Burp Suite Professional to XML: BURP2XML
Burp Suite Professional's session file is not in a useful format to extract data from. This post introduces a python script that converts this session file to a XML document.
HIE’s – Now That the Funding is Complete, What Will the Operational Environment Look Like?
Last week the Department of Health and Human Services (HHS) announced an additional round of $162M in funding for Healthcare Information Exchanges. Combined with the state grants announced in February, this brings total funding to $547M. This means that all…
Skipfish, Google Enters the Web Scanner Fray
This morning the office was buzzing with Google hysteria. Google, releasing great security tools like RATproxy, has released a web application scanner similar to Nikto (and to a lesser extent Nessus web Checks) called Skipfish. Now, we understand that not…
Installing Google Skipfish on Ubuntu/Debian
Check out jason's post for an in-depth review. http://bit.ly/9LAnbt Here's the simple commands necessary to get hacking with Google's new web application scanner Skipfish: wget http://skipfish.googlecode.com/files/skipfish-1.01b.tgz tar zxvf skipfish-1.01b.tgz sudo apt-get install libidn11-dev cd skipfish make cp dictionaries/default.wl skipfish.wl ./skipfish…
Healthcare IT Security Developments
Earlier this week the Office of the National Coordinator for Health Information Technology (ONC) released an initial draft of its healthcare IT framework and strategic plan. This is a high level outline of the themes, principles, strategies and objectives that…
Threats, Lies and Videotape – a Few Days at the RSA Conference
I spent the last few days at the RSA conference in San Francisco. I’ve been attending for many years now and there seems to be a growing discontinuity between what’s being presented in the sessions (and the discussions following) and…
FTC slams ControlScan
I wrote about this a while back, but it seems like others are taking note: "The U.S. Federal Trade Commission (FTC) on Thursday (Feb. 25) screamed “the Emperor has no clothes” by reporting to consumers that one of the largest…
Identity Theft Check Up: Electronic Medical Records are the New Credit Cards
As credit card fraud prevention measures have made it tougher on identity thieves, identity thieves have found a new target, healthcare identities. And healthcare information systems are nowhere near ready to withstand the onslaught. A recent survey by Chicago-based HIMSS…