First Do No Harm – Security Challenges in Healthcare – Ed Gaudet – ESW #396
In 2011, Marc Andreessen predicted that software would eat the world. Specifically, the prediction was that software companies would take over the economy and disrupt all industries. The economic prediction has mostly come true, with 9 out of 10 of the most highly valued companies being tech companies. The industry disruption didn't materialize in some cases, and outright failed in others.
Healthcare seems to be one of these 'disruption-resistant' areas. Ed joins us today to discuss why that might be, and what the paths towards securing the healthcare industry might look like.
Segment Resources: Ed's podcast, Risk Never Sleeps
Ed Gaudet is the CEO and Founder of Censinet, a leading platform dedicated to improving cybersecurity and risk management in healthcare. He is an active member of the HHS 405(d) Cybersecurity Working Group and contributes to various Health Sector Coordinating Council task groups, focusing on Cybersecurity, Supply Chain Risk Management, Medical Technology Contract Language, and Emerging Technology. Ed also holds multiple patents in authentication, rights management, and security technologies.
Alice and Bob Learn Secure Coding – Tanya Janca – ESW #396
We get a visit from Tanya Janca to discuss her latest book, Alice and Bob Learn Secure Coding!
Segment Resources:
- Tanya's latest book on Amazon
- Tanya's previous book, Alice and Bob Learn Application Security on Amazon
- Tanya's website, She Hacks Purple
Tanya Janca, aka SheHacksPurple, is the best-selling author of ‘Alice and Bob Learn Secure Coding’, ‘Alice and Bob Learn Application Security’ and the ‘AppSec Antics’ card game. Over her 28-year IT career she has won countless awards (including OWASP Lifetime Distinguished Member and Hacker of the Year), spoken all over the planet, and is a prolific blogger. Tanya has trained thousands of software developers and IT security professionals, via her online academies (We Hack Purple and Semgrep Academy), and her live training programs. Having performed counter-terrorism, led security for the 52nd Canadian general election, developed or secured countless applications, Tanya Janca is widely considered an international authority on the security of software. Tanya currently works at Semgrep as Staff Developer Relations.
Security Weekly listeners save $100 on their RSAC Conference 2025 Full Conference Pass! RSA Conference will take place April 28 to May 1 in San Francisco and on demand. To register using our discount code, please visit securityweekly.com/rsac25 and use the code 5U5SECWEEKLY! We hope to see you there!
Ransomware is down, Mac malware is up, AI disappoints – ESW #396
This week, in the enterprise security news,
- we’ve got some funding and acquisitions!
- ransomware payments are DOWN 35%
- infostealers on Macs are UP 101%
- Bybit got hit by a $1.5B heist and shrugged it off
- A SaaS report says AI is having no impact on pricing
- Microsoft’s CEO says AI is generating no value
- Google is dropping SMS as a second factor
- Google creates a 4th state of matter instead of fixing Teams
- What it’s like to be named “Null”
All that and more, on this episode of Enterprise Security Weekly.
Identiverse 2025 is returning to Las Vegas, June 3-6. Hear from 250+ expert speakers and connect with 3,000+ identity security professionals across four days of keynotes, breakout sessions, and deep dives into the latest identity security trends. Plus, take part in hands-on workshops and explore the brand-new Non-Human Identity Pavilion. Register now and save 25% with code IDV25-SecurityWeekly at https://www.securityweekly.com/IDV2025
Adrian Sanabria
- FUNDING & ACQUISITIONS: Security, Funded #182 – Let’s Get Physical
This is a mix of stuff from this issue of Security, Funded, as well as some newer stories that will probably be in next week's issue.
Funding
- MDM/EMM: NinjaOne Secures $5 Billion Valuation and $500 Million Funding
- Whalebone, a Czech Republic-based secure DNS and networking platform, raised a $13.9M Series B from Unbound
- Gomboc.AI, a United States-based cloud infrastructure security and remediation platform, raised a $8.0M Seed from Ballistic Ventures.
- Singulr AI, a United States-based platform to discover and control the usage of GenAI platforms and sensitive data in training models, raised a $10.0M Seed from Nexus Venture Partners and Dell Technologies Capital.
Acquisitions
- Votiro, a United States-based anti-malware platform for files, emails, and collaboration platforms, was acquired by Menlo Security for $37.5M. Votiro had previously raised $25.5M in funding.
- Deepwatch Acquires Dassana to Advance Cyber Resilient Security Operations with Continuous Threat Exposure Management
- ATTACK TRENDS: Ransomware payments drop 35% in 2024, first decrease since 2022
"Researchers with security consultancy Chainalysis report that, thanks to stepped up efforts from law enforcement and victim response, the second half of 2024 saw a whopping 35% decrease in payouts to ransomware attackers."
