Content created by Office of the Chief Information Officer (OCIO)
Threat Briefs
- October 17, 2024 – Living Off the Land Attacks, opens in a new tab [PDF, 1.81 MB]
- September 19, 2024 – Healthcare Technology Security, opens in a new tab [PDF, 3.05 MB]
- August 15, 2024 – Privileged User Compromise, opens in a new tab [PDF, 2.55 MB]
- June 13, 2024 – Cloud Security for the HPH, opens in a new tab [PDF, 1.86 MB]
- May 16, 2024 – Business Email Compromise (BEC) & Healthcare, opens in a new tab [PDF, 1.59 MB]
- April 11, 2024 – Social Engineering Targeting the HPH Sector, opens in a new tab [PDF, 2.26 MB]
- February 15, 2024 – Russian Threat Actors Targeting the HPH Sector, opens in a new tab [PDF, 5.71 MB]*
- January 18, 2024 - Ransomware & Healthcare, opens in a new tab [PDF, 2.64 MB]*
- December 7, 2023 - Open-Source Software Risks in the Health Sector, opens in a new tab [PDF, 2.72 MB]*
- November 16, 2023 - Emotet: The Enduring and Persistent Threat to the HPH, opens in a new tab [PDF, 5.22 MB]*
- October 12, 2023 - Cybersecurity Incident Response Plans, opens in a new tab [PDF, 2.89 MB]
- September 21, 2023 - DPRK and Chinese Cyber Crime Threats to the U.S. HPH, opens in a new tab [PDF, 5.73 MB]*
- August 10, 2023 - Multi-Factor Authentication & Smishing, opens in a new tab [PDF, 2.15 MB]
- July 13, 2023 - AI, Cybersecurity and the Health Sector, opens in a new tab [PDF, 6.82 MB]*
- June 8, 2023 - Types of Threat Actors That Threaten Healthcare, opens in a new tab [PDF, 3.00 MB]*
- April 6, 2023 - EMRs A Top Target for Cyber Threat Actors, opens in a new tab [PDF, 3.08 MB]*
- March 9, 2023 - Data Exfiltration Trends in Healthcare, opens in a new tab [PDF, 2.65 MB]
- February 9, 2023 - 2022 Retrospective & 2023 Look Ahead, opens in a new tab [PDF, 8.31 MB]*
- January 12, 2023 - Royal & BlackCat Ransomware, opens in a new tab [PDF, 3.83 MB]*
- December 8, 2022 - Automation and Hacking in Healthcare, opens in a new tab [PDF, 2.02 MB]*
- November 3, 2022 - Iranian Threat Actors and Healthcare, opens in a new tab [PDF, 3.09 MB]
- October 6, 2022 - Abuse of Legitimate Security Tools and the HPH, opens in a new tab [PDF, 4.40 MB]
- September 22, 2022 - APT41 and Recent Activity, opens in a new tab [PDF, 2.13 MB]
- September 8, 2022 - Emerging Technology and Security for the HPH, opens in a new tab [PDF, 2.23 MB]
- August 18, 2022 - The Impact of Social Engineering On Healthcare, opens in a new tab [PDF, 2.88 MB]
- August 4, 2022 - The OWASP Top 10, opens in a new tab [PDF, 1.35 MB]
- July 21, 2022 - Web Application Attacks in Healthcare, opens in a new tab [PDF, 2.01 MB]
- July 7, 2022 - Quantum Cryptography and the Health Sector, opens in a new tab [PDF, 2.30 MB]
- June 16, 2022 - Strengthening Cyber Posture in Healthcare, opens in a new tab [PDF, 1.73 MB]
- June 2, 2022 - The Return of Emotet, opens in a new tab [PDF, 3.65 MB]
- May 19, 2022 - Major Cyber Orgs of Russian Intelligence Services, opens in a new tab [PDF, 3.34 MB]
- May 5, 2022 - Ransomware Trends in Q1 2022, opens in a new tab [PDF, 2.11 MB]
- April 21, 2022 - Insider Threats in Healthcare, opens in a new tab [PDF, 2.15 MB]
- April 7, 2022 - Lapsus$ and the Health Sector, opens in a new tab [PDF, 2.08 MB]*
- March 17, 2022 - An Analysis of the Russia-Ukraine Conflict, opens in a new tab [PDF, 3.34 MB]*
- March 3, 2022 - Health Sector Cyber Security: 2021 Retrospective and 2022 Look Ahead, opens in a new tab [PDF, 5.48 MB]*
- February 17, 2022 - EMR in Healthcare, opens in a new tab [PDF, 2.92 MB]*
- February 3, 2022 - Lessons Learned from the HSE Attack, opens in a new tab [PDF, 3.78 MB]
- January 20, 2022 - Log4j Vulnerabilities and the Health Sector, opens in a new tab [PDF, 2.71 MB]
Sector Alerts
- November 19, 2024 – DocuSign Abuse Sector Alert, opens in a new tab [PDF, 161 KB]
- October 29, 2024 – ClickFix Attacks Sector Alert, opens in a new tab [PDF, 707 KB]
- September 4, 2024 – Apache Tomcat Vulnerabilities Sector Alert, opens in a new tab [PDF, 178 KB]
- August 16, 2024 – Grant Donation Scam Sector Alert, opens in a new tab [PDF, 560 KB]
