DataBreaches
FDA finalizes advice on cybersecurity info to include in device submissions
Jodi K. Scott, Lina Kontos, Randy Prebula, and Alex Smith of Hogan Lovells write: The U.S. Food and Drug Administration (FDA) has finalized its guidance on...
DataBreaches
FDA requires medical devices be secured against cyberattacks
Jennifer Korn reports: The Food and Drug Administration will now require medical devices meet specific cybersecurity guidelines after years of concerns that a...
The Record
FDA pushing for medical device cybersecurity funding, regulations
The Food and Drug Administration is pushing for Congress to provide more funding and support to address the cybersecurity of medical devices.
Infosecurity News
FDA Protects Medical Devices Against Cyber-Threats With New Measures
New medical devices applications should
Bleeping Computer
CISA warns of critical bugs in Illumina DNA sequencing systems
The U.S. Cybersecurity Infrastructure Security Agency (CISA) and the FDA have issued an urgent alert about two vulnerabilities that impact Illumina's Universal Copy Service (UCS), used for DNA sequencing in medical facilities and labs worldwide.
Bleeping Computer
FBI warns that BEC attacks now also target food shipments
Organizations in the food sector are now also targeted in business email compromise (BEC) attacks, according to a joint advisory issued by the FBI, the Food and Drug Administration Office of Criminal Investigations (FDA OCI), and the U.S. Department of Agriculture (USDA).
Security Affairs
US Gov warns of BEC attacks to hijack shipments of food products
US government is warning of business email compromise (BEC) attacks aimed at hijacking shipments of food products and ingredients. The Federal Bureau of Investigation (FBI), the Food and Drug Administration Office of Criminal Investigations (FDA OCI), and the US Department of Agriculture (USDA) have published a joint security advisory to warn of business email compromise […]
DataBreaches
Medical Device Cybersecurity: Agencies Need to Update Agreement to Ensure Effective Coordination — GAO
GAO-24-106683 Published: Dec 21, 2023. Publicly Released: Dec 21, 2023. Highlights: What GAO Found According to the Department of Health and Human Services...
CyberNews
Apple iOS app causes injury to over 200 people
An iOS app designed to help manage diabetes has caused harm to over 220 people due to a defect in the application.
Infosecurity News
#mWISE: US to Implement Game-Changing Cyber Mandates on Medical Device
A new legal requirement for medical devices in the US will introduce the first-ever SBOM mandate for the consumer market
Security Affairs
CISA warns of a critical flaw affecting Illumina medical devices
U.S. CISA released an Industrial Control Systems (ICS) medical advisory warning of a critical flaw affecting Illumina medical devices. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released an Industrial Control Systems (ICS) medical advisory warning of vulnerabilities that could allow an attacker to take any action at the operating system level. The issues […]
DarkReading
DPRK Exploits 2 MITRE Sub-Techniques: Phantom DLL Hijacking, TCC Abuse
North Korean hackers break ground with new exploitation techniques for Windows and macOS.
DarkReading
DPRK Exploits 2 New MITRE Techniques: Phantom DLL Hijacking, TCC Abuse
North Korean hackers break ground with new exploitation techniques for Windows and macOS.
DataBreaches
BD issues cybersecurity alert for hacking risk found in Alaris infusion pump software
Andrea Park reports: A vulnerability found in software used to monitor some of BD’s infusion pumps could potentially give hackers access to personal data...
SecurityWeek
Defending the Healthcare Security Landscape in the Age of Connected Devices
As the number of connected medical devices grows, healthcare organizations and device manufacturers must work together to ensure the safety of patients and overall heathcare landscape
The Hacker News
CISA Warns of Critical Flaws in Illumina's DNA Sequencing Instruments
CISA has issued an Industrial Control Systems medical advisory warning of ., including
Ars Technica
Here’s how long it takes new BrutePrint attack to unlock 10 different smartphones
BrutePrint requires just $15 of equipment and a little amount of time with a phone.
DarkReading
FBI: Criminals Using BEC Attacks to Scavenge Food Shipments
Cybercriminal rats are at play: Several food suppliers and distributors have experienced hundreds of thousands of dollars in losses after fulfilling fraudulently placed orders for food and ingredient shipments.
Bleeping Computer
CISA: BadAlloc impacts critical infrastructure using BlackBerry QNX
CISA today warned that IoT and OT security flaws known as BadAlloc impact BlackBerry's QNX Real Time Operating System (RTOS) used by critical infrastructure organizations.
DataBreaches
Doctor Admits Criminal HIPAA Scheme for Wrongful Disclosure of Protected Patient Health Information to Pharmaceutical Sales Representative
CAMDEN, N.J. – A former physician with medical practices in New Jersey, New York, and Florida admitted wrongfully disclosing patients’ protected personal...
SecurityWeek
Fianu Labs Emerges From Stealth With $2 Million in Seed Funding
Fianu Labs has emerged from stealth mode with a software governance automation solution and $2 million in seed funding.
The Cyber Express
Digital Dangers in Medicine: Hackers’ Terrifying Obsession with the Healthcare Industry
Cybercriminals, in a strange twist of fate, have developed a worrying fixation on the very core of our society—the healthcare
CyberSecurity Dive
Five considerations for securing your software supply chain
Do you know what’s in your code? These 5 considerations should help you drive your security activities and identify weak points in your software supply chain.
CyberSecurity Dive
5 considerations for securing your software supply chain
Do you know what’s in your code? These five considerations should help you drive your security activities and identify weak points in your software supply chain.
