Hey everyone, I'm Drex and this is the Two Minute Drill brought to you exclusively by our partner ORDR, the Connected Asset Visibility and Security Company. ORDR can help you get almost instant visibility for everything on your network with a minimal amount of time from your team for setup. This Chasm stuff is pretty amazing.
Find out more at thisweekhealth. com slash ORDR, that's O R D R, thisweekhealth. com slash ORDR. On the two minute drill, we do at least three stories at least two times a week, all part of one great community, the 229 Cyber and Risk Community here at This Week Health. I'll try to keep it simple and focused and mostly plain English so it's easy to share with your teams.
Thanks for being with me today. Here's some stuff you might want to know about. I'm sure your technical teams have probably already heard about this, but just in case, there's a critical alert for Palo Alto Network's firewall and VPN products. The alert carries a severity score of 10 out of 10, with 10 being bad.
Knowing how many of us run Palogear, it's worth a check and a double check. The company's page acknowledges that it's aware of a limited number of attacks that leverage the vulnerability, and it certainly looks like Palo's Unit 42 team is on it, and hot fixes have been released. Check the Palo Alto website.
On one of last week's Two Minute Drills, I talked about the situation with the cyber thugs who'd ransomed Change Healthcare Got paid and now came back with a double extortion move, asking for more money in exchange for the data they'd stolen. The folks at WIRED now have apparently seen some samples of what's being held and it looks legit.
There's more coming on this, I'm sure. I'll keep you posted. And in another interesting story, there's a company called Sisense, and they have products that are used for data analytics and data viz work. And the bad guys have, from all reports, reached the company's network, allegedly stealing not only customer data, but also millions of access tokens and email account passwords and other material that, uh, It looks worrisome.
Part of what makes it so worrisome is that the feds are involved. CISA, the Cybersecurity and Infrastructure Security Agency, issued an advisory on this last week and it looks like part of the challenge here is that Sisense's capabilities may be embedded inside of apps that you use or may be used by third parties you work with to do data analytics on your data.
And with more than a thousand customers, I'm betting we haven't heard the end of this story either. And you don't have to go looking around for these stories. I post them all at ThisWeekHealth. com slash news. That site's a great way to start your day or do a quick check in during the day to stay up to date.
on all the latest happenings. Thanks again to our partner, Order, the exclusive sponsor of the 2 Minute Drill. Their latest product, Order AI Chasm, is in the AWS store now. You can find the 2 Minute Drill wherever you find your podcasts. Just search for This Week Health Newsroom. There's a collection of great shows there that might be interesting to you.
Listen to those too. And that's it for the 2 Minute Drill. Thanks for listening. Stay a little paranoid.