Tag: medical devices

Firmware used by BLU smart phones was observed transmitting sensitive data to a firm in China.

Experts Propose Standard for IoT Firmware Updates

Bleeping Computer reported that a new proposal submitted to the Internet Engineering Task Force (IETF) defines a secure framework for delivering firmware updates to Internet of Things (IoT) devices. Insecure software updates for embedded devices (aka ‘firmware’) have been a frequent source of security lapses on mobile and embedded devices like Internet connected webcams. Filed on October 30, the “IoT Firmware Update Architecture,” establishes security requirements for device makers to implement when designing firmware update mechanisms for connected devices. A familiar list of features The proposed rules include features that have long been recommended by security experts to permit safe handling of software updates. Among them the use of cryptographically signed updates and public key cryptography to provide end-to-end security and verify firmware images, as well as the ability to work with low-power and resource constrained IoT devices. Firmware has been the source of widespread security issues. For example, low-cost […]

Pharmaceutical giant Merck said on Friday that the NotPetya malware outbreak in June halted production and left it short of doses of Gardasil, a critical vaccine to prevent HPV. (Image courtesy of Merck.)

NotPetya Infection Left Merck Short of Key HPV Vaccine

The NotPetya malware infection shut down pharmaceutical giant Merck’s production of the pediatric vaccine GARDASIL last June, forcing the company to borrow the drug from a stockpile maintained by the U.S. Centers for Disease Control and Prevention to meet demand.

The FDA approved a patch for implantable devices made by Abbott/St. Jude Medical, more than a year after serious security holes were first reported.

A Year Later: FDA approves Software Fix for Security Flaws in Pacemakers

In-brief: The FDA as approved a software update to software security holes in pacemakers made by Abbott. But doctors and patients will have to weigh the risks of apply the patch. 

Five states have introduced right to repair laws that will give consumers and independent repair shops access to information needed to service popular electronics like Apple's iPhone.

Massachusetts on Front Lines (Again) in Battle for Right to Repair

In-brief: After legislation in five states stalled in the Spring, states like Massachusetts will be on the front line of renewed efforts to pass pro-consumer laws that create a “right to repair” for cell phones, medical devices and other software-driven products. At stake could be the right of consumers to control Internet of Things devices they purchase for use in their home, on their person or in their business.

Podcast: Michael Daniel on Cyber Diplomacy in the Age of Trump

Podcast: Michael Daniel on Cyber Diplomacy in the Age of Trump

In-brief: In an interview with The Security Ledger, former Obama Cybersecurity Advisor Michael Daniel weighs in on the changing US-Israel relationship, promoting cyber security talent in the U.S. and the future of the intelligence community’s ‘vulnerability equities’ program.