"The report goes on to point out that the smaller payouts are likely the result of increased efforts by law enforcement to catch ransomware criminals as they are trying to cash out their hacks."
"Despite seeing a drop in payouts on the year, the researchers noted that ransomware leak incidents increased. This would suggest that organizations are more willing to call the bluff of threat actors and, as a result, pay the price in dealing with a data disclosure."
“Ransomware operations have also become faster, with negotiations often beginning within hours of data exfiltration.”
- ATTACK TRENDS: Infostealers targeting macOS jumped by 101% in second half of 2024
Unsurprising, sadly
- Who uses Macs? Execs, devs, engineers, security folks
- What's one of the most effective ways to hack an org? Don't hack in. Log in.
- BREACHES: Bybit hit with $1.5B heist, shrugs it off
"Bybit has more than enough assets to cover the loss, with AUM exceeding $20 billion, and will use a bridge loan if necessary to ensure the availability of user funds."
Damn, that's a flex if I've ever seen one.
This is possibly tied for third on a list of the largest heists EVER, crypto or otherwise!
- Bernie Madoff Ponzi Scheme (USA, 1960s-2008) - $64.8 billion
- Largest Ponzi scheme ever, with fake returns leading to massive investor losses.
- Around $14 billion was later recovered.
- 1MDB Scandal (Malaysia, 2009-2015) - $4.5 billion
- Corrupt officials embezzled billions from Malaysia’s 1MDB sovereign wealth fund.
- The scandal implicated major banks and celebrities, including Goldman Sachs.
- Tajikistan Gold Smuggling (2023) - $1.5 billion
- Tajik officials were caught smuggling gold bars to Dubai.
- This massive heist went largely unnoticed internationally.
- Bernie Madoff Ponzi Scheme (USA, 1960s-2008) - $64.8 billion
- ATTACKS: Joint Cybersecurity Advisory: #StopRansomware: Ghost (Cring)
Vulnerability Management: ancient relics edition.
There's seriously a ransomware group out there having success targeting ColdFusion vulns from 2009-2010, seven year old Fortinet vulns, even the Microsoft Exchange ProxyShell attack chain that compromised so many organizations.
What I don't understand is how these vulnerabilities still exist on the public Internet and haven't already been scooped up by attackers.
- REPORTS: Vendr SaaS Trends Report 2025 (Plus 2024 Year-in Review)
"The SaaS landscape in 2024 didn’t just evolve—it defied expectations. Unsurprisingly, AI was everywhere, but it didn’t drive up software prices. Q4, typically a period of spending surge, stayed flat. And while companies tightened budgets, security and compliance tools still commanded top dollar."
- AI TRENDS: Microsoft CEO Admits That AI Is Generating Basically No Value
Makes sense - AI is just the latest new feature rolling out in products. It hasn't created a new, lucrative market - if anything it has created a funding hole that I doubt we'll ever see filled.
It's important to understand what "value" means in this context: significant growth, new revenue streams (Copilot is already being given away for free with some licenses), noticeable changes in global GDP growth. He's not saying that AI doesn't have value, it's just not moving the needle on the global scale.
- HIRING: For Employers – CISA Alumni Hiring Form
As Jackie mentions close to the end of the news segment, here's the hiring form Jen Easterly was sharing on LinkedIn, here: https://www.linkedin.com/posts/jen-easterlyfor-employers-cisa-alumni-hiring-form-activity-7299893815023153152-FKnx/?rcm=ACoAAAk6e0QBmlBYMvMLc9WctqijCt40GE3xE8
- CONTROLS VALIDATION: Right of Boom Joins Forces with CIS and Antisyphon Training to Launch CIS Controls Course for MSPs
First off, never heard of Right of Boom, feeling left out there
Second, CIS and Antisyphon (training arm of Black Hills InfoSec) is huge
Finally, creating a test that MSPs can take to prove they're actually capable of preventing/detecting attacks and implementing controls correctly is HUGE. Back in 2017, we created a product that inadvertently tested MSPs and the results were VERY troubling.
- BEST PRACTICES: Google Confirms Gmail To Ditch SMS Code Authentication
Whew, finally! Couldn't have been an easy choice to make.
- PREDICTIONS: Google says commercial quantum computing applications arriving within five years
Does this mean we need to accelerate our post-quantum rollouts?
Nah, you're probably fine.
- TOOLS: CloudSecTools – Open Source Cloud Security Tools
An AWESOME repository of cloud security tools I came across.
- SQUIRREL: Woman Whose Last Name Is “Null” Keeps Running Into Trouble With Computer Systems
