This week's cybersecurity roundup covers three critical healthcare security developments. Microsoft patched an actively exploited SharePoint zero-day vulnerability (CVE-2024-38023) that allows attackers with basic permissions to execute remote code and pivot through networks. Two major dermatology practice breaches - Mount Laurel Dermatology and Anne Arundel Dermatology - exposed over 1.9 million patient records through third-party vendor compromises, highlighting the risks of business associate agreements. Plus, cybersecurity expert Paul Conley challenges the healthcare industry's reliance on annual training and phishing simulations, advocating for personalized, continuous human risk management approaches that build actual cyber culture rather than just checking compliance boxes.

Remember, Stay a Little Paranoid

X: This Week Health

LinkedIn: This Week Health

Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer