Paubox Weekly Fully Automated - A HIPAA compliant email security Podcast
Fully Automated is your weekly rundown of the biggest healthcare cybersecurity stories, delivered in a conversational format by Alex and Jen, two AI hosts who break down breaches, vulnerabilities, and compliance news with clarity, a little dark humor, and always a practical takeaway. Perfect for healthcare IT leaders, administrators, and compliance officers who want to stay informed without wading through the noise.
Paubox Weekly Fully Automated - A HIPAA compliant email security Podcast
Attackers impersonate ChatGPT, Claude, and DeepSeek to deliver malware
Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.
You're listening to POWBox Weekly Fully Automated. I'm Jen, Cybersecurity Analyst, Professional Paranoid.
SPEAKER_01And I'm Alex, healthcare IT guy who still believes in the good in people. Mostly. Brave of you. So this week, attackers are impersonating AI platforms: ChatGPT, Claude, DeepSeek, using fake versions to steal credentials and financial data.
SPEAKER_00Of course they are. Everyone's rushing to try the new AI tools, and attackers know it. They set up fake payment pages, bounce victims through a CRM, an Amazon tracking domain, a URL shortener.
SPEAKER_01That's a lot of hops.
SPEAKER_00That's the point. By the time you land on the malicious site, you've got no idea how you got there. And the page looks legitimate enough that you hand over your credit card.
SPEAKER_01The takeaway here: if you're signing up for an AI service, go directly to the source. Don't click through from an email or ad.
SPEAKER_00Threat actors are operationalizing AI to accelerate attacks. We should probably operationalize some skepticism.
SPEAKER_01Speaking of trust, Powbox is now a founding partner of LegitScript's compliance collective.
SPEAKER_00Which is actually a big deal for healthcare organizations.
SPEAKER_01Right. LegitScript certifies healthcare businesses in highly regulated spaces. The compliance collective connects those certified organizations with vendors who can help with ongoing compliance work.
SPEAKER_00And Powbox fits naturally there. You've done the hard work to get certified. Now you need tools that don't undo that work.
SPEAKER_01Jalen Kuhnz from LegitScript said it well. Their clients need solutions designed to manage risk, protect consumers, and build trust. Secure email is table stakes for that. Alright, next up, Shiny Hunters is back. Ugh, those guys. Over a hundred organizations hit. They targeted Oracle's PeopleSoft software. Healthcare, higher education, mostly US-based.
SPEAKER_0068% were higher ed, which tracks universities run everything forever and patch nothing.
SPEAKER_01Harsh.
SPEAKER_00Fair though.
SPEAKER_01The interesting part, some organizations blocked the attack.
SPEAKER_00Which means it was blockable. This wasn't some zero-day magic. It was preventable with the right configurations and monitoring in place.
SPEAKER_01So, the takeaway, if you're running PeopleSoft, now's a good time to review your security posture.
SPEAKER_00Now was six months ago, but today works too.
SPEAKER_01Okay, this next one is wild. Researchers tested AI email agents, the kind that automatically process your inbox, and they fell for phishing attacks.
SPEAKER_00Handed over AWS keys, database credentials, customer records.
SPEAKER_01Just gave them up.
SPEAKER_00Yep. The same social engineering tricks that work on humans work on AI agents too. Turns out, please send me the credentials is pretty effective when there's no human in the loop saying, wait, what?
SPEAKER_01The researchers recommended requiring agents to verify sender identities before taking action.
SPEAKER_00Which seems obvious, but here we are.
SPEAKER_01So if you're experimenting with AI agents in your environment. Don't give them the keys to the kingdom. Least privilege, always. And finally, Novo Nordisk is investigating a cyber attack. Unauthorized access to internal systems. Non-public clinical trial data was copied.
SPEAKER_00They say no direct identifiers, no names, no contact details.
SPEAKER_01But clinical trial data is still sensitive.
SPEAKER_00Extremely. Even without names, you can sometimes re-identify people from medical data. And the reputational damage alone.
SPEAKER_01The investigation is ongoing. We'll keep an eye on it. As one does. So stepping back, what's the thread connecting all of this?
SPEAKER_00It's not bad luck. It's bad configurations, blind spots, AI tools deployed without guardrails, legacy systems left unpatched, users bouncing through five redirects because nobody trained them to pause. And most of it, fixable. That's the frustrating part. And the hopeful part, I guess.
SPEAKER_01Verify your sources, lock down your agents, patch your systems, and partner with vendors who take compliance as seriously as you do. That's the week. Thanks for listening, everyone. Stay safe out there. And maybe don't click that Chat GPT ad.