Drex covers three major cybersecurity developments impacting healthcare: the expanding North Korean remote worker infiltration scheme targeting US companies with stolen identities and deepfakes, a cyberattack on medical device manufacturer Monic that disrupted critical supply chains, and the suspicious shutdown of Hunter's International ransomware group offering free decryption tools. Essential insights for healthcare organizations on hiring security, supply chain vulnerabilities, and evolving r...
Jul 10, 2025•5 min•Season 2Ep. 88
July 7, 2025: Mick Coady , CTO at Armis , joins Drex for the news. This episode examines a sobering milestone: the first confirmed patient death directly attributed to a ransomware attack on London's blood distribution system. The conversation explores how a single cyber incident creates cascading effects across entire healthcare networks, flooding neighboring hospitals with redirected patients and overwhelming emergency departments. With 28 healthcare security incidents reported in June alone—m...
Jul 07, 2025•16 min•Season 7Ep. 87
Drex covers three critical cybersecurity developments: Expo's groundbreaking AI-powered penetration testing system dominates HackerOne with over 1,000 vulnerabilities found, Microsoft redesigns the iconic Blue Screen of Death after 40 years, and the Scattered Spider ransomware group pivots from insurance to airline industry attacks using advanced social engineering and deepfakes. Remember, Stay a Little Paranoid X: This Week Health LinkedIn: This Week Health Donate: Alex’s Lemonade Stand: Founda...
Jul 03, 2025•5 min•Season 2Ep. 69
June 30, 2025: George Pappas , CEO of Intraprise Health by Health Catalyst, joins Drex for the news. They discuss a new H-ISAC white paper and the North Korean catfish issues, speculating on how you can verify identity in a world of AI. Can AI solve the very problems it creates? The most revealing discussion centers on a startling industry survey: nearly half of security leaders now spend more time babysitting their tools than actually defending their organizations. Join the discussion around wh...
Jun 30, 2025•23 min•Season 7Ep. 86
Drex covers three critical cybersecurity developments: Scattered Spider's shift to targeting insurance companies including Erie Insurance, Philadelphia Insurance, and Aflac using advanced social engineering tactics; escalating Iran-related cyber threats to US critical infrastructure amid Middle East tensions; and a massive dark web leak exposing 1.6 billion login credentials. Don't miss these actionable security recommendations including reviewing password reset processes, implementing strong au...
Jun 26, 2025•4 min•Season 8Ep. 91
June 23, 2025: Samme Diaz , Vice President of Advisory Services at Healthlink Advisors , joins Sarah for the news. How can healthcare organizations address the persistent challenge of EHR-driven nurse burnout when clunky interfaces and poor workflow integration continue to hinder their progress? And as Emory Healthcare pioneers the nation's first Apple-powered hospital environment, what possibilities emerge when consumer technology meets clinical care? Beyond the technology itself, Sarah and Sam...
Jun 23, 2025•21 min•Season 7Ep. 84
June 20, 2025: Drex dives deep into a chilling case study of AI-powered financial fraud. Learn how cybercriminals used deepfake technology to steal $5 million through a fake CEO video call, and discover why 90% of internet content could be AI-generated by 2026. Learn what to look for and where the threats are evolving in this episode of UnFake. NotebookLM podcast sourced from Eric O’Neill | Speaker, Cybersecurity Expert, Legendary Spy Hunter Remember, Stay a Little Paranoid X: This Week Health L...
Jun 20, 2025•16 min•Season 1Ep. 1
Drex breaks down three critical cybersecurity developments healthcare organizations need to monitor. First, escalating geopolitical tensions suggest increased cyber attacks from Iran and allied nations targeting U.S. critical infrastructure, including healthcare systems. Second, Vanderbilt University Medical Center reports sophisticated Microsoft Teams impersonation attacks where scammers pose as supervisors to request urgent actions like software installation or payments. Finally, deepfake frau...
Jun 19, 2025•3 min•Season 2Ep. 41
After a HIMSS conference presentation on North Korean hackers posing as remote employees led him down an unexpected rabbit hole, Drex unveils his new intermittent series "UnFake". Dive into a world of digital deception and synthetic media, as Drex sets out to help you the listener stay protected and discern fact from fiction in the increasingly complicated field of cybersecurity. You've Been Catfished: The New Remote-Work Employee You Just Hired Is Actually A North Korean Hacker Remember, Stay a...
Jun 17, 2025•2 min•Season 1Ep. 1
June 16, 2025: Philipp von Gilsa , CEO of Kontakt.io , joins Bill Russell for the news. What happens when America's hospitals reach dangerous occupancy thresholds that could make them unable to function properly? And as workplace violence against healthcare workers spikes, what combination of technology and process can effectively protect staff? The conversation delves into the tension between technology capabilities and practical healthcare applications, questioning whether approaches to new in...
