2 Minute Drill: SharePoint Attacks and Why Cybersecurity Training Isn't Working with Drex DeFord
This Week Health: Newsroom · This Week Health
Audio is streamed directly from the publisher (episodes.captivate.fm) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
This week's cybersecurity roundup covers three critical healthcare security developments. Microsoft patched an actively exploited SharePoint zero-day vulnerability (CVE-2024-38023) that allows attackers with basic permissions to execute remote code and pivot through networks. Two major dermatology practice breaches - Mount Laurel Dermatology and Anne Arundel Dermatology - exposed over 1.9 million patient records through third-party vendor compromises, highlighting the risks of business associate agreements. Plus, cybersecurity expert Paul Conley challenges the healthcare industry's reliance on annual training and phishing simulations, advocating for personalized, continuous human risk management approaches that build actual cyber culture rather than just checking compliance boxes.
Remember, Stay a Little Paranoid
Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer