May 15, 2023
Trusted News Sources, Staying Under The Radar Online, NextGen Data Breach
In this Episode:
Highlighting trusted news sources
?? Mark Miller, New York City↗
Bleeping Computer
Zero Day | Kim Zetter | Substack
Krebs on Security
The Verge
Slate Magazine
5 Simple Strategies for Staying Under The Radar Online
?? Edwin Kwan, Sydney, Australia ↗
Turning on stealth mode: 5 simple strategies for staying under the radar online | WeLiveSecurity
NextGen Data Breach
?? Katy Craig, San Diego, California ↗
NextGen Healthcare says hackers accessed personal data of more than 1 million patients | TechCrunch
1M NextGen Patient Records Compromised in Data Breach
Data Breach Notifications
This Day in Tech History
?? Marcel Brown, St. Louis, Missouri ↗
http://thisdayintechhistory.com/05/14
http://thisdayintechhistory.com/05/15
Episode Transcription:
Pokie Huang:
Hey, it’s 5:05 on Monday, May 15th, 2023. From the Sourced Podcast Network in New York city, this is your host, Pokie Huang. Stories in today’s episode come from Mark Miller in New York City, Katy Craig in San Diego, California, Edwin Kwan in Sydney, Australia, Marcel Brown in St. Louis, Missouri.
Let’s get to it.
Mark Miller:
I thought I’d take a step back today and think about what news sources I look to and trust when it comes to keeping updated about cyber security. This all came about because of a conversation I had with Shannon Lietz on the final day of the RSA Conference a couple of weeks ago. Who do I trust? And I mean, really trust when it comes to cybersecurity news. And why do I trust them?
For me, it all comes down to personal reputation; who I know and who do they trust?
This is Mark Miller, Executive Producer of 505, in the mountains around White Rock, New Mexico and I’m about to hand you the keys to the kingdom when it comes to my public sources for security updates.
To start, take a scroll through BleepingComputer each morning if you want first rate, reliable, interesting updates. I’ve known Ax Sharma for years. Following his work turned me on to the other reporters at bleeping computer, Sergiu Gatlan and Bill Toulas. This is easily one of the easiest choices you can make if you just want a quick hit for the day. That is other than it’s 505, of course.
For deep dive work, there are three stalwarts you can’t go wrong with. Kim Zetter’s newsletter, Brian Krebs, Krebs on Security, and Andy Greenberg at Wired. These are three long form deep research reporters who will go way beyond the headlines to tell the full story behind major events of the day.
A couple of fun sites that have easily accessible cybersecurity sections are Slate and The Verge. Yeah, these aren’t typically what I start with, but when I want to relax and just scroll these two are a fun alternative.
There’s more, but this will get you started. If there’s others you follow on a daily basis, I want to know about it. Leave a comment and tell me where you get your cyber security info. If you’re a listener, I think I can trust you. Right?
Katy Craig:
In our digital health check today, we turned to NextGen Healthcare, who recently admitted to a cyber attack that resulted in a data breach affecting over a million patients.
This is Katy Craig in San Diego, California.
It seems that hackers who never take a sick day use stolen login credentials to get into NextGen’s cloud-based electronic health record and practice management system between late March and mid-April. The company assures us that no medical records were exposed.
However, the compromised data does include patient names, birth dates, addresses, and even social security numbers. As for how they figured out which data got stolen, well, it’s like asking for a second opinion. We’re still waiting for NextGen to provide a clear answer.
Tom Kellerman from Contrast Security went on record saying that this cyber attack could lead to widespread identity theft. Calling out healthcare providers for being, in his words, woefully inadequate with cybersecurity. It’s like leaving the medicine cabinet unlocked with a house full of curious toddlers.
Experts warn that the stolen data could be used in social engineering. It’s like handing over the keys to your house and hoping the burglars only take the silverware. They encourage affected users to use the free credit monitoring offer, and remind us once again about the importance of good old cybersecurity basics; strong password management, multifactor authentication, and smart automated detection.
This is Katy Craig. Stay safe out there.
Edwin Kwan:
This is Edwin Kwan from Sydney, Australia.
WeLiveSecurity has published an article sharing five simple strategies for maintaining your online privacy.
The first is to not provide your primary email address to services which you don’t really care that much about. These could be websites that require you to submit an email address to access restricted content. You should use a disposable address. Or better yet, use an email relay service like Apple’s Hide My Email, FireFox Relay or DuckDuckGo’s private email address. This will generate a unique email address, which will automatically forward emails to your primary email account. Once you’re done with them or getting too much spam or fishing, you can destroy the disposable account.
The next is to create a secondary email address for logins and important newsletters. Don’t use your primary email address for anything other than staying in touch with friends and family. This will keep your inbox organized, spam free, and protected from data leaks.
Next is to use a burner phone number for all your online needs. Because you use only your burner for online purposes if you receive a call, you can immediately assume it is a scam.
Number four is to use single use virtual cards for making online purchasers. Because these cards are randomized, hackers won’t be able to track your real information.
Lastly, use app generated 2FA codes in stead of SMS. It’s more secure and prevents your number from being exposed.
For more details on those five strategies, check out the article by WeLiveSecurity.
Marcel Brown:
This is Marcel Brown, the most trusted name in technology, bringing you your technology history for May 14th and May 15th.
May 14th, 1973. The United States launches Skylab One, its first manned space station. It is the last launch of the Saturn five rocket and the largest payload ever launched into space at the time. Skylab will fall back into the Earth’s atmosphere in July, 1979.
May 15th, 2001. Apple computer announces plans to operate a chain of retail stores opening 25 retail stores in the United States by the end of the year. Steve Jobs holds a commemorative press event at Apple’s first store in the second level of Tyson’s Corner Center to make the announcement.
The store, along with the second location in Washington, DC will open on Saturday, May 19th. At the time, Apple’s plan was generally derided by technology experts as doom to failure. On this, their anniversary date, Apple’s retail stores are now considered one of the catalysts to Apple’s tremendous growth.
That’s your technology history. For more, tune in tomorrow and visit my website ThisDayInTechHistory.com.
Pokie Huang:
That’s it for today’s open source and cybersecurity updates. For direct links to all stories and resources mentioned in today’s episode, go to 505Updates.com, where you can listen to our growing library of over 100 episodes. You can also download the transcript of all episodes for easy reference.
5:05 is a Sourced Networks Production with updates available Monday through Friday on your favorite audio streaming platform. Just search for “It’s 5:05!”. And please consider subscribing while you’re there.
Thank you to Mark Miller, Katy Craig, Edwin Kwan and Marcel brown for today’s contributions.
The Executive Producer and the editor is Mark Miller. The sound engineer is Pokie Huang. Music for today’s episode is by Blue Dot Sessions. We use Descript for spoken text editing and Audacity to layer in the soundscapes. The show distribution platform is provided by Captivate.fm. This is Pokie Huang. See you tomorrow… at 5:05.