lol - when you showed the deny list, I thought was a easy capture the flag game - 😊 not a live medical platform

Awesome! First time seeing zero-day in action. Thankyou John!

Great practical: both building the novel intrusion side and the detection rule authoring side.

I’m a integration engineer for a hospital…. thank god we don’t use Mirth. But overall, hospital systems are super tight in network security. Ain’t no way anyone is breaking into our application servers. We get tested constantly for social attacks, plus our systems are all local/self-hosted anyways. Our security guards are all pretty paranoid scary looking dudes

Thanks John, your timing is impeccable. I was just reading about the hospital hacks and was wondering how it was happening. This is great to see the whole process of what it is, how its attackable and how to defend against the threat. Been in IT for awhile and hoping to transfer to cyber. Is there a role that doesn't both sides like you demo here in the video thrse days?

Awesome content as usual John. Keep doing what you do. You’re the man!

I love this channel. Their simple methods of teaching are amazing.

a good learning experience for me. Thank you John!

Love seeing the defensive side.

The stages involved in resolving issues related to CVE-2023-43208 include: 1. Discovery: The vulnerability is discovered, in this case, arising from an incomplete patch for CVE-2023-37679. 2. Reporting: The vulnerability is reported by IHTeam. 3. Patching: A patch for the vulnerability is developed and released, as seen in Mirth Connect version 4.4.0. 4. Investigation: The patch is analyzed to understand the impact and scope of the vulnerability. 5. Mitigation: Organizations utilizing affected software versions are advised to update to Mirth Connect version 4.4.1 to mitigate the risks associated with CVE-2023-43208.

What a fantastic video John. Keep up the good work!

Excellent Video John, thanks for sharing

They way you type with your middle finger is wild, John.

This is loose in the wild. I've got several letters saying my stuff was compromised.

Excellent, Please do more of such exploit demos.

I love your videos man, but wow the popping on your condenser mic rips through my speakers!

Another awesome video from John 🎉

i saw this... Good explanation!

Welp, time to go remediate

I am working as a medical biller and I have used that software before

Great video , thank you

great video, loved it

Ah gotta love XML rest apis

Yes amazing channel. Its just Inspire me.

Awesome! Thank you John for the insight!

Nice john 👌❤️😉

next malware analysis

Seems like the License Key is only if you want to install extensions via that Mirth Connect program, weird

Careful john, dont hand over those knives to script kitties….

So, you have an API. Which is publicly available, not just to your frontend. With user objects exposed. How does this not throw up enough red flag as it is, did it have to have an XML demarshalling vulnerability as well? And, their position on the log4j issue was also... a bit iffy, to say the least. "We use log4j v1.2.x, the vulnerability came first in v2.x" - eh.... well, I bet that version of log4j has even more exploit potential being so old (1.2.17, which was the last version of 1.x, was discontinued in 2015). Ok, they upgraded to a newer, non-vulnerable (at least for the JNDI-exploit) version now, but who says we'll not end up there with other third-part libraries or even log4j again?

Hey John, If I want to find this vulnerable code in ghidra, what file should I target? There are so many complications

This reminds me of Hacknet.

Going to see an insane amount of hacks this year. It's to scare you into CBDC and close the trap. Resist at all costs!

👏👏👏

Is it just me or does this guy sound like Seth Rogan?

Ah ya goda patch it!

Let’s fucking go!

"a standalone Python script" Python's requests library isn't installed by default.

Man. I used to managed these interfaces. HL7 is kind of a shit show and the interface engines are really in need of some love.

Hello John can you make a video on how to create custom cve detectors like how pentest tools works or share a good reference to am trying to make mine thanks

Aint no way a python script written by chatgpt worked without issue in runtime or with the exploit itself

5:37 what song is this?

As a technician in the medical field for over 20 yrs, I have ZERO tolerance with MDs. More worried about having their license pulled than anything. Already changing doctors for my MOM because one was PUSHING for a new med on TV. Take note doctors, license or not, we are not FOOLED!

1:25 Give me a break with the AI. Any IT thing is only as good as the humans who set it up, program it, and run it.

is there a way to find PoC's of some latest exploits? anyone who know just comment down some suggestions

Aku tidak bisa bahasa engles pa engga ngerti artinya pa

Love from india

What's so special about arch linux?