Why Tactics Matter in Cybersecurity: Rethinking the Way Healthcare Defends
In a recent Fortified Health Security webinar, T.J. Ramsey, Senior Director of Threat Operations, delivered a pointed message: strategy alone won’t protect healthcare organizations from cyber criminals. Tactical execution is what makes the difference. As cyber threats grow in speed, scale, and sophistication, it’s not just about knowing what to do, but about having the […]
CISO Brief: May 2025 Recap – Ransomware Trends, Endpoint Evasion, and the Kettering Health Breach
In our CISO Brief looking at May 2025, we saw threat actors sharpening their techniques and targeting healthcare organizations in ways that challenge our traditional security assumptions. New endpoint evasion tactics, a shift in ransomware strategy targets, and the ransomware group that targeted DaVita may have struck again. This time, it was a different healthcare […]
April 2025 CISO Brief: Behind the Cyber Threat Headlines
Fortified’s Threat Services Team tracks the most pressing cyber threats targeting the healthcare sector each month. April’s activity surrounding PipeMagic ransomware, Oracle’s dual breach allegations, and the news regarding the DaVita ransomware attack illuminate a stark reality: the healthcare sector is under sustained siege from sophisticated threat actors intensifying their focus on healthcare’s legacy systems, […]
BianLian Ransomware Mail Scam Alert: Copycat or Credible?
A new twist in the cybersecurity threat landscape: healthcare organizations recently reported receiving physical letters claiming to be from the BianLian ransomware group. But as TJ Ramsey, Fortified Health Security’s Senior Director of Threat Operations, explains, this may not have been the real deal. “There is no indication this group was really involved. This seems […]
10 Ways to Secure Yourself from 2FA Bypass Attacks
Phishing is one of the greatest contributors to healthcare data breaches, and these attacks are on the rise. As tactics become increasingly sophisticated, it’s crucial to take proactive steps to protect your organization and prevent cybercriminals from gaining access to sensitive information. Recently, reports have surfaced about a new phishing 2FA bypass attacks (two-factor authentication). A […]
Healthcare Cybersecurity Predictions for 2025
As the healthcare industry continues to grapple with evolving cyber threats, Fortified Health Security remains at the forefront of understanding these risks and identifying proactive solutions. In this discussion, Fortified Health Security CEO, Dan L. Dodson and Fortified CISO, Russell Teague analyze the 2025 Horizon Report healthcare cybersecurity predictions –– First with how our 2024 cybersecurity […]
Internet of Medical Things (IoMT)Security: Why Healthcare Must Act Now
The Internet of Medical Things (IoMT) has transformed patient care by delivering real-time data and improving clinical outcomes. However, as Fortified Health Security predicted in its 2025 Horizon Report, interconnected medical devices create new cybersecurity risks. The recent FDA and CISA alerts about vulnerabilities in Contec patient monitors highlight the urgent need for proactive IoMT […]
Going Old School in the New Year: Healthcare Phone Spoofing Scams
It’s a new year, and already, cybercriminals are targeting healthcare—this time, with an old-school tactic: Phone Spoofing. An incident a few weeks ago involving Gritman Medical Center in Moscow, Idaho, serves as a stark reminder that criminals don’t just turn to new technology – sometimes they can go to a trusted old-school method using healthcare […]
The 2025 Horizon Report: Your Roadmap to Cybersecurity Resilience
The healthcare industry is under siege. As we move into 2025, the cybersecurity challenges facing hospitals, health systems, and vendors are growing more complex, more sophisticated, and more frequent. The stakes have never been higher; patient safety, operational continuity, and trust hang in the balance. Cybercriminals are evolving their strategies, leveraging advanced technologies like artificial […]
Living Off the Land Attacks: Unveiling the Illusion
When a threat actor performs a “Living Off the Land” (LOTL) attack, they use legitimate tools and processes within a system to carry out nefarious activities. Unlike traditional malware, LOTL tactics don’t rely on external malicious code; instead, they exploit what’s already in the environment. It’s like a magician transforming ordinary objects into confounding illusions. […]
