This transcription is provided by artificial intelligence. We believe in technology but understand that even the smartest robots can sometimes get speech recognition wrong.
Hey everyone, I'm Drex, and this is The Two Minute Drill, where I cover three hot security stories twice a week. All part of the cyber and risk community here at This Week Health and the 229 Project. Today's two minute drill is brought to you by Intraprise Health, a health catalyst company. With Blueprint, you can pull risk data from all of your tools into a single, unified risk management platform.
And from there, you can prioritize risk and assign work and track exceptions and drive accountability, all in one place. Intraprise Blueprint. Come get a demo at HIMSS booth 5932. Thanks for being with me today. Here's some stuff you might want to know about. DOJ has now laid off 130 employees at CISA.
That's happened just in recent days, and it's being reported that Edward Korrestien, a 19 year old staffer in Elon Musk's Dogecrew, has been given physical access to CISA facilities and has been given a DHS email address. It's unclear at this point what systems Coristine has access to. It's concerning because Brian Krebs from Krebs on Security has reported that Coristine has a history of interaction with cybercriminals and CISA, as you know, is the agency that holds U.
S. intelligence on worldwide cyber threats. If you have Palo Alto firewalls, there's a new vulnerability that needs your immediate attention. CVE 2025 0111 can be combined with other vulnerabilities allowing cyberthugs to attack your network. The bad guys are already attempting to exploit the flaw, so if you haven't fixed it, today's probably a good day to put it on your to do list.
And finally today, Managed Care Contractor HealthNet Federal Services has been fined 11. 2 million According to prosecutors, the organization who administers the TRICARE healthcare program in 22 states, falsely certified compliance with cybersecurity controls required in their contract. The Justice Department also accused the company of ignoring internal and third party reports about risks on its network related to patch management, password policies, and end of life hardware and software.
That story, and a bunch of others, Alright, healthcare's fastest growing news site. ThisWeekHealth. com slash news. Today's two minute drill was brought to you by Intraprise Health, a health catalyst company. You need to get all your leaders on the same page when prioritizing risk. With Blueprint, you'll be able to prioritize and visualize the data and build real accountability.
Make unified risk management a reality with Blueprint. Learn more at IntrapriseHealth. com or come see the team in person at HIMSS. Booth 5932. That's it for today's Two Minute Drill. Thanks for being here. Stay a little paranoid. I'll see you around campus.