2025 Mid-Year Horizon Report: Why Now Is the Time to Think Differently
Fortified Health Security just released its biannual 2025 Mid-Year Horizon Report, offering a unique view into what is really happening inside cybersecurity at hospitals, healthcare systems, and their extended digital environments. At the midpoint of 2025, we’re seeing healthcare organizations take cybersecurity more seriously, investing in innovative tools and better frameworks; however, some of the […]
Helping Rural Hospitals Maximize Cybersecurity Budgets
Rural hospitals understand adversity as leaders are always dealing with pressures like tight operating margins and limited resources, especially when it comes to cybersecurity budgets. As these hospitals push to deliver care in some of the nation’s most underserved regions, cybersecurity challenges are becoming increasingly difficult to ignore. A recent survey by Black Book Research […]
CISO Brief: AI Zero-Days & Holiday Threats; What Healthcare Must Prepare for Now
Over the past month, AI vulnerabilities, delayed breach disclosures, and geopolitical tensions have created new challenges for cybersecurity leaders in healthcare. In this CISO Brief for June 2025, we take a closer look at the month’s top threats and headline-making events – from the first known AI zero-day exposure in Microsoft 365 Copilot (“EchoLeak”) to […]
CISO Brief: May 2025 Recap – Ransomware Trends, Endpoint Evasion, and the Kettering Health Breach
In our CISO Brief looking at May 2025, we saw threat actors sharpening their techniques and targeting healthcare organizations in ways that challenge our traditional security assumptions. New endpoint evasion tactics, a shift in ransomware strategy targets, and the ransomware group that targeted DaVita may have struck again. This time, it was a different healthcare […]
April 2025 CISO Brief: Behind the Cyber Threat Headlines
Fortified’s Threat Services Team tracks the most pressing cyber threats targeting the healthcare sector each month. April’s activity surrounding PipeMagic ransomware, Oracle’s dual breach allegations, and the news regarding the DaVita ransomware attack illuminate a stark reality: the healthcare sector is under sustained siege from sophisticated threat actors intensifying their focus on healthcare’s legacy systems, […]
BianLian Ransomware Mail Scam Alert: Copycat or Credible?
A new twist in the cybersecurity threat landscape: healthcare organizations recently reported receiving physical letters claiming to be from the BianLian ransomware group. But as TJ Ramsey, Fortified Health Security’s Senior Director of Threat Operations, explains, this may not have been the real deal. “There is no indication this group was really involved. This seems […]
Battling Healthcare Cyber Threats: Why Specialization Matters
When a ransomware attack hit Lawrence General Hospital in 2020, it was more than a disruption; it was a wake-up call. The attack, part of the global SolarWinds breach, forced the hospital to confront the reality that cybersecurity in healthcare is not just about protecting data, but also patients. With patient care on the line, […]
Protecting Patients: The Critical Importance of Cybersecurity in Healthcare
In 2024, the impact of cyberattacks in the healthcare sector were huge, with over 700 large breaches reported, compromising the personal information of more than 250 million individuals: more than 50% of the U.S. population. This alarming trend highlights the critical need for increased cybersecurity in healthcare programs to protect patient safety and maintain trust […]
10 Ways to Secure Yourself from 2FA Bypass Attacks
Phishing is one of the greatest contributors to healthcare data breaches, and these attacks are on the rise. As tactics become increasingly sophisticated, it’s crucial to take proactive steps to protect your organization and prevent cybercriminals from gaining access to sensitive information. Recently, reports have surfaced about a new phishing 2FA bypass attacks (two-factor authentication). A […]
Healthcare Cybersecurity Threats: February 2025
February showed attackers that they don’t need new tricks when old ones still work. Cybercriminals aren’t just relying on past playbooks. They’re refining their methods, launching more targeted phishing campaigns, weaponizing zero-click vulnerabilities, and turning trusted tools into attack vectors. Here is a look at six cybersecurity threat alerts from the past month. Fortinet’s Super […]
