×
Information Security at the Medical University of South Carolina public
[search 0]
×
Best Information Security at the Medical University of South Carolina podcasts we could find (updated December 2019)
Best Information Security at the Medical University of South Carolina podcasts we could find
Updated December 2019
Join millions of Player FM users today to get news and insights whenever you like, even when you're offline. Podcast smarter with the free podcast app that refuses to compromise. Let's play!
Join the world's best podcast app to manage your favorite shows online and play them offline on our Android and iOS apps. It's free and easy!
More
show episodes
 
I
InfoSec ICU
Weekly
 
The Health Information Security podcast from the Medical University of South Carolina
 
Loading …
show series
 
Gerry and Aaron discuss the exponential growth of cyber breaches in 2019, the explosion of Emotet in September, and out for comments CMS Exceptions to providing security services for free to competitors. As always they end with One Cool Thing. Show Notes Resources: Breaches up to 7.9 Billion in 2019 https://cyware.com/news/data-breaches-become- ...…
 
Gerry is riding solo this week. Laser attacks on personal digital assistants, a review on research showing a correlation between ransomware and increased heart attacks, Google’s Project Nightingale. As always they end with One Cool Thing. Show Notes Resources: Light Commands https://lightcommands.com/ Ransomware Leads to Heart Attacks https://k ...…
 
Steve is back in studio for a special 100th Infosec ICU episode. The guys discuss an industry state of phishing report, the cover the problem with mHealth, and they revisit their bold cyber predictions for 2019 they made in 2018. As always they end with One Cool Thing. Show Notes Resources: Cofense Phishing Report https://cofense.com/phishing-r ...…
 
Its the PRIVACY Episode! Gerry and Matt review privacy implications of SRLabs recently released research on using digital assistants as eavesdropping devices. They interview Privacy Officer Kellie Mendoza for her perspective and reflect afterward on the interview. As always they end with One Cool Thing. Show Notes Resources: Digital Assistant S ...…
 
Gerry and Matt dig into the proposed federal regulation ‘Mind Your Own Business Act’ and how it could shape privacy. They examine how to build a cybersecurity culture at your organization, and reflect on the recently released Ponemon global report on SMB cybersecurity. As always they end with One Cool Thing. Show Notes Resources: Mind Your Own ...…
 
Gerry and Brandon discus various methods for malware analysis, the infosec job market, and multifactor authentication. As always they end with One Cool Thing. Show Notes Resources: Malware Analysis https://app.any.run/ Infosec Job Market https://www.cyberseek.org/heatmap.html Black Hills Information Security – 5 Year Path: Success in Infosec FB ...…
 
Gerry and Brandon interview professional red teamer and penetration test expert Paul Ihme. As always they end with One Cool Thing. Show Notes Resources: Paul Ihme https://www.linkedin.com/in/ihme/ One Cool Thing Security Onion https://github.com/Security-Onion-Solutions/security-onion/wiki/IntroductionToSecurityOnion Wappalyzer https://www.wapp ...…
 
Gerry and Brandon discuss trends in malspam, a permanent iOS vulnerability, and a significant webkit exploit campaign. As always they end with One Cool Thing. Show Notes Resources: Malspam Trends https://www.zdnet.com/article/most-malspam-contains-a-malicious-url-these-days-not-file-attachments/ iOS Permenant Vulnerability https://www.healthcar ...…
 
Gerry and Brandon discuss an absurd amount of public cloud misconfigurations, IoT door locks, and things you can do to be involved with October’s National Cyber Security Awareness. As always they end with One Cool Thing. Show Notes Resources: Public Cloud Misconfigurations https://www.zdnet.com/article/99-percent-of-all-misconfiguration-in-the- ...…
 
Gerry and Brandon discuss risk when working through merger and acquisitions and Gerry interviews Cyber Risk Underwriter’s Jeffrey Smith about cyber insurance. As always they end with One Cool Thing. Show Notes Resources: Mergers and Acquisitions Put Your IP at Risk https://www.scmagazine.com/home/opinion/executive-insight/ma-gone-bad-the-brutal ...…
 