- July 23, 2024 – Global Technology Outage Sector Alert, opens in a new tab [PDF, 184 KB]
- June 27, 2024 – MOVEit Sector Alert, opens in a new tab [PDF, 180 KB]
- June 12, 2024 – PHP Programming Language Sector Alert, opens in a new tab [PDF, 254 KB]
- June 7, 2024 – Snowflake Sector Alert, opens in a new tab [PDF, 175 KB]
- June 4, 2024 – Baxter Welch Allyn Vulnerabilities Sector Alert, opens in a new tab [PDF, 185 KB]
- April 18, 2024 – Updated Palo Alto Networks Firewalls, opens in a new tab [PDF, 185 KB]
- April 12, 2024 – Palo Alto Networks Firewalls Sector Alert, opens in a new tab [PDF, 168 KB]
- April 3, 2024 – Help Desk Social Engineering Sector Alert, opens in a new tab [PDF, 166 KB]
- March 18, 2024 – Credential Harvesting Sector Alert, opens in a new tab [PDF, 165 KB]
- March 12, 2024 – E-mail Bombing Sector Alert, opens in a new tab [PDF, 457 KB]
- March 1, 2024 – Threats from Fraudulent Websites Sector Alert, opens in a new tab [PDF, 416 KB]
- February 26, 2024 – ScreenConnect Server Vulnerabilities Sector Alert, opens in a new tab [PDF, 250 KB]
- January 22, 2024 - Threat of Unauthorized Access to HPH Orgs Sector Alert, opens in a new tab [PDF, 190 KB]
- November 22, 2023 - Lockbit 3.0 Exploiting Citrix Bleed Sector Alert, opens in a new tab [PDF, 157 KB]*
- November 21, 2023 - Fortinet FortiSIEM Vulnerability Sector Alert, opens in a new tab [PDF, 143 KB]*
- October 6, 2023 - Cisco Emergency Responder Sector Alert, opens in a new tab [PDF, 224 KB]*
- September 29, 2023 - WS FTP Vulnerabilities Sector Alert, opens in a new tab [PDF, 160 KB]*
- September 18, 2023 - ManageEngine Vulnerability Sector Alert, opens in a new tab [PDF, 262 KB]
- September 12, 2023 - Akira Ransomware Sector Alert, opens in a new tab [PDF, 489 KB]
- August 4, 2023 - Rhysida Ransomware Sector Alert, opens in a new tab [PDF, 677 KB]
- July 20, 2023 - Citrix ADC and Citrix Gateway Vulnerabilities Sector Alert, opens in a new tab [PDF, 206 KB]
- June 16, 2023 - Critical Vulnerability in MOVEit Transfer Software Sector Alert, opens in a new tab [PDF, 268 KB]
- June 2, 2023 - MOVEit Transfer Software Sector Alert, opens in a new tab [PDF, 183 KB]
- May 10, 2023 - Veeam Backup & Replication Sector Alert, opens in a new tab [PDF, 233 KB]
- April 28, 2023 - Cl0p and Lockbit New Data Breaches Sector Alert, opens in a new tab [PDF, 492 KB]
- April 7, 2023 - DNS NXDOMAIN Attacks Sector Alert, opens in a new tab [PDF, 215 KB]
- February 22, 2023 - Clop Allegedly Targeting Healthcare Industry Sector Alert, opens in a new tab [PDF, 229 KB]
- January 31, 2023 - OpenEMR Sector Alert, opens in a new tab [PDF, 149 KB]
- December 16, 2022 - Citrix ADC-Gateway Sector Alert, opens in a new tab [PDF, 155 KB]
- October 28, 2022 - OpenSSL Critical Patch, opens in a new tab [PDF, 111 KB]*
- September 19, 2022 - Monkeypox-Themed Phishing Campaign Sector Alert, opens in a new tab [PDF, 335 KB]
- August 18, 2022 - Apple Zero Day Sector Alert, opens in a new tab [PDF, 149 KB]
- August 10, 2022 - Secure Message/Evernote-Themed Phishing Campaign, opens in a new tab [PDF, 343 KB]
- April 7, 2022 - Mailchimp Sector Alert, opens in a new tab [PDF, 231 KB]*
Other Products
- January 16, 2025 – December 2024 Vulnerability Bulletin, opens in a new tab [PDF, 243 KB]*
- December 17, 2024 – Credential Harvesting Analyst Note, opens in a new tab [PDF, 184 KB]*
- December 9, 2024 – November 2024 Vulnerability Bulletin, opens in a new tab [PDF, 212 KB]
- November 13, 2024 – New Midnight Blizzard Campaign Analyst Note, opens in a new tab [PDF, 430 KB]
- November 12, 2024 – Godzilla Webshell Analyst Note, opens in a new tab [PDF, 801 KB]
- November 7, 2024 – October 2024 Vulnerability Bulletin, opens in a new tab [PDF, 267 KB]
- October 28, 2024 – The Miracle Exploit Analyst Note, opens in a new tab [PDF, 285 KB]
- October 9, 2024 – September 2024 Vulnerability Bulletin, opens in a new tab [PDF, 267 KB]
- October 8, 2024 – F5 Misconfiguration Analyst Note, opens in a new tab [PDF, 434 KB]
- October 4, 2024 – Trinity Ransomware Threat Actor Profile, opens in a new tab [PDF, 301 KB]
