Urgent11 flaws affect more medical, industrial devices than previously thought
When, in late July, Armis researchers revealed the existence of the so-called Urgent11 vulnerabilities in Wind River’s VxWorks real-time operating system, they noted …
medical devices
How to reduce the attack surface associated with medical devices
As the number of connected medical devices continues to rise, so does healthcare organizations’ attack surface. “Most medical devices available in the healthcare system today …
200 million enterprise, industrial, and medical devices affected by RCE flaws in VxWorks RTOS
Armis researchers have discovered 11 vulnerabilities (including 6 critical RCE flaws) in Wind River VxWorks, a real-time operating system used by more than two billion devices …
Healthcare’s blind spot: Unmanaged IoT and medical devices
From imaging to monitoring systems, infusion pumps to therapeutic lasers and life support machines, medical devices are used to improve and streamline patient care. Many of …
Vulnerable GE anesthesia machines can be manipulated by attackers
A vulnerability affecting several anesthesia and respiratory devices manufactured by General Electric (GE) Healthcare could allow attackers to manipulate the devices’ …
Medtronic recalls vulnerable MiniMed insulin pumps
Medtronic, the world’s largest medical device company, has issued a recall of some of its insulin pumps because they can be tampered with by attackers. About the …
Vulnerabilities allow attackers to take over infusion pumps
Two vulnerabilities in Windows CE-powered Alaris Gateway Workstations (AWGs), which provide support for widely used infusion pumps, could allow remote attackers to disable the …
Hacking healthcare: A call for infosec researchers to probe biomedical devices
It is a brave new connected world out there and there is no shortage of cybersecurity risks associated with everything we do. We can’t even be sure that the technologies …
Old “Misfortune Cookie” flaw opens medical gateway and devices to attack
A vulnerability in Qualcomm Life Capsule Datacaptor Terminal Server (DTS) can be easily exploited to allow attackers to execute unauthorized code to obtain administrator-level …
Securing healthcare organizations: The challenges CISOs face
Healthcare organizations are ideal targets for criminals looking to steal personal and other sensitive information, as the industry is lagging behind when it comes to …
FDA plans to improve medical device cybersecurity
The US Food and Drug Administration (FDA) plans to tackle security issues related to medical devices and has released a plan of action it means to implement in the near …
Syringe infusion pumps can be fiddled with by remote attackers
A syringe infusion pump used in acute care settings sports eight vulnerabilities, some of which could be exploited by remote attackers to impact the intended operation of the …