In-brief: Despite the benefits of the DevOps paradigm and application virtualization in software products’ lifecycle, security professionals believe that in combination with cloud computing the two methods increase the complexity of the corporate network, making it more difficult to defend, the cyber security assurance report from Tenable Network Security outlines.
Researchers from universities in Belgium and the UK have published research showing that a wide range of implantable medical devices, including implantable defibrillators are still vulnerable to wireless snooping and denial of service attacks. The research, which mimicked the work of a naive (or “weak”) adversary, found that few security protections have been added to such devices, years after researchers first demonstrated that they are vulnerable to wireless attacks and other manipulation. The discoveries apply to at least 10 types of implantable cardiac defibrillators (ICDs) that are currently on the market, though the devices and manufacturers are not named. The researchers, from Katholieke Universiteit te Leuven in Belgium (KU Leuven) and the University of Birmingham in the United Kingdom echoes the claims made by the firm MedSec earlier this year, which warned of security holes in ICD devices made by St. Jude in August. That research was the foundation of a call […]
In-brief: In our latest Security Ledger podcast, we talk with Luma founder and CEO Paul Judge, a serial entrepreneur (Ciphertrust, Purewire, Pindrop) whose latest venture seeks to bring enterprise-quality wireless to the home market, improving both security and management along the way.
In-brief: Cisco Systems has patched a serious security hole in its Prime Home, a network management tool that it markets as a way for service providers to manage “Internet of Things” devices in connected (“smart”) homes.
In-brief: Cisco’s Marc Blackmer discusses a proposal before the IETF that would create a Manufacturers Usage Description (MUD) standard by which device makers and their customers to specify the kinds of activities and communications are allowed for Internet of Things devices.