- September 25, 2024 – Malvertising Analyst Note, opens in a new tab [PDF, 367 KB]
- September 13, 2024 – August 2024 Vulnerability Bulletin, opens in a new tab [PDF, 193 KB]
- July 9, 2024 - June 2024 Vulnerability Bulletin, opens in a new tab [PDF, 197 KB]*
- July 2, 2024 – Vidar Malware Analyst Note, opens in a new tab [PDF, 569 KB]
- June 26, 2024 – Seashell Blizzard Threat Actor Profile, opens in a new tab [PDF, 228 KB]
- June 18, 2024 – Qilin/Agenda Ransomware Threat Profile, opens in a new tab [PDF, 320 KB]
- June 13, 2024 – May 2024 Vulnerability Bulletin, opens in a new tab [PDF, 219 KB]
- May 30, 2024 – Healthcare Sector DDoS Guide Analyst Note, opens in a new tab [PDF, 234 KB]
- May 15, 2024 – April 2024 Vulnerability Bulletin, opens in a new tab [PDF, 219 KB]
- April 10, 2024 – March 2024 Vulnerability Bulletin, opens in a new tab [PDF, 224 KB]*
- April 8, 2024 – Baza(r)Call Campaigns Analyst Note, opens in a new tab [PDF, 599 KB]
- April 5, 2024 – HC3’s Top 10 Most Active Ransomware Groups Analyst Note, opens in a new tab [PDF, 472 KB]
- March 19, 2024 – February 2024 Vulnerability Bulletin, opens in a new tab [PDF, 231 KB]
- February 27, 2024 – ALPHV Blackcat Joint Cybersecurity Advisory, opens in a new tab [PDF, 573 KB]*
- February 7, 2024 – Akira Ransomware Analyst Note, opens in a new tab [PDF, 1.35 MB]*
- February 5, 2024 – January 2024 Vulnerability Bulletin, opens in a new tab [PDF, 229 KB]
- January 4, 2024 – December 2023 Vulnerability Bulletin, opens in a new tab [PDF, 231 KB]
- December 5, 2023 - ownCloud Vulnerability White Paper, opens in a new tab [PDF, 333 KB]
- December 4, 2023 – November 2023 Vulnerability Bulletin, opens in a new tab [PDF, 225 KB]
- November 6, 2023 - BlackSuit Ransomware Analyst Note, opens in a new tab [PDF, 327 KB]
- November 3, 2023 - October 2023 Vulnerability Bulletin, opens in a new tab [PDF, 231 KB]*
- November 1, 2023 - 8Base Ransomware Analyst Note, opens in a new tab [PDF, 697 KB]
- October 26, 2023 - AI and Phishing as a Threat to the HPH White Paper, opens in a new tab [PDF, 347 KB]
- October 25, 2023 - SolarWinds ARM Vulnerabilities Analyst Note, opens in a new tab [PDF, 245 KB]*
- October 23, 2023 - QR Codes and Phishing as a Threat to the HPH White Paper, opens in a new tab [PDF, 447 KB]*
- October 18, 2023 - ServiceNow Vulnerability Analyst Note, opens in a new tab [PDF, 163 KB]
- October 12, 2023 - NoEscape Ransomware Analyst Note, opens in a new tab [PDF, 572 KB]
- October 5, 2023 - September 2023 Vulnerability Bulletin, opens in a new tab [PDF, 231 KB]*
- October 4, 2023 - Securing Remote Access Software Alert, opens in a new tab [PDF, 210 KB]*
- September 29, 2023 - LokiBot Malware Analyst Note, opens in a new tab [PDF, 555 KB]
- September 20, 2023 - August 2023 Vulnerability Bulletin, opens in a new tab [PDF, 202 KB]
- August 23, 2023 - July 2023 Vulnerability Bulletin, opens in a new tab [PDF, 250 KB]*
- August 16, 2023 - China-Based Threat Actor Profiles, opens in a new tab [PDF, 373 KB]
- July 21, 2023 - Remote Identity Management Analyst Note, opens in a new tab [PDF, 188 KB]
- July 13, 2023 - June 2023 Vulnerability Bulletin, opens in a new tab [PDF, 226 KB]
- June 22, 2023 - SEO Poisoning Analyst Note, opens in a new tab [PDF, 292 KB]
- June 16, 2023 - Healthcare and Public Health Sector Cybersecurity Notification, opens in a new tab [PDF, 576 KB]*
- June 14, 2023 - May 2023 Vulnerability Bulletin, opens in a new tab [PDF, 199 KB]*
- June 13, 2023 - FIN11 Threat Profile, opens in a new tab [PDF, 184 KB]*
- May 16, 2023 - April 2023 Vulnerability Bulletin, opens in a new tab [PDF, 69 KB]
- April 17, 2023 - March 2023 Vulnerability Bulletin, opens in a new tab [PDF, 217 KB]
- April 6, 2023 - Q1 2023 Healthcare Cybersecurity Bulletin, opens in a new tab [PDF, 189 KB]
- April 5, 2023 - KillNet Analyst Note, opens in a new tab [PDF, 2.83 MB]*
- March 23, 2023 - HPH Mobile Device Security Checklist, opens in a new tab [PDF, 156 KB]
- March 15, 2023 - Black Basta Threat Profile, opens in a new tab [PDF, 385 KB]
- March 13, 2023 - February 2023 Vulnerability Bulletin, opens in a new tab [PDF, 229 KB]
- February 24, 2023 - MedusaLocker Ransomware Analyst Note, opens in a new tab [PDF, 249 KB]
- February 13, 2023 - Healthcare Sector DDoS Guide Analyst Note, opens in a new tab [PDF, 212 KB]
- February 6, 2023 - January 2023 Vulnerability Bulletin, opens in a new tab [PDF, 235 KB]
- January 30, 2023 - KillNet Analyst Note, opens in a new tab [PDF, 173 KB]
- January 19, 2023 - December 2022 Vulnerability Bulletin, opens in a new tab [PDF, 232 KB]
- January 18, 2023 - 2022 Q4 Healthcare Cybersecurity Bulletin, opens in a new tab [PDF, 178 KB]*
- January 17, 2023 - AI for Malware Development Analyst Note, opens in a new tab [PDF, 295 KB]
- January 4, 2023 - Clop Ransomware Analyst Note, opens in a new tab [PDF, 331 KB]
- December 22, 2022 - KillNet Analyst Note, opens in a new tab [PDF, 178 KB]
- December 12, 2022 - LockBit 3.0 Analyst Note, opens in a new tab [PDF, 233 KB]
- December 12, 2022 - BlackCat Analyst Note, opens in a new tab [PDF, 555 KB]
- December 8, 2022 - November 2022 Vulnerability Bulletin, opens in a new tab [PDF, 243 KB]
- December 7, 2022 - Royal Ransomware Analyst Note, opens in a new tab [PDF, 449 KB]
- December 2, 2022 - Cuba Ransomware Alert, opens in a new tab [PDF, 138 KB]
- November 21, 2022 - Lorenz Ransomware Analyst Note, opens in a new tab [PDF, 165 KB]
- November 14, 2022 - October 2022 Vulnerability Bulletin, opens in a new tab [PDF, 215 KB]
- November 9, 2022 - Venus Ransomware Analyst Note, opens in a new tab [PDF, 201 KB]
- October 25, 2022 - September 2022 Vulnerability Bulletin, opens in a new tab [PDF, 238 KB]
- September 30, 2022 - Microsoft Exchange Zero-Day Alert, opens in a new tab [PDF, 149 KB]
- September 6, 2022 - August 2022 Vulnerability Bulletin, opens in a new tab [PDF, 220 KB]
- August 29, 2022 - Evil Corp Threat Profile, opens in a new tab [PDF, 589 KB]
- August 24, 2022 - Karakurt Threat Profile Analyst Note, opens in a new tab [PDF, 207 KB]
- August 19, 2022 - Vishing Attacks on the HPH Sector Analyst Note, opens in a new tab [PDF, 280 KB]
- August 15, 2022 - July 2022 Vulnerability Bulletin, opens in a new tab [PDF, 220 KB]
- August 9, 2022 - Cloud Security Analyst Note, opens in a new tab [PDF, 256 KB]
- August 9, 2022 - OSINT How-To Analyst Note, opens in a new tab [PDF, 292 KB]
- August 4, 2022 - Internet of Things Security Analyst Note, opens in a new tab [PDF, 248 KB]
- July 13, 2022 - June 2022 Vulnerability Bulletin, opens in a new tab [PDF, 204 KB]
- June 8, 2022 - May 2022 Vulnerability Bulletin, opens in a new tab [PDF, 269 KB]
- May 6, 2022 - April 2022 Vulnerability Report, opens in a new tab [PDF, 332 KB]
- April 27, 2022 - 2021 Top Exploited Vulnerabilities Alert, opens in a new tab [PDF, 241 KB]
- April 26, 2022 - Russia Threats to Critical Infrastructure Alert, opens in a new tab [PDF, 228 KB]
- April 26, 2022 - BlackCat ALPHV IOCs Alert, opens in a new tab [PDF, 223 KB]
- April 18, 2022 - Hive Ransomware Analyst Note, opens in a new tab [PDF, 419 KB]
- April 13, 2022 - Aethon TUG Home Base Server Alert, opens in a new tab [PDF, 240 KB]
- April 6, 2022 - Philips Vue PACS Alert Update B, opens in a new tab [PDF, 223 KB]*
- April 5, 2022 - March 2022 Vulnerability Bulletin, opens in a new tab [PDF, 321 KB]*
- March 30, 2022 - UPS Attack Mitigation Alert, opens in a new tab [PDF, 275 KB]
- March 25, 2022 - AA22-083A Alert, opens in a new tab [PDF, 286 KB]
- March 22, 2022 - Health-ISAC and HC3 Joint Threat Bulletin on Potential Russian Cyberattacks, opens in a new tab [PDF, 923 KB]*
- March 18, 2022 - February 2022 Vulnerability Bulletin, opens in a new tab [PDF, 935 KB]
- March 16, 2022 - Russian Cyber Actors Gain Access by Exploiting Default MFA Protocols and “PrintNightmare” Vulnerability, opens in a new tab [PDF, 236 KB]
- March 10, 2022 - Conti Update, opens in a new tab [PDF, 254 KB]
- March 8, 2022 - PTC Axeda agent and Axeda Desktop Server Vulnerabilities Alert, opens in a new tab [PDF, 262 KB]
- March 1, 2022 - The Russia-Ukraine Cyber Conflict, opens in a new tab [PDF, 1.36 MB]
