InfoSec ICU show

InfoSec ICU

Summary: Each week, Gerry and Steve discuss Information Security topics relevant to the medical industry and to patients. From the latest hacks and bugs, to changes in the regulatory environment, and tips and tricks to keep your own personal information safe.

Join Now to Subscribe to this Podcast
  • Visit Website
  • RSS
  • Artist: Information Security at the Medical University of South Carolina
  • Copyright: Medical University of South Carolina 2017

Podcasts:

 Google MasterCard Deal, Instagram 2-Factor, Phone Number as an Identifier | File Type: audio/mpeg | Duration: 33:13

Steve and Gerry discuss the privacy ramifications of the Google MasterCard deal that recently came to light. They discuss Instagram’s decision to support two-factor authenticator apps and the issues with SMS as a 2nd factor. They finish up discussing the dependence and concerns of using your phone number as your identity and authenticator. Show Notes Resources: Google Mastercard https://www.bloomberg.com/news/articles/2018-08-30/google-and-mastercard-cut-a-secret-ad-deal-to-track-retail-sales Instagram 2-Factor https://krebsonsecurity.com/2018/08/instagrams-new-security-tools-are-a-welcome-step-but-not-enough/ Phone Number Identity https://www.wired.com/story/phone-numbers-indentification-authentication/ One Cool Things There Will Be Hops https://www.charlestoncitypaper.com/charleston/charles-towne-fermentory/Location?oid=6458711 GMail Replacements Kolab Now, ProtonMail, Zoho Contact Email infosecicu@musc.edu Twitter: * Gerry Auger (@Gerald_Auger) * Steven Cardinal (@sgcardinal)

 Gartner Catalyst, Election Hacking, and NotPetya Damages | File Type: audio/mpeg | Duration: 48:50

Steve is fresh from Gartner Catalyst and shares his experience and lessons learned. The guys discuss a follow up story from election officials that tells the other side of the story from the recent voting village hacks at DEF CON 26. They finish up with a discussion around the damages of NotPetya a year later with a case study of Maersk. Show Notes Resources: Gartner Catalyst https://www.gartner.com/en/conferences/na/catalyst-us Election Hacking https://www.propublica.org/article/defcon-teen-did-not-hack-a-state-election NotPetya https://www.wired.com/story/notpetya-cyberattack-ukraine-russia-code-crashed-the-world/ One Cool Things Netflix: Luke Cage https://www.netflix.com/title/80002537 0-emission Jaguar E-Type Zero https://arstechnica.com/cars/2018/08/want-a-zero-emissions-classic-jaguar-its-available-from-2020/ Contact Email infosecicu@musc.edu Twitter: * Gerry Auger (@Gerald_Auger) * Steven Cardinal (@sgcardinal)

 Augusta University Breach, New Age Detection Methodologies, NIST Small Business Cybersecurity | File Type: audio/mpeg | Duration: 44:46

Gerry and Brandon discuss the long term effect of the recently published Augusta University Medical Center Breach. They cover behavior based analysis for malicious activity on the network and utilizing RITA, a security tool from Black Hills Security Group to assist. Finally they touch on the recently enacted NIST Small Business Cybersecurity Act. Show Notes Resources: Augusta University Medical Center Breach https://www.healthcareitnews.com/news/417000-augusta-university-health-patient-records-breached-nearly-one-year-ago RITA https://www.blackhillsinfosec.com/projects/rita/ NIST Small Business Cybersecurity Act https://www.scmagazine.com/president-signs-nist-small-business-cybersecurity-act-into-law/article/789147/ One Cool Things AmazeFit Bip Fitness Trackers https://us.amazfit.com/shop/bip?variant=336750 Principles of Fraud Examinations https://www.amazon.com/Principles-Fraud-Examination-Joseph-Wells/dp/0470646292   Contact Email infosecicu@musc.edu Twitter: * Gerry Auger (@Gerald_Auger) * Steven Cardinal (@sgcardinal)

 Biomedical Integrity Attacks, Jeremiah Grossman Interview, and Asset Inventory Reflection | File Type: audio/mpeg | Duration: 45:17