Jun 16, 2025•31 min•Season 7Ep. 85
Drex covers three critical cybersecurity incidents: dual cyber attacks affecting healthcare systems in Lewiston, Maine; an AT&T database breach exposing 86 million records with decrypted sensitive data; and concerning backup management issues at login.gov that could impact government service access. The episode concludes with a practical reminder to test backup systems regularly. Remember, Stay a Little Paranoid X: This Week Health LinkedIn: This Week Health Donate: Alex’s Lemonade Stand: Fo...
Jun 12, 2025•4 min•Season 2Ep. 40
June 9, 2025: Healthcare organizations face an unprecedented challenge as potential Medicaid cuts threaten heavy IT staff reductions, but what if the real solution lies hidden in plain sight within their own systems? Jason Rose , CEO of Clearsense , discusses how "zombie applications" - applications that are neither fully alive nor completely dead - are silently draining millions from healthcare budgets. The conversation delves into the harsh realities of crisis governance models, the hidden cos...
Jun 09, 2025•24 min•Season 7Ep. 83
Drex covers four major healthcare cybersecurity developments: Kettering Health's Epic systems recovery following their May 20th cyber attack, with core components now operational while inbound calling systems remain down. Covenant Health faces a new cybersecurity incident affecting three hospitals in Maine and New Hampshire. Seattle's Fred Hutch Cancer Center agreed to a $52 million class action settlement after criminals from their 2023 breach directly threatened patients with data exposure. Pl...
Jun 04, 2025•2 min•Season 2Ep. 39
Drex covers Kettering Health's week-long cyber attack recovery with radiation oncology back online, the mass exodus of CISA leadership amid federal downsizing, and the growing frustration over lack of comprehensive federal cybersecurity strategy for healthcare. Discussion includes regional coordination during cyber incidents and the reality that hospitals are fighting nation-state actors without adequate government support. Remember, Stay a Little Paranoid X: This Week Health LinkedIn: This Week...
Jun 02, 2025•5 min•Season 2Ep. 38
June 2, 2025: Chris Jenkins , EVP of Digital Strategy and Enterprise Imaging for Healthlink Advisors , joins Bill for the news. As the industry appears to shift focus from cybersecurity to AI adoption, they explore whether this transition is happening too quickly. Then, what does it mean when four major health systems make strategic investments in companies like Rad AI? The conversation also covers Emory Healthcare's decision to deploy the first fully Apple-powered hospital, raising questions ab...
Jun 02, 2025•23 min•Season 7Ep. 82
Drex explores two critical cybersecurity threats facing healthcare: the rise of "vibe coding" where non-programmers use AI like Anthropic's Claude to create functional code, creating potential operational risks from undocumented projects, and increasingly sophisticated AI deepfakes from tools like Google's VO3 that cybercriminals are weaponizing for phishing attacks. He emphasizes the need for healthcare leaders to inventory AI coding projects and prepare defenses against deepfake-based social e...
May 28, 2025•5 min•Season 2Ep. 37
May 26, 2025: Ryan Pfeffer , Head of Engineering at Notable , joins Sarah for the news. How are healthcare CIOs navigating the overwhelming influx of AI vendors in a market projected to exceed $500 billion by 2032? The conversation explores the practical challenges of integration, testing processes, and the importance of transparent, explainable features. How is natural language processing transforming healthcare communication and documentation? Ryan shares compelling success stories of staff fr...
May 26, 2025•25 min•Season 7Ep. 81
Drex covers in-depth look at the ongoing ransomware attack on Kettering Health, attributed to the Interlock gang known for double extortion tactics - stealing data before encrypting systems. The health system demonstrates exemplary crisis communication while maintaining operations and warning patients about related scams. Next, the Scattered Spider cybercriminal group shifts focus to European retail, using social engineering tactics and freelancer networks to target help desks and employees for ...
May 23, 2025•5 min•Season 2Ep. 36
Drex covers three critical cybersecurity stories in healthcare: Kettering Health Network's ransomware crisis affecting 14 hospitals with patient data at risk, a landmark $700,000 civil penalty against Breach Forums founder Connor Fitzpatrick, and the release of Have I Been Pwned (HIBP) 2.0 with enhanced breach monitoring capabilities. Stay informed on the latest healthcare security threats and solutions. Remember, Stay a Little Paranoid X: This Week Health LinkedIn: This Week Health Donate: Alex...
May 21, 2025•4 min•Season 2Ep. 35
May 26, 2025: Amy Oliver , VP of Marketing at Panda Health , joins Sarah for the news. What does World Health Day 2025's focus on maternal health reveal about global disparities, and how can digital solutions bridge these gaps? The conversation delves into alarming statistics showing the United States has the highest maternal mortality rate among developed nations, with 80% of these deaths being preventable. How are states addressing social determinants of health for pregnant Medicaid beneficiar...
