X41 Teams up With Medical Tribune to Check the Security of Medical Practices in Germany

X41 has teamed up with the Medical Tribune to have a look at the IT-security of an average medical doctor's office. The initial results after two hours were as expected:

  • The obvious Post-IT on the screen with a password
  • Mails being read with Administrator privileges
  • Default passwords on network equipment
  • Cleartext passwords in files on the network drive
  • E-Mails being received without TLS
  • Free access to USB ports

We also analyzed some of the specialized medical software tools used in these environments, results will be published soon.

About X41 D-Sec GmbH

X41 D-Sec GmbH is an expert provider of application security services. Having extensive industry experience and expertise in information security enables X41’s strong core team of world-class experts to perform premium security services.

Fields of expertise in application security are security-centered code reviews, binary reverse engineering, and vulnerability discovery. Custom research and IT-security consulting and support services are core competencies of X41.

Author: Markus Vervier
Date: October 02, 2019