This transcription is provided by artificial intelligence. We believe in technology but understand that even the smartest robots can sometimes get speech recognition wrong.

Hey everyone, I'm Drex and . This is the 2 Minute Drill, where I cover three hot security stories twice a week, all part of the 229 Cyber and Risk Community here at This Week Health. Today's 2 Minute Drill is brought to you by Enterprise Health, a health catalyst company. 2024 highlighted the risk of supply chain breaches and insider threats.

Make 2025 the year to adopt a holistic approach to cybersecurity risk management with Blueprint Protect. Check it out at EnterpriseHealth. com. Thanks for joining me today. Here's some stuff you might want to know about. Security firms are urging Windows 10 users to Hurry up and upgrade to Windows 11 to avoid a security fiasco.

Windows 10 support ends October 25th. I'm sure you're already on this. I'm not really sure, that's why I'm telling you. My best advice is to seriously not wait until October to finish this project. I know there are some complications with the Trusted Platform Module component of Windows 11, but Settle your plans out now.

63 percent of Windows users are still on Windows 10. You can buy extended security updates for that OS, but it's going to cost you a lot and you'll just be delaying the inevitable. The Chinese hackers known as SaltTyphoon continue to expand their reach in U. S. telecom carriers after stealing data from AT& T, Verizon, and Lumen that included text messages and voicemails and wiretap info on those.

being investigated by U. S. law enforcement. It's now being reported that Salt Typhoon have breached systems at Charter Communications, Consolidated Communications, and Windstream. I'll post a link in the comments to some earlier coverage I did on that story in the chat, which includes some recommendations about steps you might want to take to protect yourself.

And speaking of Chinese hackers, the recent Treasury Department hacking incident has also been linked to the Chinese government. The breach targeted the agency's Office of Foreign Asset Control, or OFAC. These are the folks who administer trade and economic sanctions on international governments and businesses.

The Treasury Department called that attack a major security incident. There's more on these stories and a whole lot of others at ThisWeekHealth. com slash news. Today's two minute drill was brought to you by Enterprise Health, a health catalyst company. Blueprint centralizes privacy, security, and third party risk management on a single, scalable platform, helping you identify, prioritize, and address risk across your entire health system.

Check it out at EnterpriseHealth. com. That's it for today's two minute drill. Thanks for being here. Stay a little paranoid. I'll see you around campus.