Gleg is a cyber-arms-dealer based in Moscow, selling zero-day vulnerabilities it has uncovered in widely used systems to companies that want to weaponize them.
For $4,000/year, Gleg will sell you a subscription to its "MedPack" service, which comes with 25 exploits aimed at hospital equipment every year.
In one video uploaded to Vimeo, Gleg shows an exploit being used against a hospital health information management system (HHIMS). A list of MedPack updates includes a zero-day to replace files in a piece of software from a company called MediTEX. MediTEX makes scheduling software as well as a platform for documenting therapy and quality assurance for reproductive medicine, according to the company’s website.
“We use some products of them in the hospitals too,” Jelena Milosevic, a pediatrician and intensive care unit (ICU) nurse, who has also crossed over into information security, told Motherboard in an email.
Gleg’s MedPack exploits are designed to be used with Canvas, a penetration testing tool made by cybersecurity firm Immunity Inc. With this, someone paid to legally scope out how secure a medical centre or hospital is may be able to get a foothold in a target organization. But while those vulnerabilities remain as zero-days, with their details unknown to the vendor, they are still open for others to potentially exploit—something which may concern those in and around the medical industry.
This Russian Company Sells Zero-Day Exploits for Hospital Software [Joseph Cox/Motherboard]
Automated phone spam is a growing plague for anyone with a telephone, landline or cell. The U.S. Department of Justice today announced that they’re trying to get court approval to take enforcement action against various telecommunications companies for their alleged role in facilitating robocalls.
“If there are no consequences for the [UN] agencies for failures like these … there will be more breaches.”
Order says data collected ‘could be valuable to foreign entities’ The United States Interior Department today introduced a no-fly rule that covers pretty much all Chinese drones, and all unmanned aerial vehicles (UAVs) made with Chinese parts, with some narrow exceptions. The big fear is espionage.
The dreaded tax season is nearly upon us, and that means it’s time to start the process of gathering all of the expenses that will give you the largest deduction possible. The Quickbooks Pro Desktop Certification Bonus Bundle will help take the headaches out of this miserable processes by teaching you how to use one […]
You don’t need to be a climate scientist in order to know that the Earth is in serious trouble, but the good news is that you also don’t need to necessarily make any drastic changes to your lifestyle in order to do your part to help. This nOcean Wearable Reusable Silicone Straw will help you […]
When it comes to conquering that resolution list and hitting all of your goals in 2020, nothing is more important than getting a great night’s sleep every night so you can wake up feeling refreshed and extra productive. The CarbonIce: 7-in-1 Bacteria Protection & Cooling Pillow will help you do just that, and right now […]