top of page

Michael Aguilar (v3ga) - Principle Consultant - Secureworks Adversary Group

A Backdoor Into My Heart: Connected Medical Device Security in the 21st Century

Bio:


Michael Aguilar (v3ga) is a Principle Consultant for Secureworks Adversary Group. He runs Adversary Simulation operations, Physical Security and Network/Web based assessments. When not doing computer things, he (I) read a lot and like to run to de-stress.


Abstract:


We are at an advanced age in technology. In every facet, AI seems prevalent, leading many to assume that cybersecurity practices are as advanced as the newest technologies they see daily. With recent FDA updates to Cybersecurity, it is now "expected" that no security "vulnerabilities" exist in these devices before they are sold. Artifacts presented for FDA 510-k submissions include results from Penetration Tests and Adversary Simulations, but are the results any good? Do they address modern flaws in the Operating System or Technology Stack?


This talk will be a deep dive into the world of connected medical devices, the flaws experienced, my methodology and some walkthroughs of several CVE's I have located during device testing at Defcon's Biohacking Village device lab, some interesting war stories. I will also cover unreleased flaws in various medical devices without naming and shaming.

Michael Aguilar (v3ga) - Principle Consultant - Secureworks Adversary Group
bottom of page