Gerry and Brandon discuss Health Industry Cybersecurity Matrix – Information Sharing Organizations (HIC-MISO), ask how insider threats can affect your organization, and mention a NIST initiative for securing PACS systems. As always they end with One Cool Thing. Show Notes Resources: Health Industry Cybersecurity – Matrix of Information Sharing ...…
 
Gerry and Aaron discuss the current state of a HIPAA lawsuit featuring Google and UChicago Medical Center as defendants. They discuss the emerging security concerns surrounding Telehealth and what NIST is doing about it. They wrap up the main show discussing yet another major player in the market apologizing for letting humans hear private reco ...…
 
Gerry and Brandon discuss a breach at Massachusetts General Hospital, patient privacy reform around addiction treatment, and how to solve the cyber security problem. As always they end with One Cool Thing. Show Notes Resources: Breach at Massachusetts General Hospital https://www.idigitalhealth.com/news/data-breach-of-10k-at-mgh-puts-study-part ...…
 
Gerry and Brandon discuss the coordinated attack on Texas municipalities, CHISL – a healthcare leadership security certification, and a third-party lawsuit from Delta for inadequate security. As always they end with One Cool Thing. Show Notes Resources: Texas Ransomware https://threatpost.com/coordinated-ransomware-attack-hits-23-texas-governme ...…
 
Gerry and Brandon discuss Gerry’s Blackhat and DEFCON experience and feature a few key talks from the conference. As always they end with One Cool Thing. Show Notes Resources: BlackHat 2019 https://www.blackhat.com/us-19/ DEFCON 27 https://www.defcon.org/html/defcon-27/dc-27-index.html Deepfakes https://i.blackhat.com/USA-19/Thursday/us-19-Pric ...…
 
Gerry and Brandon discuss the recent Capital One breach and how the alleged attacker was easily captured. The cover the release of 11 0-day vulnerabilities for a highly used but little discussed OS. They finish the discussion with securing healthcare patient portals. As always they end with One Cool Thing. Show Notes Resources: Capital One Brea ...…
 
Gerry and Brandon dig into a classic debate in the information security world: Encryption Backdoors. Atty General William Barr recently implored an audience of cybersecurity professionals to champion backdoors in technology implemented encryption. They discuss the utility and implementation of the state of Louisana’s ‘state of emergency’ declar ...…
 
Gerry and Brandon discuss the impending Equifax $700M settlement and what it means in a macrocosm manner. They follow up analyzing the quantified trend of CISOs on average lasting 18-24 months per job posting. They finish by interviewing Dr. Mike Ham around BGP security. As always they end with One Cool Thing. Show Notes Resources: Equifax Sett ...…
 
Gerry and Steve discuss Zoom and Apples response and actions from the Zoom fallout of silent local webservers on endpoints. The guys discuss the Ponemon report on third party risk management in the healthcare industry. Finally they discuss the academic conference Gerry is currently attending in Charleston and feature a talk on Adversarial Attac ...…
 
Gerry and Steve discuss a looming $240 Million dollar GDPR non-compliance fine for British Airways for an incident you may not think is GDPR coverable. They follow by talking about how malicious actors are abusing weaknesses in Outlook to establish persistence on corporate systems. Finally they discuss the proliferation of DNS over HTTP to make ...…
 
Gerry and Steve discuss the penalty exacted on a Florida man who was responsible for opening a malicious email leading to a ransomware attack. They discuss UChicago’s and Google being sued for (maybe) improperly handling patient data. They wrap up discussing legislation going through Senate to help reduce financial penalties associated with HIP ...…
 
Brandon and Steve take to the studio discussing the ransomware payout in Rivieria Beach. The guys interview Apple Security Researcher and regular security con speaker Patrick Wardle to discuss his research and thoughts on Apple Security. As always they end with One Cool Thing. Show Notes Resources: Objective-See https://objective-see.com/ Rivie ...…
 
The guys are focused on Washington DC this week. The guys discuss legislation that is working its way through the process on establishing a DHS cyber incident response team and the lifted ban on developing a unique patient identifier to promote patient data interoperability (and privacy concerns around that). The wrap up discussing a recent rep ...…
 
