medical devices – Page 2 – WindowsTechs.com

Forescout acquires medical IoT security company CyberMDX

Posted on February 1, 2022 by Joe Warminsky

Silicon Valley cybersecurity company Forescout Technologies said Tuesday that it is acquiring CyberMDX, a medical-device security company known for its research into potential cyberthreats against health care technology. CyberMDX is a natural fit for Forescout, which focuses on securing connected devices and operational technology (OT) for large organizations — including what the industry calls the Internet of Medical Things (IoMT). Terms of the deal were not disclosed. “Cybersecurity for IoMT, much like cybersecurity for OT devices, requires specific expertise and technologies,” Forescout CEO Wael Mohamed said. “We are pleased to have the CyberMDX team join Forescout as we continue delivering new capabilities on our market-leading platform and grow our R&D center.” Research by CyberMDX has been responsible for shedding light on critical vulnerabilities in widely used medical imaging devices, patient monitors, anesthesia machines and infusion pumps. Forescout’s platform specializes in “device intelligence and network fabric technology,” or finding and classifying […]

The post Forescout acquires medical IoT security company CyberMDX appeared first on CyberScoop.

Continue reading Forescout acquires medical IoT security company CyberMDX→

53% of medical devices have a known critical vulnerability

Posted on January 25, 2022 by Help Net Security

After a year of unprecedented ransomware attacks on hospitals and healthcare systems – and with healthcare now the #1 target for cybercriminals – critical medical device risks in hospital environments continue to leave hospitals and their patients vuln… Continue reading 53% of medical devices have a known critical vulnerability→

Finding the right mix: Leveraging policy and incentives to improve healthcare cybersecurity

Posted on October 7, 2021 by Help Net Security

When businesses are hit by a cyberattack, it can mean a disruption in operations, lost revenue and customer dissatisfaction because their personal information is exposed. But for the healthcare sector, the impact is far greater; cyberattacks can be a m… Continue reading Finding the right mix: Leveraging policy and incentives to improve healthcare cybersecurity→

Researchers show how to tamper with medication in popular infusion pumps using software flaws

Posted on August 24, 2021 by Sean Lyngaas

McAfee security researchers on Tuesday said they had found multiple vulnerabilities in infusion pump software that, under certain conditions, a skilled hacker could use to alter a patient’s medication dose to a potentially unsafe level. The vulnerabilities are in equipment made by multinational vendor B. Braun that are used in pediatric and adult health care facilities in the United States. While there are no reports of malicious exploitation of the flaws, the research illustrates the challenge of securing devices conceived decades ago from 21st-century digital threats. The findings come as the health care sector reckons with a series of ransomware attacks that hit aging hospital computer networks during the pandemic. Medical devices “remain vulnerable to legacy issues that have persisted for many years and have exceptionally slow update or upgrade cycles,” said Steve Povolny, who heads the Advanced Threat Research team at McAfee. In a statement, B. Braun said the […]

The post Researchers show how to tamper with medication in popular infusion pumps using software flaws appeared first on CyberScoop.

Continue reading Researchers show how to tamper with medication in popular infusion pumps using software flaws→

BlackBerry’s popular operating system for medical devices affected by critical vulnerabilities, drawing fed warnings

Posted on August 17, 2021 by Sean Lyngaas

A critical set of software flaws first revealed in April also affects code made by BlackBerry that is used in countless devices in the medical, automotive and energy sectors, the technology vendor confirmed on Tuesday. A hacker who exploits the so-called BadAlloc software vulnerabilities, which Microsoft researchers uncovered, could cause devices running the software to crash. In BlackBerry’s case, the attacker would need to first gain access to a targeted network and then go after devices that are exposed to the internet. The affected software is BlackBerry’s QNX Real-Time Operating System, a suite of software that manages data across a network. It’s unclear just how many devices are running the affected BlackBerry software. The firm said last year that its QNX software was embedded in more than 175 million cars alone. A BlackBerry spokesperson did not immediately respond to a request for comment. “These vulnerabilities may introduce risks for certain […]

The post BlackBerry’s popular operating system for medical devices affected by critical vulnerabilities, drawing fed warnings appeared first on CyberScoop.

Continue reading BlackBerry’s popular operating system for medical devices affected by critical vulnerabilities, drawing fed warnings→

Hospitals still not protected from dangerous vulnerabilities

Posted on August 13, 2021 by Help Net Security

Ipsos conducted a research which examines attitudes, concerns, and impacts on medical device security as well as cybersecurity across large and midsize healthcare delivery organizations. Insights include how they correlate and diverge. Healthcare is on… Continue reading Hospitals still not protected from dangerous vulnerabilities→

Connected devices increasingly at risk as new ransomware attacks are reported almost daily

Posted on August 12, 2021 by Help Net Security

Ordr released a report on the state of connected devices. The 2021 study addresses pandemic-related cybersecurity challenges, including the growth of connected devices and related increase of security risks from these devices as threat actors took adva… Continue reading Connected devices increasingly at risk as new ransomware attacks are reported almost daily→

Fujifilm shuts down computer systems following apparent ransomware intrusion

Posted on June 3, 2021 by Sean Lyngaas

Fujifilm Corp. has shut down part of its computer network and “disconnected from external correspondence” in the face of a possible ransomware attack, the Japanese electronics giant said Wednesday. In a brief statement, Fujifilm said that it became aware of the security issue late Tuesday and that it has “taken measures to suspend all affected systems in coordination with our various global entities.” The company said it was still “working to determine the extent and the scale of the issue.” Fujifilm is just the latest multinational company to be hamstrung by ransomware. JBS, the world’s largest beef producer, had to temporarily shut down facilities in Colorado, Canada and Australia following a ransomware hack. Perhaps best known for its photography equipment, Fujifilm also makes a range of medical products such as CT Scan and Xray devices. The company reported more than $20 billion in revenue last year and has offices around […]

The post Fujifilm shuts down computer systems following apparent ransomware intrusion appeared first on CyberScoop.

Continue reading Fujifilm shuts down computer systems following apparent ransomware intrusion→

Cybersecurity, emerging technology and systemic risk: What it means for the medical device industry?

Posted on May 21, 2021 by Help Net Security

In late 2020, the World Economic Forum stated that “the approach to cybersecurity needs to be overhauled before the industry finds itself in any fit state to tackle the threat.” The WEF singled out five global cybersecurity challenges: 1. Increasing so… Continue reading Cybersecurity, emerging technology and systemic risk: What it means for the medical device industry?→

Researchers find two dozen bugs in software used in medical and industrial devices

Posted on April 29, 2021 by Sean Lyngaas

Microsoft researchers have discovered some two dozen vulnerabilities in software that is embedded in popular medical and industrial devices that an attacker could use to breach those devices, and in some cases cause them to crash. The so-called “BadAlloc” vulnerabilities the researchers revealed on Thursday are in code that makes its way into infusion pumps, industrial robots, smart TVs and wearable devices. No less than 25 products made by the likes of Google Cloud, Samsung and Texas Instruments are affected. The research serves as a critique of the coding practices of the designers of billions of so-called “internet of things” devices that are a feature of modern life. There’s no evidence that the vulnerabilities have been exploited, according to Microsoft. But the Department of Homeland Security’s cybersecurity agency issued an advisory urging organizations to update their software. It’s unclear just how many devices are affected by the software bugs, but […]

The post Researchers find two dozen bugs in software used in medical and industrial devices appeared first on CyberScoop.

Continue reading Researchers find two dozen bugs in software used in medical and industrial devices→