Gerry is back from BlackHat and he’s ready to tackle the oft-ignored member of the Confidentiality-Integrity-Availability triad as he digs into a new attack that tampers with medical device data to disastrous effect. While in Vegas, Gerry also had the opportunity to interview Jeremiah Grossman, CEO of BitDiscovery, to talk about the unique way his company is addressing asset discovery and management. To top it all off, they both present their One Cool Thing. Show Notes Resources: Pestilential Protocol: How Unsecure HL7 Messages Threaten Patient Lives http://i.blackhat.com/us-18/Thu-August-9/us-18-Dameff-Pestilential-Protocol-How-Unsecure-HL7-Messages-Threaten-Patient-Lives-wp.pdf Jeremiah Grossman https://www.jeremiahgrossman.com/ BitDiscovery https://bitdiscovery.com/   One Cool Things Visual Impact Awareness Training Video Camp, L. Jean. [Security Awareness Videos]. (2015, May 25). Toothbrushes & Passwords. Retrieved from https://www.youtube.com/watch?v=j7zcuDfqRrg&list=PLGVaKmEv-k0s3In0zllvPf9AZz4o-qUIW&index=2 SCBIO 2018 Annual Conference https://www.scbio.org/cpages/annual-conf-2018 Contact Email infosecicu@musc.edu Twitter: * Gerry Auger (@Gerald_Auger) * Steven Cardinal (@sgcardinal)

 HHS dissed for poor cybersecurity, Iowa Health Group 1.4M patient breach, and BCG gets satisfaction against hacktivist | File Type: audio/mpeg | Duration: 40:41

Brandon is back in the co-pilot’s chair as we talk about the recent GAO report that HHS is failing to protect PHI. We also share our intrigue surrounding the PHI breach at Iowa Health Group that was actually a Business Email Compromise attack. There’s also good news for Boston Childrens’ Hospital, as the hacktivist charged with disrupting their network in 2014 is convicted. Show Notes Resources: HHS puts PHI at risk https://healthitsecurity.com/news/hhs-fails-to-fix-cybersecurity-vulnerabilities-putting-phi-at-risk Iowa Health Group hit with 1.4M patient record breach https://www.databreachtoday.com/iowa-health-group-data-breach-hits-14-million-patients-a-11264 Boston Children’s Hospital Hacktivist is convicted https://www.bankinfosecurity.com/boston-childrens-hospital-ddos-attacker-convicted-a-11279 One Cool Things Malwarebytes Browser Extension  https://www.bleepingcomputer.com/news/security/malwarebytes-browser-extension-blocks-malware-scams-ads-and-trackers/  Sir Patrick Stewart ready to engage his Star Trek fans again. https://www.npr.org/2018/08/05/635809156/patrick-stewart-is-reprising-his-role-as-captain-picard-in-new-star-trek-series   Contact Email infosecicu@musc.edu Twitter: * Gerry Auger (@Gerald_Auger) * Steven Cardinal (@sgcardinal)

 NIST Securing EHR on Mobile Devices, America’s Most Cyber Insecure Airports, and Blackhat Preview | File Type: audio/mpeg | Duration: 51:06

Gerry and Steve cover the recently released practical guidance from NIST on securely integrating mobile devices into clinical practices. They discuss then poke holes in a recent, widely distributed report discussing America’s most cyber insecure airports, and with Blackhat on the horizon they provide a preview of things to expect from the event and in the coming weeks. As always they wrap up with one cool thing. Show Notes Resources: NIST Securing Electronic Health Record on Mobile Devices https://www.nccoe.nist.gov/sites/default/files/library/sp1800/hit-ehr-nist-sp1800-1.pdf  Most insecure Airports https://www.cnbc.com/2018/07/17/these-are-the-10-airports-where-youre-most-likely-to-be-hacked.html Blackhat https://www.blackhat.com/us-18/ One Cool Things Magic Leap Coming Soon https://techcrunch.com/2018/07/27/magic-leap-unveils-what-its-mixed-reality-operating-system-will-look-like/ Dune Remake http://www.syfy.com/syfywire/dune-reboot-two-movies-two-years-denis-villeneuve Contact Email infosecicu@musc.edu Twitter: * Gerry Auger (@Gerald_Auger) * Steven Cardinal (@sgcardinal)

