redteam Archives - Linux Included

Hacking HL7 Data Interfaces in Medical Environments: Attacking and Defending the Achille’s Heel of Healthcare

August 24, 2017 Dallas Haselhorst Comments 0 Comment

This security research paper is the second of two examining the HL7 messaging standard, which is arguably the most fundamental flaw in healthcare IT. HL7 is used extensively for system-to-system communications and is in nearly every healthcare facility worldwide. The first paper is an overview of what can be done with stolen medical data, what HL7 is, as well as potential dangers inherent to HL7. The second paper moves beyond theory and is an in-depth, technical discussion on ways to…

HL7 Data Interfaces in Medical Environments: Understanding the Fundamental Flaw in Healthcare

August 24, 2017 Dallas Haselhorst Comments 4 comments

This security research paper is the first of two examining the HL7 messagiang standard, which is arguably the most fundamental flaw in healthcare IT. HL7 is used extensively for system-to-system communications and is in nearly every healthcare facility worldwide. The first paper is an overview of what can be done with stolen medical data, what HL7 is, as well as potential dangers inherent to HL7. The second paper moves beyond theory and is an in-depth, technical discussion on ways to…

Uncovering Indicators of Compromise

June 8, 2016 Dallas Haselhorst Comments 0 Comment

This is the “newest” version of a paper and script I originally wrote as part of my SANS gold paper for the GCCC certification. The paper re-write was primarily in preparation for my presentation of the topic at the 2016 Nagios World Conference… Unfortunately, the conference was canceled. <sigh> Nonetheless, the paper now covers version 6 of the Critical Security Controls instead of 5.1. Changelog 6October2015 – Originally posted 16October2016 – Updated for version 6 of CSCs The original paper in PDF…

Linux Included

A little blue, red, and Linux with a lot of nerd

Browsed by
Tag: redteam