Welcome to The Threat Show powered by Fletch! This week we're joined by Nancy Phillips. Nancy was recently the SVP of IT and CISO at Ensemble Health Partners, and has previously worked in security leadership roles at Centura Health and Kaiser Permanente. Nancy talks about the unique challenges facing cybersecurity in the healthcare sector, the importance being encouraging to incoming cybersecurity talent, and much more.
We also discuss five major threats you need to know about.
Healthcare in the Crosshairs of North Korean Cyber Operations (03:39)
North Korean cyber operations are targeting the healthcare industry according to a report from CISA. These dangerous attacks are causing healthcare organizations to suffer system downtimes, ambulance diversions, and more.
Healthcare giant CHS reports first data breach in GoAnywhere hacks (07:33)
The Clop ransomware organization is exploiting a vulnerability that allows them to target the secure file sharing system GoAnywhere MFT. Over 1,000 organizations are impacted by this.
Apple fixes the first zero-day in iPhones and Macs this year (09:31)
Apple has had its first zero-day vulnerability of the year. The vulnerability could be triggered by visiting maliciously crafted websites on Safari, allowing attackers to perform remote code execution.
Microsoft patches three exploited zero-days (10:09)
Microsoft has fixed three zero-day vulnerabilities in their latest Patch Tuesday release. This could be in response to the OneNote compromises we covered in last week’s episode.
Patch Released for CVE-2023-25194 RCE Vulnerability in Apache Kafka (12:00)
The Apache Kafka cloud subsystem has a new remote code execution vulnerability. If your cloud workload is protected behind a VPC or a firewall you should be safe, but if not attackers can gain full control over the subsystem.
Interview with Nancy Phillips (13:09)
Nancy talks about the unique challenges facing cybersecurity in the healthcare sector, the importance being encouraging to incoming cybersecurity talent, and much more.