 Supply Chain Risks, Healthcare Sector Coordinating Council, and Emotet Threat Distribution | File Type: audio/mpeg | Duration: 41:14

Gerry and Steve discuss organizations challenge of securing their supply chain, citing a recent robotics company that lost IP from major car vendors. They provide an update on the Healthcare Sector Coordinating Councils efforts on executing on the 2017 Healthcare Cybersecurity Taskforce report. They dive into Emotet malware and how it has evolved from a simple banking trojan in 2014 to a threat distribution platform. As always they wrap up with one cool thing. Show Notes Resources: Third Party Risk https://www.upguard.com/breaches/short-circuit-how-a-robotics-vendor-exposed-confidential-data-for-major-manufacturing-companies Healthcare Sector Coordinating Council Cybersecurity Working Group https://nhisac.org/announcements/healthcare-sector-coordinating-councils-cybersecurity-working-group-moves-boost-membership/ Emotet https://www.symantec.com/blogs/threat-intelligence/evolution-emotet-trojan-distributor One Cool Things Alexa interprets sign language https://www.theverge.com/2018/7/24/17606614/amazon-alexa-echo-mod-sign-language-gestures-ai Flying Cars https://www.digitaltrends.com/cars/opener-blackfly-flying-car/ Contact Email infosecicu@musc.edu Twitter: * Gerry Auger (@Gerald_Auger) * Steven Cardinal (@sgcardinal)

 Russia Indictments, Insurers Exploitation of Medical Data, and Sextortion | File Type: audio/mpeg | Duration: 41:55

Gerry and Steve have read the indictment of Russian nationals APT28 aka “Fancy Bear” aka Unit 26165 released by the DOJ. The techniques and extent of the attacks are covered and discussed. They turn their attention to an NPR investigation into techniques health insurers are employing to determine policy premiums. Thirdly, they touch on a ‘hot’ criminal email campaign going on right now dubbed ‘sextortion’. As always, they close the show with one cool thing. Show Notes Resources: DOJ Russia Indictment https://www.justice.gov/opa/press-release/file/1035562/download Health Insurers Are Vacuuming Up Details About You — And It Could Raise Your Rates https://www.npr.org/sections/health-shots/2018/07/17/629441555/health-insurers-are-vacuuming-up-details-about-you-and-it-could-raise-your-rates  Sextortion https://krebsonsecurity.com/2018/07/sextortion-scam-uses-recipients-hacked-passwords/    One Cool Things The Seedy Underbelly Stops for World Cup https://www.scmagazine.com/cybercriminals-take-the-day-off-to-watch-the-world-cup/article/780398/ Scuba Jet Pack like Johnny Quest https://www.digitaltrends.com/cool-tech/underwater-jetpack-project/ Contact Email infosecicu@musc.edu Twitter: * Gerry Auger (@Gerald_Auger) * Steven Cardinal (@sgcardinal)

 Security Provider Being Sued for Effectiveness, California’s New “GDPR-esque” Law, and More Wearable Security Concerns | File Type: audio/mpeg | Duration: 54:20

Gerry and Brandon dig into a recent lawsuit of a cyber insurance company suing a security provider for gross negligence of protecting the insurer’s client systems and what this may mean for the industry going forward. They investigate Californias new privacy law and how it relates to individuals and the healthcare industry. They finish up discussing yet another wearable device security issue and the impact of it. As always, they close the show with one cool thing. Show Notes Resources: Security Firm Sued for Failing to Detect Malware That Caused a 2009 Breach   https://www.bleepingcomputer.com/news/security/security-firm-sued-for-failing-to-detect-malware-that-caused-a-2009-breach/   Why California’s New Privacy Law Is a ‘Whole New Ballgame’  https://www.healthcareinfosecurity.com/interviews/californias-new-privacy-law-whole-new-ballgame-i-4036  More wearable security concerns https://www.av-test.org/en/news/fitness-trackers-13-wearables-in-a-security-test/   https://www.csoonline.com/article/3287646/security/polar-fitness-app-exposed-personal-information-of-soldiers-and-spies.html#tk.twt_cso  One Cool Things Skimmer Scanner https://play.google.com/store/apps/details?id=skimmerscammer.skimmerscammer&hl=en_US 1962 “OG” Comms Satellite Launch Contact Email infosecicu@musc.edu Twitter: * Gerry Auger (@Gerald_Auger) * Steven Cardinal (@sgcardinal)