- February 28, 2022 - Destructive Malware Targeting Ukraine Alert, opens in a new tab [PDF, 392 KB]
- February 25, 2022 - Hermetic Wiper Malware, opens in a new tab [PDF, 374 KB]
- February 23, 2022 - Preparing for Foreign Influence Operations Targeting Critical Infrastructure, opens in a new tab [PDF, 238 KB]*
- February 14, 2022 - 2021 CISA Shields Up Alert, opens in a new tab [PDF, 305 KB]
- February 9, 2022 - 2021 Global Ransomware Trends Alert, opens in a new tab [PDF, 253 KB]
- February 7, 2022 - LockBit 2.0 IOCs Alert, opens in a new tab [PDF, 227 KB]
- February 4, 2022 - January 2022 Vulnerability Bulletin, opens in a new tab [PDF, 431 KB]
- January 28, 2022 - Reduced Threat Posed by BlackMatter Analyst Note, opens in a new tab [PDF, 760 KB]
- January 21, 2022 - 2021 Q4 HC3 Healthcare Cybersecurity Bulletin, opens in a new tab [PDF, 280 KB]
- January 11, 2022 - Russian Sponsored Threats Alert, opens in a new tab [PDF, 237 KB]
- January 10, 2022 - December 2021 Vulnerability Bulletin, opens in a new tab [PDF, 393 KB]
- January 6, 2022 - Mespinoza-GOLD BURLAP-Cyborg Spider Analyst Note, opens in a new tab [PDF, 535 KB]
Archive of Resources
- December 21, 2021 - Log4j Scanner Alert, opens in a new tab [PDF, 277 KB]
- December 15, 2021 - November 2021 Vulnerability Bulletin, opens in a new tab [PDF, 274 KB]*
- December 13, 2021 - Hillrom Welch Allyn Cardiology Products Vulnerability Alert, opens in a new tab [PDF, 264 KB]
- November 23, 2021 - BIO-ISAC Tardigrade Malware Alert, opens in a new tab [PDF, 201 KB]*
- November 17, 2021 - October 2021 Vulnerability Bulletin, opens in a new tab [PDF, 274 KB]
- November 17, 2021 - CISA/FBI/ACSC/NCSC Iranians Fortinet Exchange Alert, opens in a new tab [PDF, 277 KB]
- November 12, 2021 - Forescout Nucleus TCPIP Alert, opens in a new tab [PDF, 201 KB]*
- October 28, 2021 - Threat Actor Orange Targets US HPH Entities Analyst Note, opens in a new tab [PDF, 706 KB]*
- October 26, 2021 - 2021 Q3 Healthcare Cybersecurity Bulletin, opens in a new tab [PDF, 287 KB]*
- October 19, 2021 - Joint CISA/NSA/FBI BlackMatter Ransomware Alert, opens in a new tab [PDF, 202 KB]*
- October 15, 2021 - September 2021 Vulnerability Bulletin, opens in a new tab [PDF, 254 KB]*
- October 13, 2021 - Q3 2021 HPH Ransomware Trends Analyst Note, opens in a new tab [PDF, 398 KB]*
- October 7, 2021 - Medtronic Alert, opens in a new tab [PDF, 200 KB]*
- October 6, 2021 - Two Factor Authorization, opens in a new tab [PDF, 2.29 MB]*
- October 1, 2021 - Hardening Remote Access VPN Alert, opens in a new tab [PDF, 201 KB]*
- September 30, 2021 - Conti Ransomware Alert, opens in a new tab [PDF, 201 KB]*
- September 28, 2021 - New Azure AD Brute-Force Alert, opens in a new tab [PDF, 201 KB]
- September 23, 2021 - BrakTooth Analyst Note, opens in a new tab [PDF, 630 KB]*
- September 7, 2021 - August 2021 Vulnerability Bulletin, opens in a new tab [PDF, 854 KB]*
- September 2, 2021 - Phishing Analyst Note*
- September 1, 2021 - Holiday Ransomware Alert, opens in a new tab [PDF, 201 KB]*
- August 25, 2021 - IOCs Associated with Hive Ransomware Alert, opens in a new tab [PDF, 200 KB]*
- August 24, 2021 - OnePercent Group Ransomware Alert, opens in a new tab [PDF, 200 KB]*
- August 18, 2021 - July Vulnerability Bulletin, opens in a new tab [PDF, 432 KB]*
- August 18, 2021 - BlackBerry QNX RTOS Alert, opens in a new tab [PDF, 202 KB]*
- August 6, 2021 - Lazio Ransomware Attack Analyst Note, opens in a new tab [PDF, 298 KB]*
- July 29, 2021 - Top Routinely Exploited Vulnerabilities for 2020 and 2021, opens in a new tab [PDF, 231 KB]
- July 28, 2021 - Geutebrück G-Cam E2 Series Camera Vulnerabilities Alert, opens in a new tab [PDF, 242 KB]
- July 22, 2021 - Exploitation of Pulse Connect Secure Vulnerabilities, opens in a new tab [PDF, 221 KB]*
- July 15, 2021 - PrintNightmare Vulnerability Update 1, opens in a new tab [PDF, 146 KB]*
- July 8, 2021 - Phobos Ransomware Analyst Note, opens in a new tab [PDF, 218 KB]*
- July 6, 2021 - PrintNightmare Vulnerability, opens in a new tab [PDF, 147 KB]*