Steve provides insights from last weeks NCHICA conference he attended. The guys sped time discussing the pros and cons of personal VPNs and what you should consider when selected one. They wrap up discussing the Have I Been Pwned breach database going from home grown to corporate. As always they end with One Cool Thing. Show Notes Resources: PC ...…
 
Brandon and Gerry discuss the recent announcement of the premiere Ransomware player in the market retiring, appropriate sanctions organizations should use when addressing victims of phishing, and the US Government vulnerability equities program (VEP). As always they end with One Cool Thing. Show Notes Resources: GandCrab Crew Retiring https://w ...…
 
Steve and Gerry aren’t feeling blue, but happy to share information security with blue-shaded glasses. They follow up on last week’s story of am ransomware event in Baltimore and how the NSA tool EternalBlue has been identified as part of the spreading mechanism. The interview show friend, Brandon Stephens, on his guidance on Blue Teaming as a ...…
 
Steve and Gerry discuss the major Windows vulnerability in the news “BlueKeep” and what you need to know about responding to it. They discuss the city of Baltimores current ransomware debacle and finish with firms that promise to aid you in decrypting your ransomware files but in reality are just brokering with the attackers. As always they end ...…
 
Steve and Gerry discuss an interesting angle on the capitalization of user data by online gambling sites targeting individuals that take medication with side effects of increase impulsive behaviors. They laud the annual Verizon data breach incident report and highlight their favorite findings. They wrap up the main segment discussing the recent ...…
 
Steve and Gerry discuss a recent $3M OCR settlement with Touchstone Medical Imaging (TMI) and how foundational security controls are commonly missed. Gerry finally shares his Ph.D. research with the show and digs into the main issues facing small healthcare practices. Finally, the guys discuss Supply Chain risk using the recent MirrorThief card ...…
 
Steve and Gerry discuss recent research discovering mental health applications that are sharing personal data without informing the user, and the implications this practice has for individuals. Clemson’s Dr. Kelly Caine is interviewed on her work around her paper “Privacy is Health” and the bioethical implications of technology diagnosing indiv ...…
 
Steve and Gerry discuss recent research around embedding malware in DICOM image files, and they interview Dr. Charlie Frank, Mirai Botnet expert. As always they end with One Cool Thing. Show Notes Resources: Malware Embedded DICOM Files https://threatpost.com/hipaa-protected-malware-medical-images/143890/ One Cool Thing The Internet Arcade http ...…
 
The guys discuss a recent privileged account compromise at Microsoft corporate that resulted in an email breach. They speak high-level of API security concerns and what to expect in the future. Finally they cover a recent example of vulnerability disclosure done poorly that left potentially 160,000 WordPress websites being exploited. As always ...…
 
Steve and Gerry discuss the nuances of the Amazon Echo device receiving HIPAA compliance branding. They provide a look at the college admission process leveraging cloud platforms and how they were successfully hacked for fun and profit. Finally the guys discuss the cybersecurity elephant in the healthcare room that providers are not talking abo ...…
 
Steve and Gerry discuss an insider threat issue that resulted in $700K worth of damage to a company in retaliation for termination. The obvious involuntary terminations activities were performed, but what issues led to a compromise? They spend time covering the advancement on cyber insurance driving security technology adoption. The finish the ...…
 
Steve and Gerry discuss the discovery of a 19 year old vulnerability, how organizations using Windows 7 now really really have to do something about it, and how the Pwn2Own 0-day contest in Vancouver is dropping 0-days like it’s hot. As always they end with One Cool Thing. Show Notes Resources: WinRar Bug https://www.scmagazine.com/home/securit ...…
 
The guys discuss how a presidential candidate out of Texas is a member of the Cult of the Dead Cow, a hacktivist group started in 1990’s. They cover vishing attacks and how the government is trying to pass anti-robocall legislation. Finally they touch on pentesting in the gig economy. As always they end with One Cool Thing. Show Notes Resources ...…
 
