Paubox recognized as email encryption leader in G2 Spring 2026 Reports Artwork

Paubox Weekly Fully Automated - A HIPAA compliant email security Podcast

Fully Automated is your weekly rundown of the biggest healthcare cybersecurity stories, delivered in a conversational format by Alex and Jen, two AI hosts who break down breaches, vulnerabilities, and compliance news with clarity, a little dark humor, and always a practical takeaway. Perfect for healthcare IT leaders, administrators, and compliance officers who want to stay informed without wading through the noise.

All Episodes

Paubox Weekly Fully Automated - A HIPAA compliant email security Podcast

Paubox recognized as email encryption leader in G2 Spring 2026 Reports

March 20, 2026

0:00 | 4:00

In this episode, Alex and Jen break down the latest cybersecurity incidents affecting healthcare, including ransomware targeting community health organizations, phishing attacks leveraging trusted cloud platforms, MFA bypass techniques, and the exploitation of legitimate admin tools in cloud environments. The discussion emphasizes that most breaches stem from preventable configuration gaps and offers actionable guidance on endpoint protection, network segmentation, and phishing-resistant authentication methods.

Speaker 1 0:00

Welcome back to the show. I'm Alex.

Speaker 0:02

And I'm Jen. And this week's news is a lot.

Speaker 1 0:06

It's always a lot.

Speaker 0:07

True. But this time it's the kind of a lot where you read the headlines and think, okay, so we've learned nothing.

Speaker 1 0:14

Let's start with some good news actually. Pau box got recognized in the G2 Spring 2026 reports. Number one in 55 categories. 136 badges.

Speaker 0:26

That's not a typo. 136 badges.

Speaker 1 0:30

It's a good reminder that HIPAA compliant email isn't just a checkbox. It's infrastructure. And when you get it right, people notice.

Speaker 0:39

Alright, good news over. Let's talk about Google Cloud Storage being used for phishing.

Speaker 1 0:43

Yeah, this one's clever. Attackers set up a bucket, host a redirect page, and bounce victims to the actual malicious site.

Speaker 0:52

It's simple, and that's why it works. You see a Google URL, you trust it. Your filters trust it.

Speaker 1 0:58

So what's the takeaway here?

Speaker 1:00

Don't assume a trusted domain means a trusted destination. Train your staff to look past the URL. And if your email security isn't inspecting redirects, you've got a blind spot.

Speaker 1 1:11

Next up, Community Health Action of Staten Island. Ransomware hit a nonprofit serving vulnerable populations. Over 60,000 records exposed.

Speaker 1:22

Including HIV testing data, medical databases, financial records, the Genesis Ransomware Group took credit.

Speaker 1 1:29

This is the part that keeps me up at night. These aren't big hospital systems with massive security budgets.

Speaker 1:36

No, and attackers know that. Smaller orgs, community health centers, they're often underfunded and understaffed. But the data they hold is just as sensitive.

Speaker 1 1:46

So what can organizations like this do?

Speaker 1:48

Start with the basics.

Speaker 1 1:58

Let's talk about a win. Tycoon 2FA, that phishing as a service platform, got disrupted by Microsoft, Europol, and a bunch of security firms.

Speaker 2:09

Phishing as a service. It's exactly what it sounds like. Ready-made phishing kits, realistic login pages, infrastructure, all for sale.

Speaker 1 2:18

Like a franchise for fraud.

Speaker 2:20

Basically. And Tycoon 2FA specifically helped attackers bypass multi-factor authentication, which is supposed to be our safety net.

Speaker 1 2:29

So even MFA isn't bulletproof?

Speaker 2:32

Not against session hijacking. Not against adversary in the middle attacks. The takeaway? MFA is still essential, but it's not the finish line. You need phishing resistant methods, hardware keys, conditional access policies. And finally, striker.

Speaker 1 2:48

This one's wild. Wild is one word for it. Reports say an Iran-linked attack wiped around 80,000 devices. And here's the thing: no malware.

Speaker 3:00

They used Microsoft's own admin tools. Legitimate features weaponized. Mass wipe commands issued through the cloud environment.

Speaker 1 3:08

So the attacker didn't break in with a crowbar. They used the keys already hanging on the hook.

Speaker 3:14

Exactly. And that's the lesson. Your cloud environment is only as secure as your configurations. If admin privileges aren't locked down, if there's no monitoring on sensitive commands, you're one compromised credential away from disaster.

Speaker 1 3:28

So when we step back and look at all of this: phishing through trusted cloud services, ransomware hitting community health orgs, NFA bypass kits, admin tools turned against you.

Speaker 3:41

The theme isn't bad luck. It's bad configurations, blind spots, gaps that are fixable if you know where to look. And most of this is preventable. That's the frustrating part. And the hopeful part, honestly. Alright, that's the show. Thanks for listening. Stay patched, stay paranoid. See you next week.