- June 11, 2021 - May 2021 Vulnerability Bulletin, opens in a new tab [PDF, 335 KB]*
- May 25, 2021 - Conti Ransomware Analyst Note, opens in a new tab [PDF, 230 KB]*
- May 11, 2021 - April 2021 Vulnerability Bulletin, opens in a new tab [PDF, 208 KB]*
- April 26, 2021 - API Security for the HPH, opens in a new tab [PDF, 134 KB]*
- April 21, 2021 - Pulse Secure Vulnerabilities Analyst Note, opens in a new tab [PDF, 147 KB]*
- April 15, 2021 - NAME WRECK Analyst Note, opens in a new tab [PDF, 117 KB]*
- April 13, 2021 - Vishing Analyst Note, opens in a new tab [PDF, 432 KB]*
- March 23, 2021 - CL0P Analyst Note, opens in a new tab [PDF, 192 KB]*
- March 12, 2021 - New Ryuk Variant Analyst Note, opens in a new tab [PDF, 85 KB]*
- March 8, 2021 - February 2021 HPH Cybersecurity Vulnerability Bulletin, opens in a new tab [PDF, 137 KB]*
- March 8, 2021 - Microsoft Exchange Server Detection Analyst Note, opens in a new tab [PDF, 114 KB]*
- March 3, 2021 - Microsoft Exchange Server Analyst Note, opens in a new tab [PDF, 124 KB]*
- February 23, 2021 - Accellion Analyst Note, opens in a new tab [PDF, 136 KB]*
- February 12, 2021 - HC3 January 2021 HPH Vulnerability Bulletin, opens in a new tab [PDF, 148 KB]*
- January 12, 2021 - December 2020 Vulnerability Bulletin, opens in a new tab [PDF, 107 KB]*
- January 4, 2021 - TCP-IP Stack Analyst Note, opens in a new tab [PDF, 157 KB]
- December 17, 2021 - Log4j Update Sector Alert, opens in a new tab [PDF, 220 KB]*
- December 10, 2021 - Log4j Sector Alert, opens in a new tab [PDF, 324 KB]
- November 16, 2021 - Intel BIOS Vulnerabilities Sector Alert, opens in a new tab [PDF, 229 KB]*
- November 12, 2021 - ManageEngine APT27 Sector Alert, opens in a new tab [PDF, 186 KB]*
- October 8, 2021 - Medusa TangleBot Malware Sector Alert, opens in a new tab [PDF, 427 KB]*
- September 22, 2021 - VMware Vulnerabilities Sector Alert, opens in a new tab [PDF, 232 KB]*
- August 27, 2021 - Pulse Secure Vulnerabilities, opens in a new tab [PDF, 351 KB]*
- August 19, 2021 - Fortinet Sector Alert, opens in a new tab [PDF, 223 KB]*
- August 3, 2021 - PwnedPiper Impact on Healthcare, opens in a new tab [PDF, 367 KB]*
- July 30, 2021 - HiveNightmare/SeriousSAM Potential HPH Impact Sector Alert, opens in a new tab [PDF, 253 KB]
- July 9, 2021 - Phillips Vue PACS Sector Alert, opens in a new tab [PDF, 185 KB]*
- June 29, 2021 - PACS Vulnerabilities Sector Alert, opens in a new tab [PDF, 182 KB]*
- June 4, 2021 - Vulnerabilities Reported by MesaLabs for AmegaView, opens in a new tab [PDF, 200 KB]*
- May 28, 2021 - New Phishing Campaign Launched by SOLARWINDS Attackers, opens in a new tab [PDF, 203 KB]*
- May 12, 2021 - CISCO Sector Alert, opens in a new tab [PDF, 203 KB]*
- May 6, 2021 - EXIM Sector Alert, opens in a new tab [PDF, 191 KB]*
- April 22, 2021 - SonicWall Sector Alert, opens in a new tab [PDF, 258 KB]*
- December 2, 2021 - FIN12 as a Threat to Healthcare, opens in a new tab [PDF, 2.00 MB]*
- November 18, 2021 - Zero-Day Attacks, opens in a new tab [PDF, 3.32 MB]
- November 4, 2021 - Cobalt Strike, opens in a new tab [PDF, 3.81 MB]*
- October 21, 2021 - Hive Ransomware, opens in a new tab [PDF, 1.84 MB]*
- October 7, 2021 - Blockchain for Healthcare, opens in a new tab [PDF, 2.99 MB]*
- September 23, 2021 - LockBit Ransomware, opens in a new tab [PDF, 4.76 MB]*
- September 2, 2021 - Demystifying BlackMatter, opens in a new tab [PDF, 1.99 MB]*
- August 19, 2021 - REvil Update, opens in a new tab [PDF, 3.08 MB]*
- August 5, 2021 - Qbot/QakBot Ransomware, opens in a new tab [PDF, 2.51 MB]*
- July 8, 2021 - Conti Ransomware, opens in a new tab [PDF, 3.46 MB]*
- June 17, 2021 - The Evolution of Cyber Hunt Processes, opens in a new tab [PDF, 2.42 MB]*
- June 3, 2021 - Ransomware Trends 2021, opens in a new tab [PDF, 2.07 MB]*
- May 20, 2021 - API for the HPH, opens in a new tab [PDF, 1.85 MB]*
- May 06, 2021 - China's 14th FYP and the HPH, opens in a new tab [PDF, 2.50 MB]*
- April 22, 2021 - Cyber Supply Chain Risk Management, opens in a new tab [PDF, 3.33 MB]*
