In-brief: In what may be a first, the Food and Drug Administration (FDA) issued a Safety Communication regarding vulnerabilities in a drug infusion pump by the firm Hospira.
Tag: critical infrastructure
Third World Problem: Bot Herders Target Home Routers In Developing Nations
In-brief: A new global botnet is built on lightly secured home broadband routers in developing nations, according to a report from the firm Incapsula.
DEFCON To Host IoT Hacking Village
The Internet of Things has arrived – at least insofar as the hacker underground is concerned. The IoT is getting its own Village at DefCon. Sure, it’s been easy enough to see for a while that hacking “stuff” was what all the cool kids were doing, whether you were talking about Barnaby Jack’s “Jackpotting ATMs” presentation or the research on telematics systems by folks like Charlie Miller and Chris Valasek. But the creation of a dedicated “IoT Village” at the show, alongside staples like the Lockpick Village, the Wireless Village and the Packet Hacking Village (aka “The Wall of Sheep”) establishes Internet of Things hacking as a major new “vertical” within the diverse and fast-evolving hacking subculture. [Read more Security Ledger coverage of hacking the Internet of Things.] Villages are dedicated areas of the DEFCON conference where attendees can converge to view demonstrations and take part in hands on lessons […]
Researcher: Drug Pump the ‘Least Secure IP Device I’ve Ever Seen’
In-brief: A researcher studying the workings of a wireless-enabled drug infusion pump by the firm Hospira said the device utterly lacked security controls, making it “the least secure IP enabled device” he had ever worked with. His research prompted a warning from the Department of Homeland Security.
Amid Rampant Data Theft, Consumers left Breached and Burned Out
In-brief: According to data from Experian, fewer than one in ten consumers who have had personal information exposed in a major data breach take advantage of credit monitoring services offered by the company responsible for the breach – evidence of what the company says is data breach fatigue.
