A Phishing Trip - The Constant Evolution of Social Engineering Attacks
Release Date: 03/25/2025
An AI Agenda - Robots, Rules, and Really Big Questions
Shut The Backdoor
“We have to make sure AI doesn’t just automate what we've always done. It should elevate what’s possible.” Notable Moments 00:40 – What’s pushing us to talk about AI now? 04:22 – A call for AI mission statements 08:18 – When tools lead before people: the risk of reactive adoption 11:05 – Defining AI boundaries: what it should never replace 15:33 – ChatGPT, Canva, Magic School: the tools already in use 18:42 – The importance of transparency and human oversight 22:55 – Reframing AI as “instructional support,” not just automation AI isn’t something on the horizon....
info_outline
The Lost and Found Files - Data Loss Prevention
Shut The Backdoor
"DLP is not just a tool that we have. It's also the ongoing education that we have for our employees to further minimize the occurrences of data mismanagement." Having strong Data Loss Protection (DLP) systems stops bad actors while also protecting employees from making accidental mistakes too. Every day, we put trust in the secure flow of health data. However, no matter what safeguards are in place, human error is one of the most common causes of data loss in companies. Security engineer, Zak Cowan, joins to share why data loss protection, or data leak protection, is paramount for a company...
info_outline
A Phishing Trip - The Constant Evolution of Social Engineering Attacks
Shut The Backdoor
"That's when it starts getting really scary. This is no longer just an email trying to get some gift cards. This stuff can lead to the bigger attacks that then can directly impact patient care." Notable Moments 01:02 Phishing: Persistent Cybersecurity Threat 03:27 Cybersecurity’s Evolving Threats 09:15 Phishing Scams: Calls and Video 10:23 Rise of Deepfake Scams and Counterfeit Reality Attacks 15:43 Vulnerability in Healthcare as Cybersecurity Threats Escalate 21:49 MFA and Password Management Trends 24:39 Stopping Phishing with Email Security 28:24 Advanced Phishing Training Strategies...
info_outline
A Hacker's Welcome - Benefiting From the Bug Bounty
Shut The Backdoor
"Putting this effort into the bug bounty helps us identify any sort of gaps that we might be missing, plug holes as fast as we can, and reward the researchers for all the efforts that they spend with us." Being asked to embrace hackers may sound counterintuitive. However, in today's fast-paced world of healthcare security it's a strategy worth exploring. Brent Ufkes is a staff security engineer at Redox, joins for a conversation about bug bounty programs. He shares how these programs can become a game-changer for organizations like ours. This episode explores: Understanding Bug Bounty...
info_outline
The Final Logoff - Streamlining Secure Departures
Shut The Backdoor
"Everyone who's part of a health care organization or health care tech has access to really private information. And getting that access removed from somebody who's leaving the organization is key." Key Moments 02:23 Streamlining Through Automation 05:55 Streamlining Tool Access and Security 08:54 Centralize Identity with Single Sign-On 11:41 Automated Offboarding: Quick and Secure 13:25 Automating Environment-Specific Challenges 17:10 Streamline Access to Protect Data 19:51 Streamlined Process vs. Disorganization Streamlining secure departures is not just an operational necessity;...
info_outline
A Trojan Horse - Hiring Malicious Actors
Shut The Backdoor
"Everybody in the hiring pipeline should really be looking out for this. Every person that touches a candidate has a chance to pick this up before someone gets hired." Key Moments 00:42 Insider Threats for Financial Gain 06:10 High-Profile Cybersecurity Incident Reporting 09:16 Healthcare Data Extortion Risks 10:40 Spotting Red Flags in Hiring 14:14 Security and HR Collaboration in Hiring 17:23 Identifying Security Red Flags 19:51 Verifying Candidate Authenticity Steps 23:34 On-Camera Hiring Best Practices There is a new security concern that is catching many off guard: hiring malicious...
info_outline
Introduction to Shut The Backdoor
Shut The Backdoor
Welcome to the debut episode of Shut the Back Door, a healthcare security podcast by Redox, hosted by Jody Mayberry alongside Redox’s own Matt Mock, CISO, and Meghan McLeod, Security Engineer. This podcast is dedicated to protecting healthcare data one episode at a time. In this introduction, Meghan and Matt explain Redox's mission as a leader in healthcare interoperability, enabling providers, payers, and health tech organizations to power better care through accelerated, real-time data solutions. The podcast aims to bring Redox’s behind-the-scenes data security expertise to the...
info_outline"That's when it starts getting really scary. This is no longer just an email trying to get some gift cards. This stuff can lead to the bigger attacks that then can directly impact patient care."
Notable Moments
01:02 Phishing: Persistent Cybersecurity Threat
03:27 Cybersecurity’s Evolving Threats
09:15 Phishing Scams: Calls and Video
10:23 Rise of Deepfake Scams and Counterfeit Reality Attacks
15:43 Vulnerability in Healthcare as Cybersecurity Threats Escalate
21:49 MFA and Password Management Trends
24:39 Stopping Phishing with Email Security
28:24 Advanced Phishing Training Strategies
32:05 Effective Phishing Training Strategies
34:07 Ineffective Automated Training Solutions
Episode Resources
Resources
https://redoxengine.com/solutions/platform-security
Have feedback or a topic suggestion? Submit it using this linked form.
Matt Mock [email protected]
Meghan McLeod [email protected]
Receiving a suspicious email, a text message claiming a lottery win, or an urgent request from a "bank" are instances of a cyber menace many know as phishing. While the term might initially bring the mental image of casting a line into a tranquil lake, this type of phishing is anything but relaxing. It’s a threat lurking in our inboxes and beyond, which is why it is important to stay vigilant with the ever-evolving social engineering attacks.
Phishing has been a thorn in the side of cybersecurity for ages. The goal is to secure sensitive data like passwords or financial information or to install malicious software on a device, all under the guise of legitimate communication. The attackers attempt to capitalize on human error, exploiting the trust between people and technology. Phishing remains a top method for hackers due to its low cost and unfortunate high success rate. As Matt Mock highlights, phishing's simplicity is what makes it so dangerous.
Grammatical errors or suspicious links used to make phishing attempts easy to spot. Now AI advancements have made attacks more sophisticated by creating convincing emails clear of grammar errors. They are using voice calls, video messages, and text messages with deceptive stories that sound real while demanding quick action. Home networks have brought on new challenges as remote work blurs the lines between home and professional security.
The valuable data in healthcare makes them an irresistible target for cybercriminals. Healthcare data is rich with information that commands a high price in the black market. Attacks that compromise healthcare data can have serious repercussions, affecting both privacy and the quality of care. The need to protect healthcare data has never been more pressing.
Preparation is paramount. Improve defenses by emphasizing advanced security measures like multifactor authentication (MFA), engaging training programs, and regular phishing tests. As cybersecurity professionals at Redox, we have the tools and responsibility to educate and protect against these persistent threats. Stay vigilant so you can help others anticipate the next wave of phishing schemes. Remember, it’s not just about locking the back door; it’s about securing all entry points.