- April 8, 2021 - Ryuk Variants, opens in a new tab [PDF, 1.58 MB]*
- March 25, 2021 - DPRK Cyber Espionage, opens in a new tab [PDF, 2.35 MB]*
- March 18, 2021 - HPH Cyberthreats to Biotechnology, opens in a new tab [PDF, 3.62 MB]*
- March 11, 2021 - 2021 HPH Cybersecurity Forecast, opens in a new tab [PDF, 1.77 MB]*
- March 4, 2021 - DNS Tunneling, opens in a new tab [PDF, 1.68 MB]*
- February 25, 2021 - Securing SSL/TLS in Healthcare, opens in a new tab [PDF, 2.47 MB]*
- February 18, 2021 - 2020 HPH Cybersecurity Retrospective, opens in a new tab [PDF, 2.95 MB]*
- February 11, 2021 - Threat Posed by Bulk Email Services, opens in a new tab [PDF, 1.61 MB]*
- February 4, 2021 -Threats in Healthcare Cloud Computing, opens in a new tab [PDF, 2.06 MB]*
- January 28, 2021 - ATTACK for Emotet, opens in a new tab [PDF, 1.96 MB]*
- January 21, 2021 - Laying a Strong Cyber Foundation for the HPH, opens in a new tab [PDF, 6.95 MB]*
- January 14, 2021 - HPH Distributed Attack Vectors TLP WHITE, opens in a new tab [PDF, 2.45 MB]*
- December 10, 2020 - Evasive Methods Against Healthcare, opens in a new tab [PDF, 4.13 MB]*
- November 12, 2020 - Trickbot and Ryuk, opens in a new tab [PDF, 703 KB]*
- November 5, 2020 - SMB Vulnerabilities in Healthcare, opens in a new tab [PDF, 1.14 MB]*
- October 29, 2020 - QakBot, opens in a new tab [PDF, 1.15 MB]*
- October 22, 2020 - Using Honeypots for Network Intrusion Detection, opens in a new tab [PDF, 1.44 MB]*
- October 15, 2020 - Unix/Mac/Linux OS Malware, opens in a new tab [PDF, 1.51 MB]*
- October 8, 2020 - True Fighter RDP, opens in a new tab [PDF, 719 KB]*
- October 1, 2020 - Zero Trust, opens in a new tab [PDF, 1.04 MB]*
- September 24, 2020 - Netwalker, opens in a new tab [PDF, 2.28 MB]*
- September 17, 2020 - Malspam, opens in a new tab [PDF, 1.18 MB]*
- September 3, 2020 - CIS Controls in HPH, opens in a new tab [PDF, 1.56 MB]*
- August 27, 2020 - Pulse Secure VPN, opens in a new tab [PDF, 638 KB]*
- August 20, 2020 - 5G Security for Healthcare, opens in a new tab [PDF, 3.48 MB]*
- August 13, 2020 - COVID-19 Cyber Threats (Update), opens in a new tab [PDF, 1.31 MB]*
- August 6, 2020 - Cybersecurity Maturity Models, opens in a new tab [PDF, 695 KB]*
- July 23, 2020 - Dark Web and Cybercrime, opens in a new tab [PDF, 803 KB]*
- July 23, 2020 - HPH-Sector Cyber Threat Actor Modeling with Mitre ATT&CK, opens in a new tab [PDF, 4.28 MB]*
- July 9, 2020 - Business Email Compromise in the Health Sector, opens in a new tab [PDF, 1.45 MB]*
- June 9, 2020 - APT and Cybercriminal Targeting of HCS, opens in a new tab [PDF, 1.06 MB]*
- June 4, 2020 - Social Media Attacks, opens in a new tab [PDF, 3.36 MB]*
- May 21, 2020 - Web Shell Malware:Threats and Mitigations, opens in a new tab [PDF, 1.19 MB]*
- May 14, 2020 - COVID-19 Related Nation-State and Cyber Criminal Targeting of the Healthcare Sector, opens in a new tab [PDF, 1.57 MB]*
- May 7, 2020 - Quantitative Risk Management for Healthcare Cybersecurity, opens in a new tab [PDF, 813 KB]*
- April 30, 2020 - Threat Modeling for Mobile Health Systems, opens in a new tab [PDF, 1.24 MB]*
- April 23, 2020 - COVID-19 Cyber Threats, opens in a new tab [PDF, 1.91 MB]*
- April 16, 2020 - AZORult Malware, opens in a new tab [PDF, 1.43 MB]*
- April 9, 2020 - Access Control on Health Information Systems, opens in a new tab [PDF, 1.46 MB]*
- April 2, 2020 - 2019 Threats Posed to Healthcare Sector by Use of Third-Party Services, opens in a new tab [PDF, 1.49 MB]*
- March 26, 2020 - Securely Teleworking in Healthcare, opens in a new tab [PDF, 2.77 MB]*
- March 19, 2020 - Multifactor Authentication, opens in a new tab [PDF, 1.17 MB]*
- March 19, 2020 - NIST Privacy Framework: A Tool for Improving Privacy Through Enterprise Risk Management, opens in a new tab [PDF, 727 KB]*
- March 19, 2020 - Wearable Device Security, opens in a new tab [PDF, 906 KB]*
- March 19, 2020 - Wearable Device Security and SweynTooth Vulnerabilities, opens in a new tab [PDF, 69 KB]*
- March 5, 2020 - Incident Response, opens in a new tab [PDF, 1.01 MB]*
