logo
ArticlesConferencesPresentations
Dates
Author
Conferences
Tags

Sort by:  

HL7Magic: Medical Data Hacking Made Easy

Conference:  Defcon 31
Authors: Katie Inns Security Consultant, WithSecure
2023-08-01
In recent years, the use of internet-connected devices has become more prevalent in the healthcare sector, particularly as a means to communicate patient data. Therefore, it is essential that security testing is carried out against these devices to identify misconfigurations that could cause a severe impact, such as the prescription of incorrect drugs. Modern healthcare protocols such as FHIR (Fast Healthcare Interoperability Resources) use the HTTP protocol to communicate, making security testing relatively straightforward. However, the use of older protocols such as HL7 (Health Level Seven) is more widespread across medical devices in the industry. These protocols are bespoke and difficult to read or intercept using current commercial and open-source security tooling, making testing of these devices challenging and cumbersome. To address this challenge, I have developed a tool (HL7Magic) to provide security testers with an easier method of intercepting and changing HL7 messages sent to and from medical devices. This tool was created for the purpose of being integrated into Burp Suite as an extension, although it can exist independently. After talking about how the HL7Magic was created, I will give a short demonstration using the tool for security research purpose or to identify existing CVE’s across your estate. HL7Magic will be open sourced and collaborations to improve it further will be welcomed.
Tags:
healthcare
devices
internet
data

The Black Hat Asia NOC Report

Conference:  Black Hat Asia 2023
Authors: Neil Wyler, Bart Stump
2023-05-12
Back with another year of soul-crushing statistics, the Black Hat NOC team will be sharing all of the data that keeps us equally puzzled, and entertained, year after year. We'll let you know all the tools and techniques we're using to set up, stabilize, and secure the network, and what changes we've made over the past year to try and keep doing things better. Of course, we'll be sharing some of the more humorous network activity and what it helps us learn about the way security professionals conduct themselves on an open WiFi network.
Tags:
Black Hat
NOC
statistics
data
tools

Not your parents’ cryptography – non-traditional encryption problems and solutions

Conference:  Global AppSec Dublin 2023
Authors: Chuck Willis
2023-02-16

tldr - powered by Generative AI

The presentation discusses various techniques for encrypting data in databases, including deterministic encryption, searchable encryption, and homomorphic encryption.
  • Deterministic encryption allows for searches on equality while keeping data encrypted
  • Searchable encryption allows for searching for keywords in encrypted documents by encrypting the keywords and storing them in a database
  • Homomorphic encryption allows for performing operations on encrypted data in a way that is equivalent to performing the operations before encryption
  • Each technique has its limitations and trade-offs
  • Maintaining an index of keyword frequency can improve the security of searchable encryption
Tags:
encryption
data
requirements
format

Get On With The Program: Threat Modeling In and For Your Organization

Conference:  Global AppSec Dublin 2023
Authors: Izar Tarandach
2023-02-16

tldr - powered by Generative AI

The importance of documenting and using threat models in cybersecurity and DevOps
  • Threat models should be stored and available in places that people know where to find them and how to relate and change them
  • Threat models can be used to define security contracts and find commonalities for platforming
  • Templates are useful for making threat models consistent and easy to compare
  • Everyday tools can be used for automating boring parts of the system and dealing with low hanging fruit
  • Threat models are living documents that should be updated and stored for future use
Tags:
Threat Modeling
Indicators
program
data

Keynote: Vulnerability Data is Not Enough: The Case for an Actionable UI

Conference:  Cloud Native SecurityCon North America 2022
Authors: Kara Yimoyines
2022-10-25

tldr - powered by Generative AI

The presentation discusses the need for an actionable user interface to address the challenges of vulnerability data and CVEs in the security space.
  • Vulnerability data alone is not enough to secure software supply chain
  • An actionable user interface is needed to automate remediation and understand blast radius of CVEs
  • GUI can help prioritize work and alert when things go sideways
  • GUI should allow annotation of CVEs and weigh potential harm and risk to the business
  • GUI becomes the central location to collaborate and communicate with cross-functional teams
  • GUI should be extensible and interoperable with other tools solving adjacent problems
  • Building accessible tools that don't require exclusive use of the terminal is important
Tags:
data
cybersecurity
CVE
remediation
automation