*** H-ISAC Alert ***

Caution regarding spoofing activity surrounding Not Petya ransomware event

This information is marked TLP White; Subject to standard copyright laws. TLP: White information may be distributed without restriction.

*Any reproduction or reposting of this content requires proper credit/attribution to H-ISAC.

It is being reported that bad actors are attempting to gain credential access through phishing attempts claiming to be Government Agency entities helping to resolve vulnerabilities related to the ongoing campaign.

Organizations are reminded to verify the links and security certificates of any such email. Note that examples include [.com] vs [.gov] extensions on supposed agency websites.  Such phishing is not limited to using government agency spoofing.

• Related Resources & News
• Health-ISAC Hacking Healthcare 8-26-2024
• What is Threat Intelligence? A Comprehensive Overview
• Why Cybercriminals Target Healthcare Data and How Organisations Can Protect Themselves
• Federal Authorities Work to Boost Health-Care Cybersecurity
• Health-ISAC Hacking Healthcare 8-9-2024
• Health-ISAC Medical Device Blog – VEX
• Podcast: Health-ISAC Featured in Cyberwire Daily episode 2021
• Health-ISAC Hacking Healthcare 8-2-2024
• Protecting Healthcare Organizations with Human-Centric Email Security
• American Hospital Association and Health-ISAC Joint Threat Bulletin