|
Average Individuals
|
Breaches |
10 |
|
|
Prove It
|
Awareness Center : SBOM |
5 |
|
|
SBOM Healthcare PoC
|
Awareness Center : SBOM |
3 |
|
|
I'll have a dozen microchip BLE vulnerabilities, please
|
Awareness Center : SBOM |
3 |
|
|
Behind the Bars!
|
Awareness Center: Malicious PPE Insider |
10 |
|
|
Wait, How?
|
Awareness Center: Malicious PPE Insider |
10 |
|
|
You are Fired!
|
Awareness Center: Malicious PPE Insider |
10 |
|
|
10x1337
|
Breaches |
10 |
|
|
What's Breached in Nevada Stays in... oh no
|
Breaches |
5 |
|
|
Millions and Millions
|
Breaches |
5 |
|
|
Global Dates
|
Breaches |
5 |
|
|
Breach Count
|
Breaches |
5 |
|
|
Shame! Shame! Shame!
|
Breaches |
5 |
|
|
We're All Individuals!
|
Breaches |
5 |
|
|
Let's Play a Game
|
Awareness Center: Fake News |
5 |
|
|
Ultrasound Authentication Bypass Vulnerability
|
Awareness Center : Vulnerability Management |
5 |
|
|
South of the Border
|
Awareness Center : Vulnerability Management |
5 |
|
|
ICS-CERT Advisory IDs
|
Awareness Center : Vulnerability Management |
5 |
|
|
Old Bugs Never Die
|
Awareness Center : SBOM |
10 |
|
|
Who Came Together To Harmonize via Audit?
|
Awareness Center : Intranet |
10 |
|
|
Who Came Together To Harmonize?
|
Awareness Center : Intranet |
10 |
|
|
Fundamental Rights!
|
What applies? |
10 |
|
|
Who-Is in the Crematorium?
|
Crematorium: Watch your BACnet |
50 |
|
|
Oui Oui!
|
What applies? |
10 |
|
|
Happy Birthday!
|
What applies? |
5 |
|
|
Lights in ICU
|
Hospital Building Automation System: BACNet |
100 |
|
|
A Long Way from Home
|
What applies? |
10 |
|
|
St. Elvis and St. Elvis Digital Twin Out of the Woods
|
St. Elvis Digital Twin |
200 |
|
|
Who Fights in our Corner?
|
Privacy Center: Hello Halo, Apple Watch and Fitbit! |
10 |
|
|
Are our PGHD protected?
|
Privacy Center: Hello Halo, Apple Watch and Fitbit! |
10 |
|
|
Send our Health Data Out!
|
Privacy Center: Hello Halo, Apple Watch and Fitbit! |
10 |
|
|
PE Header Size
|
Radiology: Polyglot PE / DICOM Files |
3 |
|
|
Scary Screenshot
|
Awareness Center: Healthcare Orgs are not Immune |
5 |
|
|
DICOM Prefix
|
Radiology: Polyglot PE / DICOM Files |
21 |
|
|
CVE
|
Awareness Center : Vulnerability Management |
5 |
|
|
11 0-Days
|
Awareness Center : Vulnerability Management |
5 |
|
|
FDA Safety Communication
|
Awareness Center : Vulnerability Management |
20 |
|
|
Vaccines for sale
|
Dark(net) Times |
30 |
|
|
The physician's office
|
Certification Center: HCISPP Day2 |
12 |
|
|
NIST guidance
|
Certification Center: HCISPP Day2 |
12 |
|
|
Medical Record numbers
|
Certification Center: HCISPP Day2 |
12 |
|
|
Safe Harbor and HIPAA
|
Certification Center: HCISPP Day2 |
11 |
|
|
Medical devices integration
|
Certification Center: HCISPP Day2 |
11 |
|
|
Internal threat
|
Certification Center: HCISPP Day2 |
11 |
|
|
Intended purposes
|
Certification Center: HCISPP Day2 |
11 |
|
|
Pulse Ox RE Challenge 1
|
TeleCare Division : Pulse Oximeter |
20 |
|
|
Information policy
|
Certification Center: HCISPP Day2 |
11 |
|
|
Healthcare dataset
|
Certification Center: HCISPP Day2 |
11 |
|
|
GAPP
|
Certification Center: HCISPP Day2 |
11 |
|
|
Framing
|
Certification Center: HCISPP Day2 |
11 |
|
|
DSP toolkit
|
Certification Center: HCISPP Day2 |
11 |
|
|
Disaster recovery
|
Certification Center: HCISPP Day2 |
11 |
|
|
Data breach notification
|
Certification Center: HCISPP Day2 |
11 |
|
|
US agency
|
Certification Center: HCISPP Day2 |
10 |
|
|
Third-party agency
|
Certification Center: HCISPP Day2 |
10 |
|
|
Improvement in Key Areas, Like Supply Chain
|
Awareness Center : It Is an Order, Executive One! |
15 |
|
|
SBOM Mr. President!
|
Awareness Center : It Is an Order, Executive One! |
15 |
|
|
Traffic At The Hospital: Pt. 3
|
Technical Training Center: T-ATP |
25 |
|
|
See in 3D
|
Awareness Center : Intranet |
10 |
|
|
Let's Share Some Keys
|
Technical Training Center: T-ATP |
30 |
|
|
Jane Doe's CPAP Machine Serial Number
|
Emergency Room : CPAP Machine Forensics |
50 |
|
|
Where is the smoke coming from?
|
ICS Center: Hospital Smoke Signals |
10 |
|
|
Data and Statistics
|
Awareness Center : Intranet |
10 |
|
|
Bring them to their knees...
|
Awareness Center : Healthcare Orgs are not Immune |
5 |
|
|
Am I in the flood zone?
|
Awareness Center : Healthcare Orgs are not Immune |
10 |
|
|
A Preventable Tragedy
|
Awareness Center : Healthcare Orgs are not Immune |
10 |
|
|
Don't use the shredder just yet...
|
Awareness Center : Healthcare Orgs are not Immune |
10 |
|
|
Are French Fries The European Chips?
|
Awareness Center : Chips, French Fries or Other? |
10 |
|
|
American Fries or Chinese Chips?
|
Awareness Center : Chips, French Fries or Other? |
10 |
|
|
The Semiconductor Kind of Chips
|
Awareness Center : Chips, French Fries or Other? |
10 |
|
|
French Fries
|
Awareness Center : Chips, French Fries or Other? |
10 |
|
|
HSM
|
Certification Center: HCISPP Day2 |
10 |
|
|
First healthcare regulation
|
Certification Center: HCISPP Day2 |
10 |
|
|
Cyberattack
|
Certification Center: HCISPP Day2 |
10 |
|
|
Confidentiality
|
Certification Center: HCISPP Day2 |
10 |
|
|
Third-party risk assessment
|
Certification Center: HCISPP Day2 |
9 |
|
|
Security controls
|
Certification Center: HCISPP Day2 |
9 |
|
|
Common-access card
|
Certification Center: HCISPP Day2 |
9 |
|
|
Executive Order
|
Awareness Center: It Is an Order, Executive One! |
5 |
|
|
What Brand Was It?
|
COVID-19 Test Lab |
15 |
|
|
Single-sign-on authentication
|
Certification Center: HCISPP Day2 |
9 |
|
|
Digital Twin is Back Up and Running Again!
