Securing COVID Vaccination Sites
Coffee with CISOs Episode 10
Our guest for this episode is Dylan Foos, a Senior Security Analyst at Accenture. Dylan and the rThreat team discuss what discoveries he has made regarding these attacks, who’s behind them, and steps being taken to secure these sites to protect the public.
Bring your favorite drink (doesn’t have to be coffee) and take a quick break to learn more about:
● Findings and observations made during web attacks
● The importance of input validation
● How to safeguard vaccination records
When we were registering for a vaccination shot, there was no input validation in the text fields so we were able to send a phish email through that vaccination [portal].
About the Webinar
With the recent global pandemic and the introduction of COVID-19 vaccination sign-up sites, most citizens have their Personal Health Information(PHI) on the web. It is more important than ever that we safeguard this medical information. In this webinar, we break down the recent efforts in monitoring, threat hunting, and penetration testing to further this. Input validation is one of the main focuses of cybersecurity teams dedicated to safeguarding medical information to prevent injections and denial of service attacks. Other vulnerabilities included the editing or cancellation of appointments and accessing private information due to the lack of security.
MEET THE SPEAKERS
Dylan Foos is a Senior Security Analyst at Accenture. He is an ethical hacker specializing in penetration testing and red team engagements. Dylan is extremely passionate about anything related to security, physical security, social engineering, and most importantly Web Apps. He is currently working on penetration testing for state-run COVID-19 tracing and vaccination sites.
Want to see rThreat in action?
See how the next generation of breach and attack emulation can help protect your company from cyber threats.