Healthcare Software Exploit: CVE-2023-43208

preview_player
Показать описание

Free Cybersecurity Education and Ethical Hacking with John Hammond
🔥 YOUTUBE ALGORITHM ➡ Like, Comment, & Subscribe!
  1. John Hammond
  2. cybersecurity for beginners
  3. cybersecurity
  4. hacking
  5. ethical hacking
  6. dark web
Рекомендации по теме
Healthcare Software Exploit: 0:25:14

Healthcare Software Exploit: CVE-2023-43208

CVE-2023-43208 - Mirth 0:03:19

CVE-2023-43208 - Mirth Connect Remote Code Execution

RCE in Nextgen 0:00:57

RCE in Nextgen Mirth Connect PoC

Комментарии
Автор

lol - when you showed the deny list, I thought was a easy capture the flag game - 😊 not a live medical platform

asksearchknock
Автор

Awesome! First time seeing zero-day in action. Thankyou John!

_secret-star
Автор

Thanks John, your timing is impeccable. I was just reading about the hospital hacks and was wondering how it was happening. This is great to see the whole process of what it is, how its attackable and how to defend against the threat. Been in IT for awhile and hoping to transfer to cyber. Is there a role that doesn't both sides like you demo here in the video thrse days?

angelsepulveda
Автор

I love this channel. Their simple methods of teaching are amazing.

All_u_need_channel
Автор

I’m a integration engineer for a hospital…. thank god we don’t use Mirth.
But overall, hospital systems are super tight in network security. Ain’t no way anyone is breaking into our application servers. We get tested constantly for social attacks, plus our systems are all local/self-hosted anyways. Our security guards are all pretty paranoid scary looking dudes

ByDesignation
Автор

I love your videos man, but wow the popping on your condenser mic rips through my speakers!

OneOfThePetes
Автор

Great practical: both building the novel intrusion side and the detection rule authoring side.

xCheddarBbx
Автор

The stages involved in resolving issues related to CVE-2023-43208 include:

1. Discovery: The vulnerability is discovered, in this case, arising from an incomplete patch for CVE-2023-37679.
2. Reporting: The vulnerability is reported by IHTeam.
3. Patching: A patch for the vulnerability is developed and released, as seen in Mirth Connect version 4.4.0.
4. Investigation: The patch is analyzed to understand the impact and scope of the vulnerability.
5. Mitigation: Organizations utilizing affected software versions are advised to update to Mirth Connect version 4.4.1 to mitigate the risks associated with CVE-2023-43208.

奧夫恰連科維塔利
Автор

Awesome content as usual John. Keep doing what you do. You’re the man!

outcast
Автор

What a fantastic video John. Keep up the good work!

unibrowser
Автор

I am working as a medical biller and I have used that software before

lance_c
Автор

They way you type with your middle finger is wild, John.

Jordan-hzwr
Автор

Yes amazing channel. Its just Inspire me.

mahamusmanmahamusman
Автор

a good learning experience for me. Thank you John!

GDLVL
Автор

Excellent Video John, thanks for sharing

calvinstar
Автор

This is loose in the wild. I've got several letters saying my stuff was compromised.

Nobodyday
Автор

Seems like the License Key is only if you want to install extensions via that Mirth Connect program, weird

slybandit
Автор

Hey John, If I want to find this vulnerable code in ghidra, what file should I target? There are so many complications

SomeOne-mmwr
Автор

Excellent, Please do more of such exploit demos.

punithraj
Автор

Is it just me or does this guy sound like Seth Rogan?

jamesatwell