Collaborate Disseminate
The FDA sent out an urgent advisory warning of serious flaws in Medtronic’s insulin pumps, which are used by thousands across the U.S. Continue reading FDA Warns of Potentially Fatal Flaws in Medtronic Insulin Pumps
A vulnerability in an insulin pump made by medical device vendor Medtronic could allow a hacker to change the pump’s settings and control the delivery of the hormone, the Food and Drug Administration warned Thursday. After security researchers demonstrated how an attacker could abuse a radio frequency protocol, which the pump uses to communicate with other devices, to inject and intercept data, the FDA told patients to switch to pump models with better cybersecurity protections. The advisory is the latest example of a health care company struggling to secure medical technology, which often is expensive and difficult to replace. Norman “Ned” Sharpless, acting head of the FDA, said the agency wasn’t aware of any patient harm stemming from the software vulnerability. While we are not aware of any patients who may have been harmed by this particular cybersecurity vulnerability, the risk of patient harm if such a vulnerability were left unaddressed is significant. — […]
The post FDA urges patients to ditch vulnerable insulin pumps built by Medtronic appeared first on CyberScoop.
Continue reading FDA urges patients to ditch vulnerable insulin pumps built by Medtronic
A new safety alert, issued by the Food and Drug Administration (FDA), is recommending extra precautions for those medical and scientific professionals using fecal microbiota transplants (FMT) after revealing one person recently died due to a … Continue reading FDA issues safety alert for fecal transplants after reported death
A new gene therapy treatment for pediatric patients with spinal muscular atrophy (SMA) has been approved by the U.S. Food and Drug Administration. The single dose treatment, designed to correct a gene mutation causing the rare disease, has be… Continue reading One-off gene therapy treatment for rare infant disease set to cost over $2 million
The Department of Homeland Security has issued an advisory warning that a vulnerability in Medtronic heart defibrillators could allow hackers to change the settings in a medical device from within radio range. The flaw, designated CVE-2019-6538, has been assigned a 9.3 severity out of a possible 10, according to the Cybersecurity and Infrastructure Security Agency advisory issued Thursday. The Food and Drug Administration in its own safety communication said it has “confirmed that these vulnerabilities, if exploited, could allow an unauthorized individual (for example, someone other than the patient’s physician) to access and potentially manipulate an implantable home device, home monitor, or clinic programmer.” The issue involves Conexus, Medtronic’s radio-frequency protocol that’s used for communication between medical technology such as defibrillators, home monitoring devices and other clinician programming tools. Conexus connections fail to implement any kind of authentication or authorization, according to DHS. That means that, in situations where a product’s radio […]
The post Security flaw in Medtronic heart defibrillators is serious, DHS says, but don’t panic appeared first on CyberScoop.
The Agriculture Improvement Act of 2018 is a breath of fresh air for hemp farmers and may pave the way for the rescheduling of CBD. Continue reading The US Just Legalized Hemp, Which Is a Key Source of CBD
When facing a determined adversary, it’s one thing to be confident, it’s quite another to be overconfident. But that’s what a new survey of healthcare IT professionals and biomedical engineers found: an overabundance of confidence whe… Continue reading Healthcare survey finds abundance of medical device security overconfidence
Fear of AI attacks, the FDA releases cybersecurity guidance, watch hackers steal a Tesla, serious D-Link router security flaw may never be patched, and California addresses default passwords! All that and more, on this episode of Paul’s Security … Continue reading AI Fear, FDA, Tesla, and D-Link – Paul’s Security Weekly #580
The Food and Drug Administration has issued a cybersecurity advisory for two pieces of hardware that link to cardiac devices like pacemakers and defibrillators, citing a vulnerability that could allow unauthorized access to the programmers. The FDA said it confirmed that when the two models of programmers, which are made by Minneapolis-based Medtronic, have an internet connection, unauthorized users could exploit the vendor’s network to change the programmers’ functionality. “While we are not aware of patients who may have been harmed by this particular cyber vulnerability, the risk to patient harm of leaving such a vulnerability unaddressed is too great,” Suzanne Schwartz, a top cybersecurity official at the FDA, said Thursday in a statement. In response to the security and safety concerns, Medtronic said it disabled the internet-connected software updates for the programmers and that, as of Thursday, a company representative would manually and securely update all of the affected programmers. The […]
The post FDA warns users of cyber vulnerabilities in pacemaker programmers appeared first on Cyberscoop.
Continue reading FDA warns users of cyber vulnerabilities in pacemaker programmers
A new study out of Johns Hopkins University seeks to reclassify psilocybin mushrooms since they have low potential for abuse and few risks of dependence. Continue reading Researchers Want Doctors to Be Able to Prescribe Magic Mushrooms for Depression