- February 28, 2020 - "SweynTooth" Devices in the Medical Environment, opens in a new tab [PDF, 1.64 MB]*
- February 20, 2020 - PyXie Remote Access Trojan (RAT), opens in a new tab [PDF, 1.24 MB]*
- February 20, 2020 - Botnet Threat to the Healthcare Industry, opens in a new tab [PDF, 1.54 MB]*
- February 13, 2020 - Electronic Health Record Systems, opens in a new tab [PDF, 1.03 MB]*
- February 6, 2020 - A.I. Application and Security Implications in the Healthcare Industry, opens in a new tab [PDF, 2.56 MB]*
- January 30, 2020 - Ryuk Update, opens in a new tab [PDF, 1.91 MB]*
- January 9, 2020 - Trickbot, opens in a new tab [PDF, 1.05 MB]*
- December 19, 2019 - Emotet Update, opens in a new tab [PDF, 1.78 MB]*
- December 12, 2019 - Maze Ransomware, opens in a new tab*
- December 5, 2019 - BlueKeep Update, opens in a new tab [PDF, 1.48 MB]*
- November 14, 2019 - Physical Access Control, opens in a new tab*
- October 24, 2019 - APT41, opens in a new tab [PDF, 1.47 MB]*
- September 12, 2019 - Blockchain Application in the Healthcare Industry, opens in a new tab*
- September 4, 2019 - Sodinokibi: Aggressive Ransomware Impacting HPH Sector, opens in a new tab*
- August 1, 2019 - 5G Security Implications for the Healthcare Enterprise, opens in a new tab*
- July 11, 2019 - Medical Device Image Tampering, opens in a new tab*
- May 9, 2019 - Credential Stuffing, opens in a new tab*
- April 25, 2019 - Free Web Scanning Resources, opens in a new tab*
- December 16, 2020 - Sector Alert COVID Phishing TLP WHITE, opens in a new tab*
- October 2, 2020 - Bazarloader, opens in a new tab*
- September 8, 2020 - Maldoc Information Stealer, opens in a new tab*
- August 27, 2020 - Agent Tesla Phishing, opens in a new tab*
- August 21, 2020 - Thales Vulnerability, opens in a new tab*
- August 13, 2020 - XenMobile Sector Alert, opens in a new tab*
- July 21, 2020 - SharePoint CVE-2020-1147, opens in a new tab*
- May 19, 2020 - Cybersecurity Vulnerabilities Of Interest to the Health Sector, opens in a new tab*
- April 16, 2020 - Fake Online Coronavirus Map Delivers Well-known Malware, opens in a new tab*
- April 16, 2020 - Multiple Vulnerabilities in Cisco UCS Director and Cisco UCS Director Express for Big Data, opens in a new tab*
- April 15, 2020 - VMWare Directory Service Critical Vulnerability, opens in a new tab*
- March 26, 2020 - APT41 Citrix and Zoho Attacks on Healthcare, opens in a new tab*
- December 9, 2020 - November Monthly Cybersecurity Vulnerability Bulletin, opens in a new tab*
- November 17, 2020 - SDBBot Analyst Note, opens in a new tab*
- November 16, 2020 - Cl0p Ransomware, opens in a new tab*
- October 1, 2020 - September Monthly Cybersecurity Vulnerability Bulletin, opens in a new tab*
- July 20, 2020 - July Vulnerability Bulletin, opens in a new tab*
- June 16, 2020 - Dridex Malware - a Growing Threat to the HPH Sector, opens in a new tab*
- June 16, 2020 - Formbook Malware Phishing Campaigns, opens in a new tab*
- June 16, 2020 - LokiBot Malware Threat to Healthcare, opens in a new tab*
- June 16, 2020 - Pony/Fareit Malware: A Growing Threat to the Healthcare and Public Health Sector, opens in a new tab*
- June 16, 2020 - Remcos RAT, opens in a new tab*
- June 16, 2020 - Remote Access Trojan "Agent Tesla" Targets Organizations with COVID-themed Phishing Attacks, opens in a new tab*
- June 16, 2020 - Remote Access Trojan Nanocore Poses Risk to HPH Sector, opens in a new tab*
- June 16, 2020 - Ursnlf Malware, opens in a new tab*
- May 12, 2020 - Mobile Browser Hijacker Attempts to Social Engineer Users to Install a Potentially Unwanted Program (PUP), opens in a new tab*
- April 3, 2020 - COVID-19 VTC Exploitation, opens in a new tab*
- February 3, 2020 - Coronavirus Themed E-mail Phishing, opens in a new tab*
- April 12, 2019 - A Cost Analysis of Healthcare Sector Data Breaches, opens in a new tab*
*This content is in the process of Section 508 review. If you need immediate assistance accessing this content, please submit a request to HC3@hhs.gov, opens in a new window. Content will be updated pending the outcome of the Section 508 review.