MedSec

A Year Later: FDA approves Software Fix for Security Flaws in Pacemakers

In-brief: The FDA as approved a software update to software security holes in pacemakers made by Abbott. But doctors and patients will have to weigh the risks of apply the patch. 

Update: FDA says St. Jude Medical knew about Device Flaws 2 Years Before Muddy Waters Report

In-brief: In a damning report, the FDA said that St. Jude Medical* knew about serious security flaws in its implantable medical devices as early as 2014, but failed to address them with software updates or other mitigations, or by replacing those devices. (Editor’s note: updated to include a statement from Abbott and comment from Dr. Kevin Fu. – PFR April 14, 2017)

Talos Kegerator

At Industrial Control Security Con: Will hack IoT for Beer

In-brief: Cisco’s Marc Blackmer reports from the S4 Conference in Miami – one of the top gatherings of industrial control system security experts. Among the attractions this year: Justine Bone of the firm Medsec, the psychology of malicious insiders and a hackable “kegerator.”

St. Jude Patches Hole that allowed Medical Device Hacks

In-brief: St. Jude Medical said on Monday that it patched a serious hole in a product used to program implantable medical devices like defibrillators. But researchers and a Wall Street investment firm say the company still has more holes to close. 

Short Sheet: Researchers Raise Doubts on St. Jude Device Hack

In-brief: The battle of words over the security of devices by St. Jude Medical continued on Tuesday, as researchers from University of Michigan raised questions about claims that security researchers had actually “crashed” implantable pace makers.