This transcription is provided by artificial intelligence. We believe in technology but understand that even the smartest robots can sometimes get speech recognition wrong.

Hey everyone, I'm Drex, and this is The Two Minute Drill, where I cover three hot security stories. Twice a week, all part of the cyber and risk community here at the 229 project and this week health. Today's two minute drill is brought to you by Enterprise Health, a health catalyst company. I hope you got to see Enterprise at HIMSS25, and hopefully you got to see their Blueprint product, a tool that lets you pull all of your risk data from all of your tools into a single unified risk management platform.

And then it lets you prioritize risk. And assign work and track exceptions and drive accountability all in one place. Enterprise Blueprint. If you didn't get to see them at HIMSS, check them out online at EnterpriseHealth. com. Thanks for being with me today. Here's some stuff you might want to know about.

First things first today, Broadcom, if your organization is running VMware, there are three actively exploited zero day flaws that are going on right now focused on their ESXI workstation and Fusion products. So go right now and look at that story or find those patches. and make sure you're covered. The flaws require the bad guys already have admin access to your systems to execute the zero days, but still just make sure you're on top of this one.

I usually try to keep this update mostly non technical and mostly plain English, but nerd alert, there's a story about a cyber gang known as Black Basta. The story's all about some of their chat logs that have been stolen by another hacker and then published on the dark web and the 10 days worth of chat logs.

reveals a lot of really interesting stuff. Internal conflicts, members leaving the group for other groups and why, collecting ransom without delivering functional decryptors. We talk about that all the time. And a lot of their operations and tactics and tools. The Black Basta cyber gang has attacked health care organizations in the past.

Their chat logs also reveal their connections to and their coordination with other hacking groups. They also talk about a lot of cyber defense products that you're probably using and how they're taking steps to work around those. It's fascinating, nerdy stuff. Definitely worth sharing that story with your team.

It's on the news site. And finally today, If you want to be a little freaked out, there's a voice AI demo you should go check out. The story in ARS Technica led me to a test with a company called Sesame and their new AI model. And I would almost swear I was talking to a real person. And within a couple of minutes, I realized I was on the verge of telling the voice AI person stuff that I know I should probably keep private.

Super convincing, a little unnerving. Go see yourself at the Sesame website. That story and a ton of other health care tech and security stories are on one of health care's fastest growing news sites, thisweekhealth. com. Today's two minute drill was brought to you by Enterprise Health, a health catalyst company.

You need to get all your leaders on the same page when prioritizing risk. With Blueprint, you'll be able to prioritize and visualize data and build real accountability. Make unified risk management a reality with Blueprint. Learn more at EnterpriseHealth. com. That's it for today's two minute drill.

Thanks for being here. Stay a little paranoid, and I'll see you around campus.