Search Results for "medical devices"

Episode 70: securing medical devices, OWASP Top 10 controversy and BlackDuck CEO Lou Shipley

Podcast: Play in new window | Download (Duration: 47:28 — 108.6MB) | EmbedSubscribe: Android | Email | Google Podcasts | RSSIn this, our 70th episode of The Security Ledger podcast, we speak withXu Zou of the Internet of Things security startup Zingbox about the challenges of securing medical devices and clinical networks from cyber attack. Also: we take a look at the turmoil that has erupted around the OWASP Top 10, a list of common application security foibles. And finally: open source management vendor Black Duck Software announced that it was being acquired for more than half a billion dollars. We sit down with Black Duck CEO Lou Shipley to talk about the software supply chain and to hear what’s next for his company.

Update: WHISTL Labs will be Cyber Range for Medical Devices

In-brief:  A global federation of labs will test the security of medical devices, according to an announcement on Monday by a consortium of healthcare industry firms, universities and technology firms. (Updated with comments from Dr. Nordenberg. PFR 7/25/2017)

More Warnings on Security in Implantable Medical Devices

Researchers from universities in Belgium and the UK have published research showing that a wide range of implantable medical devices, including implantable defibrillators are still vulnerable to wireless snooping and denial of service attacks. The research, which mimicked the work of a naive (or “weak”) adversary, found that few security protections have been added to such devices, years after researchers first demonstrated that they are vulnerable to wireless attacks and other manipulation.  The discoveries apply to at least 10 types of implantable cardiac defibrillators (ICDs) that are currently on the market, though the devices and manufacturers are not named. The researchers, from Katholieke Universiteit te Leuven in Belgium (KU Leuven) and the University of Birmingham in the United Kingdom echoes the claims made by the firm MedSec earlier this year, which warned of security holes in ICD devices made by St. Jude in August. That research was the foundation of a call […]

Report: Feds Mull Bug Bounty Contest for Medical Devices

In-brief: Following the success of the Hack the Pentagon bug bounty program, officials at the U.S. Department of Health and Human Services are considering launching a similar program aimed at medical devices and other healthcare systems. 

NSA Looking to Exploit Internet of Things, Biomedical Devices

In-brief: The National Security Agency is looking into how devices connected to the Internet of Things – including biomedical devices- might be used for surveillance, according to NSA Deputy Director Richard Ledgett.