|
St. Elvis Digital Twin |
200 |
|
|
Part 2 - United States Patent Office - 01/12/2009 - Network Address
|
Patent Office: Incident Response, Memory Forensics, Network Forensics |
100 |
|
|
Compromised PACS / DICOM Server - Question 6
|
DICOM |
45 |
|
|
Part 2 - United States Patent Office - 01/12/2009 - Printer
|
Patent Office: Incident Response, Memory Forensics, Network Forensics |
100 |
|
|
Part 2 - United States Patent Office - 01/12/2009 - SID
|
Patent Office: Incident Response, Memory Forensics, Network Forensics |
100 |
|
|
Compromised PACS / DICOM Server - Question 5
|
Radiology: DICOM |
40 |
|
|
Electronic health
|
Certification Center: HCISPP Day1 |
13 |
|
|
Security and privacy
|
Certification Center: HCISPP Day1 |
12 |
|
|
Compromised PACS / DICOM Server - Question 4
|
Radiology: DICOM |
30 |
|
|
Compromised PACS / DICOM Server - Question 3
|
Radiology: DICOM |
30 |
|
|
Vulnerability scan
|
Certification Center: HCISPP Day1 |
11 |
|
|
NIST
|
Certification Center: HCISPP Day1 |
11 |
|
|
Chief Privacy Officer
|
Certification Center: HCISPP Day1 |
11 |
|
|
Level of security
|
Certification Center: HCISPP Day1 |
10 |
|
|
External auditors
|
Certification Center: HCISPP Day1 |
10 |
|
|
Database
|
Certification Center: HCISPP Day1 |
10 |
|
|
Coding system
|
Certification Center: HCISPP Day1 |
10 |
|
|
BYOD
|
Certification Center: HCISPP Day1 |
10 |
|
|
Purging data
|
Certification Center: HCISPP Day1 |
9 |
|
|
ISAC
|
Certification Center: HCISPP Day1 |
9 |
|
|
EHR
|
Certification Center: HCISPP Day1 |
9 |
|
|
Data breach investigation
|
Certification Center: HCISPP Day1 |
9 |
|
|
Authority role
|
Certification Center: HCISPP Day1 |
9 |
|
|
Compromised PACS / DICOM Server - Question 2
|
Radiology: DICOM |
20 |
|
|
Risk assessment
|
Certification Center: HCISPP Day1 |
8 |
|
|
Protection
|
Certification Center: HCISPP Day1 |
8 |
|
|
Compromised PACS / DICOM Server - Question 1
|
Radiology: DICOM |
30 |
|
|
Management council
|
Certification Center: HCISPP Day1 |
8 |
|
|
Chain of trust
|
Certification Center: HCISPP Day1 |
8 |
|
|
Access and correction
|
Certification Center: HCISPP Day1 |
8 |
|
|
Medical record
|
Certification Center: HCISPP Day1 |
7 |
|
|
Part 2 - United States Patent Office - 01/12/2009
|
Patent Office: Incident Response, Memory Forensics, Network Forensics |
100 |
|
|
Unsafe Items
|
Training Center: T-ATP |
15 |
|
|
FMEA
|
Awareness Center: Healthcare! Acronyms! |
3 |
|
|
FHIR
|
Awareness Center: Healthcare! Acronyms! |
3 |
|
|
DiME
|
Awareness Center: Healthcare! Acronyms! |
3 |
|
|
DICOM
|
Awareness Center: Healthcare! Acronyms! |
3 |
|
|
HIMSS
|
Awareness Center: Healthcare! Acronyms! |
3 |
|
|
MDS2
|
Awareness Center: Healthcare! Acronyms! |
5 |
|
|
IMDRF
|
Awareness Center : Healthcare! Acronyms! |
5 |
|
|
EHR
|
Awareness Center : Healthcare! Acronyms! |
5 |
|
|
HDO
|
Awareness Center: Healthcare! Acronyms! |
3 |
|
|
HL7
|
Awareness Center: Healthcare! Acronyms! |
3 |
|
|
HIPAA
|
Awareness Center: Healthcare! Acronyms! |
3 |
|
|
Part 1 - United States Patent Office - 16/11/2009 - Command Prompt
|
Patent Office: Incident Response, Memory Forensics, Network Forensics |
100 |
|
|
Stage 2
|
Ransomware |
50 |
|
|
STRIDE
|
Awareness Center: Acronyms! Acronyms! Acronyms! |
3 |
|
|
PHI
|
Awareness Center : Healthcare! Acronyms! |
5 |
|
|
INCLUDES NO DIRT
|
Awareness Center: Healthcare! Acronyms! |
6 |
|
|
What is WHO?
|
Awareness Center : Healthcare! Acronyms! |
5 |
|
|
Part 1 - United States Patent Office - 16/11/2009
|
Patent Office: Incident Response, Memory Forensics, Network Forensics |
100 |
|
|
RSS-MD Difference
|
Awareness Center: Risk "Management" |
5 |
|
|
RSS-MD 2-Factor
|
Awareness Center: Risk "Management" |
5 |
|
|
SBOM
|
Awareness Center: Cyber! Acronyms! |
3 |
|
|
Object Diving
|
Technical Training Center: T-ATP |
100 |
|
|
Medical Overflow
|
Technical Training Center: T-ATP |
100 |
|
|
Format String Symphony
|
Technical Training Center: T-ATP |
100 |
|
|
A Whole Lotta Strings
|
Technical Training Center: T-ATP |
50 |
|
|
Metadata Everywhere!