 Magic Unicorns, Exactis Data Breach, and an Interview with Phishing Expert Elizabeth Snead | File Type: audio/mpeg | Duration: 46:42

Gerry’s on holiday and Security Architect Matt Jones joins the podcast to discuss the recent Magic Unicorn revelation that has forensics experts in a tizzy. We also dive into an interview with Elizabeth Snead, an expert on phishing campaigns, as she gives us insight into interesting types of phishes and what you can do to defend yourself. And since we’re talking about phishing, Matt and Steve discuss the recent Exactis breach and what that could mean for advancing spear-phishing campaigns. Finally, we wrap up with some One Cool Thing magic. Show Notes Resources: Magic Unicorn https://lmgsecurity.com/exposing-the-secret-office-365-forensics-tool/ Exactis discloses 340M user profile records https://www.wired.com/story/exactis-database-leak-340-million-records/ One Cool Things SpaceX delivers Death Wish Coffee https://www.cnet.com/news/spacex-dragon-delivers-death-wish-coffee-to-iss-astronauts/ Active Damping Phone Case https://techcrunch.com/2018/06/27/this-clever-case-pops-open-to-protect-your-phone-when-you-drop-it/ Contact Email infosecicu@musc.edu Twitter: * Gerry Auger (@Gerald_Auger) * Steven Cardinal (@sgcardinal)

 HIPAA Breaches, Fines, and Legislation | File Type: audio/mpeg | Duration: 40:33

It’s all HIPAA this week, and you’d be surprised at the meat on this bone! Steve and Gerry discuss the recent massive OCR fine to a Texas healthcare provider and how the poor understanding of HIPAA requirements and policies are leading to individuals violating HIPAA with the best of intentions. Finally, the guys cover the challenges individuals have attempting to bring HIPAA infractions to justice as citizens. Show Notes Resources: University of Texas MD Anderson Cancer Center ordered to pay $4.3M for 3 breaches involving 2 USB drives and a laptop https://medcitynews.com/2018/06/md-anderson-4-3m-hipaa/  State of NY suspends nurse for unauthorized removal of PHI https://healthitsecurity.com/news/new-york-suspends-nurse-for-hipaa-violation-affecting-3k-patients  Poor understanding of HIPAA requirements and policies can lead healthcare workers to deny or delay access to PHI.  https://jamanetwork.com/journals/jama/fullarticle/2686002 Judge Dismisses Lawsuit Charging LabCorp with HIPAA Violation.  https://healthitsecurity.com/news/amp/judge-dismisses-lawsuit-charging-labcorp-with-hipaa-violation    One Cool Things Recon-NG https://bitbucket.org/LaNMaSteR53/recon-ng Pi-Hole https://pi-hole.net/ Contact Email infosecicu@musc.edu Twitter: * Gerry Auger (@Gerald_Auger) * Steven Cardinal (@sgcardinal)

 Google Location Data Leaks, Defense-in-Depth on the Homefront, and Practicality in a Security Program | File Type: audio/mpeg | Duration: 51:07

Gerry and Steve discuss a recently released security research showing geo-location data leakage from unexpected sources. They provide a list of tried and true defense-in-depth techniques for non-corporate networks. They wrap-up with a discussion on the practical application of security in corporate settings to get end-user buy-in. Show Notes Resources: Location data leak on Google DigitalAssistants and Media Player https://krebsonsecurity.com/2018/06/google-to-fix-location-data-leak-in-google-home-chromecast/ Practicality in a security program https://www.darkreading.com/vulnerabilities—threats/3-tips-for-driving-user-buy-in-to-security-policies/a/d-id/1332053 One Cool Things Google AI – https://www.bloomberg.com/news/articles/2018-06-18/google-is-training-machines-to-predict-when-a-patient-will-die Universal Translator – https://itunes.apple.com/us/app/speak-translate-translator/id804641004 Contact Email infosecicu@musc.edu Twitter: * Gerry Auger (@Gerald_Auger) * Steven Cardinal (@sgcardinal)