SecurityWeek
Medical, IoT Devices From Many Manufacturers Affected by 'Access:7' Vulnerabilities
Critical supply chain vulnerabilities in PTC’s Axeda agent affect 150 device models from more than 100 manufacturers.
Infosecurity News
NextGen Healthcare Data Breach: One Million Patient Records Affected
The breach reportedly affected a database accessed via stolen client credentials
SecurityWeek
Zoom Unveils Open Source Vulnerability Impact Scoring System
Zoom launches an open source Vulnerability Impact Scoring System (VISS) tested within its bug bounty program.
CyberNews
US officials investigate Meta’s role in sale of illegal drugs – report
Meta, the company behind Facebook, Instagram, and WhatsApp, is being probed for its involvement in the sale of illegal drugs on its platforms.
SecurityWeek
CISA Warns of Critical Vulnerabilities in Illumina Genetic Analysis Devices
Vulnerabilities in Illumina Local Run Manager may allow a remote, unauthenticated attacker to take over a vulnerable product.
Latest Hacking News
Critical Vulnerabilities Found In Illumina Universal Copy Service Devices
US CISA warns of critical vulnerabilities affecting the security of Illumina devices. The vulnerabilities exist in the Illumina Universal Copy Service software, allowing remote code execution attacks. Illumina Universal Copy Service Vulnerabilities According to a recent CISA
CyberNews
Neuralink’s first patient seen playing chess
A recent live stream on X shows the first Neuralink patient using the technology to play chess.
SecurityWeek
Healthcare's Ransomware Epidemic: Why Cyberattacks Hit the Medical Sector With Alarming Frequency
Cybersecurity firm Claroty discusses the reasons the healthcare industry has long been a primary target for ransomware attacks.
Bleeping Computer
Medtronic urgently recalls insulin pump controllers over hacking concerns
Medtronic is urgently recalling remote controllers for insulin pumps belonging to its 'MiniMed Paradigm' family of products, due to potential cybersecurity risks.
Security Affairs
Pro-Russia hackers target critical infrastructure in North America and Europe
Government agencies from the US, Canada and the UK warn of Russian threat actors targeting critical infrastructure in North America and Europe
CyberSecurity Dive
The US cyber strategy is out. Now, officials just have to implement it
Industry stakeholders signal a willingness to discuss further steps, while congressional leaders hint additional action may be on the table.
CSO
US Congress funds cybersecurity initiatives in FY2023 spending bill
This year’s appropriation bill covers a lot of cybersecurity territory, including threats from TikTok and foreign adversaries and steps to improve medical device security.
Bleeping Computer
New IcedID variants shift from bank fraud to malware delivery
New IcedID variants have been found without the usual online banking fraud functionality and instead focus on installing further malware on compromised systems.
Infosecurity News
FCC Agrees to Cyber Trust Mark for IoT Products
The voluntary FCC program will allow smart device manufacturers to demonstrate to consumers that their product has met robust cybersecurity standards
Bleeping Computer
US govt warns of pro-Russian hacktivists targeting water facilities
The US government is warning that pro-Russian hacktivists are seeking out and hacking into unsecured operational technology (OT) systems used to disrupt critical infrastructure operations.
The Hacker News
Critical "Access:7" Supply Chain Vulnerabilities Impact ATMs, Medical and IoT Devices
A series of newly discovered security vulnerabilities in PTC's Axeda software affects hundreds of thousands of ATMs, vending machines, SCADA systems.
SecurityWeek
In Other News: Ubisoft Hack, NASA Security Guidance, TikTok Requests iPhone Passcode
Ubisoft investigating alleged hack, NASA releases security guidance, TikTok scares iPhone users by requesting passcode
CyberNews
Facebook overrun by fake pharmacies peddling counterfeit drugs like Ozempic
Thousands of fake online pharmacy and drug listings were removed from social media platforms, websites, and online marketplaces in 2023, a new Pharma Crime report shows.
ZDNet
Are period tracking apps safe? | ZDNet
Opinion: The convenience isn't worth the risk.
%20(1).webp)
Cyber Security News
Incognito Dark Web Market Admin Arrested for Selling Illegal Goods
It is said that over $100 million worth of illegal transactions took place on the dark web site, which made it easier to sell illegal drugs.
CyberSecurity Dive
Medtech, hospitals on alert for cyberattacks after Russia's invasion of Ukraine
The Russia-Ukraine conflict has raised the cyberthreat level for medtech and hospitals, putting patient safety at risk.
CSO
Critical flaws in remote management agent impacts thousands of medical devices
The Axeda platform, used by hundreds of IoT devices, has seven vulnerabilities, three of which allow for remote code execution.
DarkReading
XZ Utils Scare Exposes Hard Truths in Software Security
Much of the open source code embedded in enterprise software stacks comes from small, under-resourced, volunteer-run projects.
CyberScoop
Supreme Court poised to rewrite how social media confronts disinformation
If the Supreme Court backs state efforts to limit platforms from curating content, online disinformation will surge, experts and tech companies say.
Cyber Security News
10 Best HIPPA Compliance Security Service Providers - 2024
Best HIPPA Compliance Service Providers: 1. Perimeter 81 2. Sprinto 3. Updox 4. Weave 5. Paubox 6. OhMD 7. Spruce Health 8. Luma Health.
Cyber Security News
11 Best Compliance Management Software in 2023
Best Compliance Management Software - Solutions - Tools: 1.Perimeter81 2.Qualtrax 3. Qualtrax 4.Skillcast 5.Libryo 6.Ziflow 7.SiteDocs.