|
Technical Training Center: T-ATP |
30 |
|
|
Traffic At The Hospital: Pt. 2
|
Technical Training Center: T-ATP |
25 |
|
|
Traffic At The Hospital: Pt. 1
|
Technical Training Center: T-ATP |
25 |
|
|
Blank Space
|
Technical Training Center: T-ATP |
20 |
|
|
Tampered Data
|
Technical Training Center: T-ATP |
10 |
|
|
All The Jars
|
Technical Training Center: T-ATP |
10 |
|
|
CGM
|
Awareness Center: Healthcare! Acronyms! |
3 |
|
|
CDRH
|
Awareness Center: Healthcare! Acronyms! |
3 |
|
|
PACS
|
Awareness Center: Healthcare! Acronyms! |
3 |
|
|
MDM
|
Awareness Center: Acronyms! Acronyms! Acronyms! |
3 |
|
|
Ciphers Galore
|
Technical Training Center: T-ATP |
20 |
|
|
Privacy situation
|
Certification Center: HCISPP Day1 |
6 |
|
|
Stage 1
|
Ransomware |
30 |
|
|
SicGRL
|
Awareness Center: Cyber! Acronyms! |
3 |
|
|
RSS-MD
|
Awareness Center: Cyber! Acronyms! |
3 |
|
|
GDPR
|
Awareness Center: Cyber! Acronyms! |
3 |
|
|
CVSS
|
Awareness Center: Cyber! Acronyms! |
3 |
|
|
BSIMM
|
Awareness Center : Acronyms! Acronyms! Acronyms! |
5 |
|
|
NFC
|
Awareness Center: Acronyms! Acronyms! Acronyms! |
3 |
|
|
JSP
|
Awareness Center: Acronyms! Acronyms! Acronyms! |
3 |
|
|
ISO/IEC
|
Awareness Center: Acronyms! Acronyms! Acronyms! |
3 |
|
|
ICS-CERT
|
Awareness Center: Acronyms! Acronyms! Acronyms! |
3 |
|
|
H-ISAC
|
Awareness Center: Acronyms! Acronyms! Acronyms! |
3 |
|
|
BLE
|
Awareness Center: Acronyms! Acronyms! Acronyms! |
3 |
|
|
Power Trace Side Channel Attack
|
Embedded Device |
200 |
|
|
Indicator of compromise
|
Ransomware |
20 |
|
|
Tracing the malicious actor
|
Ransomware |
30 |
|
|
Target on your back
|
Ransomware |
20 |
|
|
Ransom note part II
|
Ransomware |
20 |
|
|
Which agreement?
|
Certification Center: HCISPP Day1 |
10 |
|
|
FDA
|
Awareness Center: Acronyms! Acronyms! Acronyms! |
3 |
|
|
HHS
|
Awareness Center: Acronyms! Acronyms! Acronyms! |
3 |
|
|
Ransom note
|
Ransomware |
15 |
|
|
Shady Place
|
Awareness Center : Security 101 |
5 |
|
|
Email Deception
|
Awareness Center : Security 101 |
5 |
|
|
DFIR
|
Awareness Center : Security 101 |
5 |
|
|
AAMI
|
Awareness Center: Acronyms! Acronyms! Acronyms! |
3 |
|
|
The future is here!
|
St. Elvis Digital Twin |
200 |
|
|
Primanoculation
|
Host Access |
40 |
|
|
WireGuard Filetype
|
Host Access |
10 |
|
|
WireGuard Endpoint
|
Host Access |
10 |
|
|
Verify me
|
Orientation |
5 |
|
|
Discord Communications
|
Orientation |
20 |
|
|
Simple Service Access - port 80
|
Orientation |
20 |
|
|
Simple Service Access - port 40
|
Orientation |
20 |
|
|
Email Communications
|
Orientation |
10 |
|
|
CTFd - Profile
|
Orientation |
5 |
|
|
CTFd - Scoreboard
|
Orientation |
5 |
|
|
CTFd - Teams
|
Orientation |
5 |
|
|
CTFd - File Download
|
Orientation |
5 |
|
|
CTFd - First!
|
Orientation |
5 |
|
