In-brief: The FDA as approved a software update to software security holes in pacemakers made by Abbott. But doctors and patients will have to weigh the risks of apply the patch.
In-brief: Colleges in the U.S. give away personally identifying data on millions of students each year as unregulated “directory information.” Job 1 when arriving on campus: opting out and protecting your data.
Podcast: Play in new window | Download (31.9MB)Subscribe: Apple Podcasts | Android | Email | Google Podcasts | Stitcher | TuneIn | RSS | https://www.securityledger.com/subscribeIn-brief: Colleges and universities collect reams of student data – including personally identifying information- as part of their student “directory” files. They then distribute it to – basically – whomever asks. In this podcast, we talk with researcher Leah Figueroa who has researched the issue. Also: where are all those Devil’s Ivy attacks? And: companies are desperate for tools and talent to beat back sophisticated threats. Is artificial intelligence the answer? We talk with Endgame about the results of a new survey.
In-brief: FedEx said its TNT subsidiary was still relying on manual processes more than a week after it was ravaged by the Petya wiper malware. The attack will materially impact the company’s financial performance in 2018, FedEx said in a filing with the SEC.
In-brief: more than three years after it was first discovered, the Heartbleed vulnerability in OpenSSL continues to plague organizations worldwide. Why has it been so hard to fix? In this Industry Perspective, Patrick Carey of the firm Black Duck talks about some of the complicating factors that make vulnerabilities like Heartbleed so hard to eradicate.