What are Gerry and Steve talking about this week? Steve had an opportunity to talk with the AMA and provide a deeper dive into their comments to HHSs’ recent request for information related to HIPAA updates. The guys dig into a rare instance of federal criminal prosecution of HIPAA violation. They finish up discussing an FTC fine of TikTok, a p ...…
 
What are Gerry and Steve talking about this week? The guys discuss the federal government beginning to engage experts to develop a bill to address citizen’s privacy. The call out Facebook for offering multi-factor authentication and then using users phone numbers for other means. They round out with the obligation of media outlets to publish br ...…
 
What are Gerry and Steve talking about this week? The Office of Civil Rights (OCR) asked for input on their proposal for improving patient access to PHI and the AMA responded with 29 pages of well-crafted sense. Will OCR listen? A red teamer provides some lessons learned after 6 years of penetration testing engagements. The top three findings a ...…
 
Gerry and Steve discuss Apple’s iOS approach to security and the nuances with the recent FBI interaction with data requests from Apple. They talk about an HHS proposed rule released at HIMSS 19 this week on healthcare interoperability and data sharing and the security concerns that may introduce. They round out with mental health concerns in th ...…
 
Gerry and Steve discuss an ongoing case of an insurance provider withholding a claim payment because NotPetya may have been an act of war. They discuss the privacy implications of Apple holding application developers accountability for notifying users of screen capping user sessions. Finally the guys get technical, discussing a Docker (and real ...…
 
Gerry and Steve discuss MITRE’s new CVSS scoring guide for medical devices that is currently out for comments and what it could mean for healthcare. They cover a trending issue of unethical behavior using Apple watch to cheat on exams, and they round out the show covering Apple’s revoking the enterprise certificates issued to Facebook and Googl ...…
 
Brandon Stephens joins Steve on the show as they dig into the latest Joint Security Plan from the Healthcare and Public Health Sector Coordinating Council on Medical Device and Health IT security. They also cast their gaze to the Far East to discuss China’s plan to encourage whistle blowers to turn in debtors via an app and Japan’s plan to defe ...…
 
Steve and Gerry are in the studio discussing a massive password cache that was discovered and if you should actually be concerned. Steve interviews Dallas Haselhorst, an HL7 protocol security expert. Finally they finish off discussing the insecurity discovered by the OIG after reviewing security controls at several DoD healthcare facilities. Sh ...…
 
Steve and Gerry discuss The Dark Overlords 9/11 related doxware activity with law firms and “extortionware” in general. Steve interviews CISO and CPO for UChicago Medical Erik Decker. Finally the guys discuss recent news of misuse and privacy violations of Amazon Ring video feeds. Show Notes Resources: 9/11 Ransomware https://motherboard.vice.c ...…
 
Steve and Gerry unpack the newest report from the Department of Health and Human Services and detail the practicality of it for helping organizations of various sizes. The share research out of UC Berkley showing how AI can re-identify HIPAA compliant de-identified data. They finish by discussing the NSA disassembler tool that will be released ...…
 
Steve and Gerry reflect on a very busy 2018 in the cyber security industry. They discuss the big stories and the lessons learned from them including SamSam’s effective attacks and Facebook’s data practices. They also cover some overblown stories from the year. They put their soothsaying abilities to the test, each submitting two predictions for ...…
 
Steve and Gerry dive head first into the Equifax Breach Report. There is much to learn from and parallels for many businesses to self-identify. They cover a recent IG report of US Missile Defense facilities and their poor security postures. Finally they touch on an oft overlooked element of information security, properly destroying paper record ...…
 
Gerry and Brandon are back in the studio discussing the Marriott Starwood breach. Steve interviews an RFID/NFC bio-hacked individual, and Gerry and Brandon discuss the ramifications and privacy legislation around RFID for personal identification. Show Notes Resources: Marriott / Starwood Breach https://www.washingtonpost.com/business/2018/11/30 ...…
 
Gerry and Brandon discuss a recent web application vulnerability that has caused a business to respond with what appears to be breach notifications. They discuss social engineers attacking Google results to trick victims into trusting contact information. Finally, they cover several hot IoT items this holiday season and the privacy implications ...…
 
Google login Twitter login Classic login