May 19, 2025•20 min•Season 7Ep. 80
Learn about a new VMware Tools vulnerability allowing privilege escalation, Microsoft's Patch Tuesday releasing fixes for 70 vulnerabilities including 5 actively exploited zero-days, and Apple's comprehensive OS updates. The episode highlights the importance of patching industrial control systems from Siemens, Schneider Electric, and Phoenix Contact that may be present in healthcare facility automation, EV charging, and data center power systems. Remember, Stay a Little Paranoid X: This Week Hea...
May 16, 2025•3 min•Season 2Ep. 34
In this episode, Drex covers three key security stories: the HSCC's "On the Edge" report on rural healthcare cybersecurity vulnerabilities, Mossimo's security breach affecting their manufacturing operations, and the hacking of LockBit ransomware gang which exposed Bitcoin wallets and negotiation messages. Drex also mentions his panel at HIMSS Southern California on healthcare cybersecurity. Remember, Stay a Little Paranoid X: This Week Health LinkedIn: This Week Health Donate: Alex’s Lemonade St...
May 13, 2025•5 min•Season 2Ep. 33
May 12, 2025: Drex DeFord and Sarah Richardson join Bill for the news. How do you prioritize when everything seems urgent? The group shares stories of impossible expectations and political realities while debating the true cost of innovation in healthcare. Bill, Drex, and Sarah discuss the rising number of CXOs who are shifting to new jobs throughout the industry. With insider insights, this discussion pulls back the curtain on what it really takes to lead technology in an industry where lives, ...
May 12, 2025•30 min•Season 7Ep. 79
In this episode, Drex highlights former HCA CSO Paul Connolly's practical cyber insurance guidance, introduces OpenAI's new "Operator" AI agent that can independently perform web tasks, and examines the emerging organizational risks of "shadow AI" as employees implement unauthorized AI solutions in their workflows without proper oversight. Remember, Stay a Little Paranoid X: This Week Health LinkedIn: This Week Health Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer...
May 09, 2025•4 min•Season 2Ep. 32
Drex DeFord covers critical security updates affecting healthcare organizations. Ascension Health is notifying hundreds of thousands of patients about security incidents involving third-party partners. UnitedHealth Group has deployed thousands of AI applications across their operations. A new study reveals alarming password practices, with 8-character passwords and common words still widely used. Microsoft is making all new accounts passwordless by default to combat these vulnerabilities. Rememb...
May 07, 2025•5 min•Season 2Ep. 31
May 5, 2025: Christian Boucher , Head of Healthcare Strategy and Solutions at Island , joins Drex for the news. They discuss the recent VMware price shock situation, diving into a deeper industry-wide issue: what happens when healthcare becomes overly dependent on specific technology pillars? Are health systems flexible enough to pivot when market forces dramatically shift the technology landscape? Throughout their discussion, Christian emphasizes the value of community collaboration in solving ...
May 05, 2025•21 min•Season 7Ep. 78
Drex covers essential cybersecurity reports including the HIMSS Survey, Cincinnati's Healthcare Cybersecurity Benchmarking Study, CrowdStrike's 2025 Global Threat Report, and Verizon's DBIR. Also highlighted: an Oracle engineering error affecting 45 hospitals' EHRs, Yale New Haven's breach impacting 5.5 million patients, and Blue Shield of California's Google Analytics configuration mistake exposing 4.7 million patients' data. Remember, Stay a Little Paranoid X: This Week Health LinkedIn: This W...
May 03, 2025•4 min•Season 2Ep. 30
Drex covers three critical cybersecurity stories: The FBI's annual Internet Crime Complaints Center report revealing a 9% increase in ransomware attacks and 67 new ransomware variants; JP Morgan Chase's CISO's open letter on third-party supply chain vulnerabilities; and a major data breach at Work Composer exposing 21 million employee screenshots stored in an unsecured Amazon S3 bucket. Key lesson: properly secure your cloud storage configurations. Remember, Stay a Little Paranoid X: This Week H...
Apr 30, 2025•4 min•Season 2Ep. 29
April 28, 2025: Laura O'Toole , CEO of SureTest , joins Sarah for the news. What strategies can healthcare leaders implement to demonstrate measurable ROI while addressing staff burnout and retention issues? The conversation delves into the delicate balance between innovation and change management, revealing how automation can empower healthcare professionals to focus on true, meaningful work. Laura shares valuable insights on building trust during digital transformation, emphasizing that leader...
Apr 28, 2025•35 min•Season 7Ep. 77
Drex covers three urgent cybersecurity threats: a cybersecurity CEO caught installing malware on hospital computers in Oklahoma, government systems shutdown in Abilene following a cyber attack, and a dangerous malware campaign targeting Cisco WebEx users. Learn how employee vigilance stopped the hospital breach, how Texas is responding to reduced federal cybersecurity support, and critical steps to protect your organization from the WebEx vulnerability. Remember, Stay a Little Paranoid X: This W...
Apr 25, 2025•4 min•Season 2Ep. 28
