Not even dairy cows appear to be safe from internet of things flaws, researchers report after reverse-engineering health-monitoring collars for cows and finding they could eavesdrop on and alter data. Once addressed by the manufacturer, they said the non-updateable collars would have to be replaced.
In the latest weekly update, editors at Information Security Media Group discuss why a growing number of U.S. and Canadian hospitals have been forced to turn away patients because of cyberattacks, innovations that have surfaced during the Israel-Hamas war and the future of industrial automation.
Rockwell's automation efforts have moved away from a purely programmed approach to one that combines programming and self-learning based on specified parameters. Rockwell trained autonomous vehicles using real-time learning and millions of images that capture optimal behavior by human drivers.
Rockwell Automation's acquisition of industrial cybersecurity vendor Verve will help businesses better handle one of the biggest challenges with critical infrastructure: asset identification. Industrial organizations need to manage plants located all over the world, and some of them are very old.
Unveiling a vision of factory workers using AI chatbots to control the assembly line, fix production issues and develop code, Rockwell Automation plans to buy an industrial cybersecurity vendor and team up with Microsoft's generative AI practice to speed automation design and development.
This week: espionage group exploits a zero-day in Roundcube Webmail, Cloudflare records a surge in HTTP DDoS attacks, ZScaler detects a spike in IoT hacks, the International Criminal Court says its cyber incident was espionage and the Kansas court system still offline.
Essential, real-time security information about every Internet of Things device should be clearly communicated to consumers before and after purchase, a consortium of technology vendors says in a list of IoT security principles, which recommend the use of "live labels."
The FDA has issued final guidance on how medical device makers should approach cybersecurity in their products to meet new requirements for including cyber details in their premarket product submissions. Starting Oct. 1, the FDA will "refuse to accept" submissions lacking those details.
Dragos completed a Series D extension to help organizations address enhanced OT security requirements from regulators and cyber insurance providers. The money will allow Dragos to help EU businesses affected by updated cybersecurity directives requiring many smaller organizations to boost security.
The number of connected devices used in healthcare is growing as manufacturers constantly introduce new types of IoT equipment. The ever-evolving threat landscape is making it harder for many entities, particularly outpatient care providers, to keep up, said Justin Foster, CTO of Forescout.
New regulations, including those coming into effect in the U.S., are pushing many medical device makers to radically reconsider how they approach cybersecurity for their products - including air gapping connections, said Phil Englert of the Health Information Sharing and Analysis Center.
IoT and OT devices, which include network-attached storage devices, hold valuable data that ransomware groups seek to compromise. NAS devices are often exposed on the internet and lack the robust security measures found in other endpoints, said Daniel dos Santos of Forescout Technologies.
The Food and Drug Administration's newly enhanced authority over medical device security - as granted by a funding bill signed into law last year - is "transformative" in raising the bar on what is expected from makers in their product submissions to the agency, said Dr. Suzanne Schwartz of the FDA.
Legacy infusion pumps commonly available for purchase on the secondary market often contain wireless authentication and other sensitive data that the original medical organization owners failed to purge, warned researcher Deral Heiland, citing a recent study conducted by security firm Rapid7.
Authorities are sounding the alarm about double-extortion attacks against healthcare and public health sector organizations by a relatively new ransomware-as-a-service group, Rhysida, which until recently had mainly focused on entities in other industries.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing fraudtoday.io, you agree to our use of cookies.
