DEFCON

Digital Revolution in Healthcare Infographic

FDA Issues Guidance on Security of Medical Devices

The U.S. Food and Drug Administration (FDA) issued final guidance on Wednesday that are designed to strengthen the safety of medical devices. The FDA called on medical device manufacturers to consider cyber security risks as part of the design and development of devices. The document, “Content of Premarket Submissions for Management of Cybersecurity in Medical Devices,” asks device makers to submit documentation to the FDA about any “risks identified and controls in place to mitigate those risks” in medical devices. The guidance also recommends that manufacturers submit documentation of plans for patching and updating the operating systems and medical software that devices run. The document, which will be released on Thursday, does not contain specific requirements. Rather, it describes the kinds of things that medical device manufacturers should consider when preparing pre-market submissions for medical devices in areas such as information confidentiality, integrity, and availability, the FDA said. The release of the document follows the […]

Continue Reading

Compromised Website Used In Attack On SoHo Routers

The folks over at the web security shop Sucuri have an interesting post today that warns of a web-based attack launched from the site of a popular Brazilian newspaper that is targeting home broadband routers. According to Sucuri, researchers investigating a breach at the web site politica . estadao . com . br uncovered evidence that the hackers were using iframe attacks to try to change the DNS configuration on the victim’s DSL router, first by trying a brute force attack on the router’s default credentials. According to Sucuri, the payload was trying to crack default accounts like admin, root, gvt and other common usernames and a variety of known-default router passwords. Small office and home office (or SoHo) broadband routers are an increasingly common target for cyber criminals because many (most?) are loosely managed and often deployed with default administrator credentials. [Read Security Ledger coverage of home router hacks here.] In March, the firm Team Cymru published a report describing a widespread compromise of […]

Continue Reading

Exploding Gas Tanks: Risk, Liability and Internet of Things

We like to construct Hollywood friendly plots around a lot of the seminal moments in our collective history. For Civil Rights, we like to picture the integration of Little Rock High School, Rosa Parks’ courageous protest on a Montgomery bus or the March on Washington. For environmentalism, we talk about Rachel Carson’s Silent Spring or, maybe, the burning Cuyahoga River in Cleveland. (This vintage news footage of the 1969 fire calls it the fire that “sparked the environmental movement” without any apparent irony.) For automobile safety, we imagine Ralph Nader and the image of a 1972 crash test that shows the gas tank of the Ford Pinto exploding in a rear impact collision, engulfing both cars in flames. But those memories are often way oversimplified. Little Rock and the Montgomery bus boycott were just two battles in a fight for civil rights that went back to the end of the Civil War. Likewise, the Cuyahoga […]

Continue Reading

Tesla Looks to Build Out Internal Hacking Team| Car and Driver Blog

Car and Driver has an interesting news item today on Tesla’s continuing efforts to build an internal team of software hackers to shore up the security of its connected cars.   C&D reports that Tesla is looking to hire up to 30 full-time employees from the hacking community, and used the recent DEFCON hacking conference in Las Vegas to recruit talented software hackers, reverse engineers and the assorted polymaths who attend. Tesla gave out tokens that could be exchanged for a tour of the Tesla factory at the show. “Our security team is focused on advancing technology to secure connected cars, setting new standards for security, and creating new capabilities for connected cars that don’t currently exist in the automotive industry,” Tesla spokeswoman Liz Jarvis-Shean told C&D. California-based Tesla has already been making the rounds of security conferences. It also made headlines for hiring Kristin Paget, a well-respected hardware hacker […]

Continue Reading
John McAfee addresses the crowd at DEFCON 22

McAfee sideshow eclipses Defcon’s real security breakthroughs | Security – InfoWorld

The onetime technology wunderkind, who left a job working for Lockheed to turn his curiosity about computer viruses into a thriving, global corporation showed up at two Las Vegas hacker cons last week: B-Sides Las Vegas and DEFCON. He offered some off-the-cuff rebukes to firms like Google. He also rambled long and hard about the dark forces that pursue him: the U.S. government, the government of Belize, Central American drug cartels and script kiddies desperate for his (virtual) scalp. Everywhere he goes, people take his picture. Who are they working for? The phones and computers he buys are bugged. His movements are being tracked. Those in attendance were admonished to beware of government snooping — especially via mobile applications. “Without privacy there is no freedom,” McAfee intoned.   Listening to McAfee rant, it’s easy to forget there were plenty of folks walking the halls of Defcon, Black Hat, and B-Sides […]

Continue Reading
1 4 5 6 7 8 9