Search site
Find podcasts, news, articles, webinars, and contributors in one search.
Channel
Podcasts Hosted by Bill Russell, Sarah Richardson, and Drex DeFord
In-depth interviews with healthcare CIOs, CISOs, and technology leaders. Bill Russell explores the decisions, strategies, and innovations shaping healthcare transformation.
Apr 4, 2025·2 Minute Drill
Class action lawsuits have been filed against Oracle in Texas following recent cyber incidents, with lawyers alleging poor security framework, inadequate staff training, and failure to implement preventative software. The Health Sector Coordinating Council's cybersecurity working group testified to Congress about medical device security and the suspended HIPAA security rule update, citing unrealistic cost estimates and implementation challenges. Additionally, critical zero-day vulnerabilities in
Apr 1, 2025·2 Minute Drill
Drex covers two separate Oracle security incidents affecting healthcare organizations. The Rose87168 hacking group claims to have stolen 6 million user records from Oracle Cloud, now for sale on the dark web. Oracle denies the breach, but independent researchers confirm data authenticity. A second breach on older Cerner servers (not yet migrated to Oracle Cloud) exposed patient medical information, with hackers attempting to extort several US healthcare organizations. The full scope of affected
Mar 31, 2025·2 Minute Drill
Drex covers a major security breach where Trump administration officials shared classified military operation details via Signal chat with an unauthorized reporter, Broadcom's release of critical security updates for VMware tools addressing high-severity vulnerabilities, and a dramatic HHS restructuring that eliminates 10,000 positions, reduces divisions from 28 to 15, and transfers key healthcare security offices including ASPR to CDC and realigns the Office of Civil Rights overseeing HIPAA com
Mar 25, 2025·2 Minute Drill
Drex covers reports of an alleged Oracle Cloud security incident affecting login infrastructure with over 6 million records at risk across 140,000 tenants (though Oracle denies any breach), and 23andMe's bankruptcy filing. Security recommendations include rotating credentials, resetting passwords for Oracle Cloud users, and downloading then deleting personal genetic data from 23andMe as a precautionary measure. Remember, Stay a Little Paranoid X: This Week Health LinkedIn: This Week
Mar 24, 2025·2 Minute Drill
Drex discusses Google's massive $32 billion acquisition of cloud security company Wiz and what it means for healthcare cloud infrastructure. Learn about the recent CISA employee firing controversy and subsequent court-ordered reinstatements. Plus, discover how states are competing to recruit displaced federal cybersecurity professionals - creating a potential hiring opportunity for healthcare organizations. Remember, Stay a Little Paranoid X: This Week Health LinkedIn: This Week Heal
Mar 24, 2025·UnHack the News
March 24, 2025: Brad Marsh (BSN, RN, CEN, CHISL) EVP for Government, Health, and Security Technology at First Health Advisory , joins Drex for the news. How do we protect healthcare systems when everyday medical devices become potential security vulnerabilities? The conversation examines why governance matters more than acquiring new security tools, how organizations should approach comprehensive risk assessment, and what healthcare leaders can learn from the operational strategies of both milit
Mar 20, 2025·2 Minute Drill
2Drex discuss CSA's decision to cut $10 million in funding to the Center for Internet Security's management of MS-ISAC and EI-ISAC programs, which coordinate critical threat information for state, local, and election infrastructure. Meanwhile, a new ransomware gang called Mora 0 0 1 is targeting 49 firewalls by exploiting known vulnerabilities to gain initial network access. The FBI and CISA have also issued warnings about the Medusa ransomware-as-a-service, which has attacked over 300 victims a
Mar 19, 2025·UnHack the News
March 19, 2025: Troy Ament , Industry Leader for Healthcare at Palo Alto Networks Joins Drex for the News. The conversation delves into the importance of establishing relationships with law enforcement before a crisis occurs and why including them in tabletop exercises is crucial. Troy examines why threat actors deliberately target healthcare systems during weekend hours when staffing is minimal. From DDoS attacks serving as distractions to threat actors contacting board members directly, this e
Mar 17, 2025·UnHack the News
March 17, 2025: John Kirkman , VP of Government, Healthcare, and Education from Island , joins Drex for the news. With organizations managing an average of 76 different security tools—up from 64 the previous year—what approaches to rationalization and accountability might create more sustainable security postures? As John introduces the concept of user-centric guardrails rather than purely data-focused defense strategies, the discussion illuminates potential paths forward for an industry where s
Mar 14, 2025·2 Minute Drill
Critical Microsoft Patch Tuesday release includes near-record number of zero-days with six already being exploited. Apple releases patches for Safari browser engine affecting all devices. Analysis of leaked Black Basta ransomware gang chat logs reveals valuable insights on attack strategies and evasion techniques. Recent DDoS attack against X (formerly Twitter) remains largely unattributed despite claims from hacker group DarkStorm and debunked assertions about Ukrainian IP addresses. Remember,
Mar 12, 2025·2 Minute Drill
Drex analyzes three significant cybersecurity developments: the widespread outage of a major social media platform (formerly Twitter) caused by a DDoS attack claimed by hacker group Dark Storm Team, NIST's recent addition of the "govern function" to their cybersecurity framework that emphasizes optimizing existing tools over acquiring new ones, and concerning reports that OpenAI's latest GPT-4.5 model hallucinates 37% of the time, raising important questions about AI reliability for everyday use
Mar 7, 2025·2 Minute Drill
Broadcom reports three actively exploited zero-day vulnerabilities affecting VMware ESXi, Workstation, and Fusion products that require immediate patching. Leaked chat logs from the Black Basta ransomware group reveal internal conflicts, operational tactics, and efforts to circumvent cybersecurity tools. Lastly, A demonstration of Sesame's new voice AI technology shows concerningly realistic capabilities that could potentially lead users to inadvertently share private information. Remember, Stay
Page 7 of 19
Apple Podcasts
