How does a flaw potentially affecting the integrity of printer management application get a “critical” severity rating and one affecting the integrity and operation of anesthesia machines get a “moderate” severity rating? It has to do with our evolving and still immature system of rating (and therefore thinking about) cyber risk.
In this week’s podcast episode (#153): The researcher who discovered serious remote access security flaws in anesthesia machines by GE says such security holes are common. Also: the US Conference of Mayors voted unanimously to swear off paying ransoms for cyber attacks. But is that a smart idea? We’re joined by Andrew Dolan of the Multi State Information Sharing and Analysis Center to talk about it.
GE learned of a serious vulnerability affecting two brands of anesthesia machines in October. The company on Tuesday advised customers to take steps to protect them from being remotely tampered with.
In this week’s episode, #150: Microsoft cloud evangelist Tanya Janca joins us to talk about securing Azure and the challenges of pushing security left. Also: we continue our series on life after passwords as we speak with Nick Buchanan, CTO of Armor Scientific joins us to talk about the imminent demise of the password and what might replace it.
The flaw known as BlueKeep could be as dangerous as EternalBlue, the basis of recent malware like WannaCry, according to a report by BitSight.
