*
  • September 3, 2020 - CIS Controls in HPH*
  • August 27, 2020 - Pulse Secure VPN*
  • August 20, 2020 - 5G Security for Healthcare*
  • August 13, 2020 - COVID-19 Cyber Threats (Update)*
  • August 6, 2020 - Cybersecurity Maturity Models*
  • July 23, 2020 - Dark Web and Cybercrime*
  • July 23, 2020 - HPH-Sector Cyber Threat Actor Modeling with Mitre ATT&CK*
  • July 9, 2020 - Business Email Compromise in the Health Sector*
  • June 9, 2020 - APT and Cybercriminal Targeting of HCS*
  • June 4, 2020 - Social Media Attacks*
  • May 21, 2020 - Web Shell Malware:Threats and Mitigations*
  • May 14, 2020 - COVID-19 Related Nation-State and Cyber Criminal Targeting of the Healthcare Sector*
  • May 7, 2020 - Quantitative Risk Management for Healthcare Cybersecurity*
  • April 30, 2020 - Threat Modeling for Mobile Health Systems*
  • April 23, 2020 - COVID-19 Cyber Threats*
  • April 16, 2020 - AZORult Malware*
  • April 9, 2020 - Access Control on Health Information Systems*
  • April 2, 2020 - 2019 Threats Posed to Healthcare Sector by Use of Third-Party Services*
  • March 26, 2020 - Securely Teleworking in Healthcare*
  • March 19, 2020 - Multifactor Authentication*
  • March 19, 2020 - NIST Privacy Framework: A Tool for Improving Privacy Through Enterprise Risk Management*
  • March 19, 2020 - Wearable Device Security*
  • March 19, 2020 - Wearable Device Security and SweynTooth Vulnerabilities*
  • March 5, 2020 - Incident Response*
  • February 28, 2020 - "SweynTooth" Devices in the Medical Environment*
  • February 20, 2020 - PyXie Remote Access Trojan (RAT)*
  • February 20, 2020 - Botnet Threat to the Healthcare Industry*
  • February 13, 2020 - Electronic Health Record Systems*
  • February 6, 2020 - A.I. Application and Security Implications in the Healthcare Industry*
  • January 30, 2020 - Ryuk Update*
  • January 9, 2020 - Trickbot*
  • December 19, 2019 - Emotet Update*
  • December 12, 2019 - Maze Ransomware*
  • December 5, 2019 - BlueKeep Update*
  • November 14, 2019 - Physical Access Control*
  • October 24, 2019 - APT41*
  • September 12, 2019 - Blockchain Application in the Healthcare Industry*
  • September 4, 2019 - Sodinokibi: Aggressive Ransomware Impacting HPH Sector*
  • August 1, 2019 - 5G Security Implications for the Healthcare Enterprise*
  • July 11, 2019 - Medical Device Image Tampering*
  • May 9, 2019 - Credential Stuffing*
  • April 25, 2019 - Free Web Scanning Resources*
  • December 16, 2020 - Sector Alert COVID Phishing TLP WHITE*
  • October 2, 2020 - Bazarloader*
  • September 8, 2020 - Maldoc Information Stealer*
  • August 27, 2020 - Agent Tesla Phishing*
  • August 21, 2020 - Thales Vulnerability*
  • August 13, 2020 - XenMobile Sector Alert*
  • July 21, 2020 - SharePoint CVE-2020-1147*
  • May 19, 2020 - Cybersecurity Vulnerabilities Of Interest to the Health Sector*
  • April 16, 2020 - Fake Online Coronavirus Map Delivers Well-known Malware*
  • April 16, 2020 - Multiple Vulnerabilities in Cisco UCS Director and Cisco UCS Director Express for Big Data*
  • April 15, 2020 - VMWare Directory Service Critical Vulnerability*
  • March 26, 2020 - APT41 Citrix and Zoho Attacks on Healthcare*
  • December 9, 2020 - November Monthly Cybersecurity Vulnerability Bulletin*
  • November 17, 2020 - SDBBot Analyst Note*
  • November 16, 2020 - Cl0p Ransomware*
  • October 1, 2020 - September Monthly Cybersecurity Vulnerability Bulletin*
  • July 20, 2020 - July Vulnerability Bulletin*
  • June 16, 2020 - Dridex Malware - a Growing Threat to the HPH Sector*
  • June 16, 2020 - Formbook Malware Phishing Campaigns*
  • June 16, 2020 - LokiBot Malware Threat to Healthcare*
  • June 16, 2020 - Pony/Fareit Malware: A Growing Threat to the Healthcare and Public Health Sector*
  • June 16, 2020 - Remcos RAT*
  • June 16, 2020 - Remote Access Trojan "Agent Tesla" Targets Organizations with COVID-themed Phishing Attacks*
  • June 16, 2020 - Remote Access Trojan Nanocore Poses Risk to HPH Sector*
  • June 16, 2020 - Ursnlf Malware*
  • May 12, 2020 - Mobile Browser Hijacker Attempts to Social Engineer Users to Install a Potentially Unwanted Program (PUP)*
  • April 3, 2020 - COVID-19 VTC Exploitation*
  • February 3, 2020 - Coronavirus Themed E-mail Phishing*
  • April 12, 2019 - A Cost Analysis of Healthcare Sector Data Breaches*

*This content is in the process of Section 508 review. If you need immediate assistance accessing this content, please submit a request to HC3@hhs.gov. Content will be updated pending the outcome of the Section 508 review.

Content created by Office of the Chief Information Officer (OCIO)
Content last reviewed January 21, 2025
Back to top

Subscribe to Email Updates

Receive the latest updates from the Secretary and Press Releases.

Subscribe
  • Contact HHS
  • Careers
  • HHS FAQs
  • Nondiscrimination Notice
  • Press Room
  • HHS Archive
  • Accessibility Statement
  • Privacy Policy
  • Budget/Performance
  • Inspector General
  • Web Site Disclaimers
  • EEO/No Fear Act
  • FOIA
  • The White House
  • USA.gov
  • Vulnerability Disclosure Policy
HHS Logo

HHS Headquarters

200 Independence Avenue, S.W.
Washington, D.C. 20201
Toll Free Call Center: 1-877-696-6775​

Follow HHS

Follow Secretary Kennedy