HF 2021 - Call for Papers

Zachary Minneker

Zachary Minneker (seiranib) is a security researcher and senior security engineer at Security Innovation where he has performed security assessments on a variety of systems, including robots for kids, audio transcription codecs, and electronic medical record systems. He has deep experience in fuzzing, reverse engineering, and protocol analysis. His research has focused on techniques for in-memory fuzzing, macOS sandbox security, and on EMRs and healthcare software. He has presented at conferences such as DefCon.

The speaker's profile picture

Your twitter or other social network – @seiranib Which country are you from? – United State of America

Talks

I'm Not A Doctor, I Just Play One On HTTP: Vulnerabilities in HL7 FHIR

In a modern hospital, protocols are required to allow different departments to communicate to each other. HL7's FHIR is the next generation of the most widely used of these protocols. This talk is about the form of the protocol, vulnerabilities and CVEs discovered during research into the protocol that could lead to everything from account compromise to completely disabling a hospital's electronic medical record system (EMRs), as well as design flaws that may lead to significant misconfigurations in deployments.