 Microsoft Red Team, 7 Properties of Highly Secure Devices, and Azure Sphere | File Type: audio/mpeg | Duration: 49:15

Gerry and Steve discuss Microsofts Red Team and how its mission to beat the bad guys to finding vulnerabilities in Windows OS. They give their thoughts on a recently released research paper on the seven properties of highly secure devices and what the impact for IoT devices in general could be. They wrap up discussing Azure Sphere, Microsofts approach to end-to-end IoT security. Show Notes Resources: Microsoft Red Team – https://www.wired.com/story/microsoft-windows-red-team/ 7 Properties of Highly Secure Devices – https://www.microsoft.com/en-us/research/wp-content/uploads/2017/03/SevenPropertiesofHighlySecureDevices.pdf Azure Sphere – https://azure.microsoft.com/en-us/blog/introducing-microsoft-azure-sphere-secure-and-power-the-intelligent-edge/ One Cool Things Blackhat Arsenal https://www.blackhat.com/us-18/arsenal/schedule/index.html Flush https://itunes.apple.com/us/app/flush-toilet-finder-map/id955254528?mt=8 Contact Email infosecicu@musc.edu Twitter: * Gerry Auger (@Gerald_Auger) * Steven Cardinal (@sgcardinal)

 Tool Time! NSM, SysMon and Malware Analysis Tools | File Type: audio/mpeg | Duration: 1:03:58

In a special edition of InfoSecICU, its tool time! Brandon and Gerry discuss their experiences and lessons learned with a bevy of security related software tools that you may utilize in your organization. NSM as a philosophy is covered, followed by SysMon. The guys round out discussing approaches and appropriateness of malware analysis tool sets. Show Notes Resources: Network Security Monitoring (NSM) http://nsmwiki.org/Main_Page SecurityOnion https://securityonion.net/ RocNSM http://rocknsm.io/ SysMon https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon PEStudio https://www.winitor.com/ ApateDNS https://www.fireeye.com/services/freeware/apatedns.html IDA Pro https://www.hex-rays.com/products/ida/ WinDbg https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/debugger-download-tools VirusTotal https://www.virustotal.com/ Joe Sandbox https://www.joesecurity.org/ Strings https://en.wikipedia.org/wiki/Strings_(Unix) Wireshark https://www.wireshark.org/   One Cool Things Gerry: 80’s Retro Synthwave Collection The Midnight https://youtu.be/_pUL7u-mYqA FM-84 https://youtu.be/rSGnNMnvM6M Timecop1983  https://youtu.be/egAB2qtVWFQ Brandon: Caffe Shakerato http://saltandwind.com/recipes/102-caffe-shakerato-recipe  Contact Email infosecicu@musc.edu Twitter: * Gerry Auger (@Gerald_Auger) * Steven Cardinal (@sgcardinal)

 Cyberwar Collateral Damage, VPNFilter, and Digital Assistant Concerns | File Type: audio/mpeg | Duration: 39:45

Brandon and Gerry discuss the recent NH-ISAC Summit in Sawgrass and a keynote talk regarding cyberwar and civilian collateral damages. They discuss, technically, the recently published research on VPNFilter and finish discussing some additional Amazon Alexa mishaps. Show Notes Resources: NH-ISAC Summit https://nhisac.org/summits/2018-spring-summit/ VPNFilter https://blog.talosintelligence.com/2018/05/VPNFilter.html   https://www.zdnet.com/article/fbi-to-all-router-users-reboot-now-to-neuter-russias-vpnfilter-malware/  Amazon Alexa Records Conversation and Messages It https://www.techspot.com/news/74820-amazon-explains-how-alexa-secretly-recorded-couple-conversation.html   https://www.elitedaily.com/p/why-is-my-amazon-alexa-laughing-at-me-the-creepy-glitch-is-being-fixed-8441976  https://www.techspot.com/news/74128-amazon-patent-could-alexa-listen-conversations-discover-more.html  One Cool Things Privacy.Com Jupiters planet Europa https://www.space.com/40575-jupiter-moon-europa-plume-galileo-spacecraft.html Contact Email infosecicu@musc.edu Twitter: * Gerry Auger (@Gerald_Auger) * Steven Cardinal (@sgcardinal)

Comments

Login or signup comment.