BD (NYSE: BDX) is touting that it is the first medical technology company authorized as a Common Vulnerability and Exposures (CVE) Numbering Authority by the CVE Program. BD officials say the authorization further boosts the company’s healthcare cybersecurity leadership. Get the full story on our sister site Medical Design & Outsourcing.
U.S. Department of Homeland Security
DHS warns on Medtronic MyCareLink smart monitor cybersecurity vulnerabilities
The U.S. Dept. of Homeland Security warned on cyber vulnerabilities with the MyCareLink made by Medtronic (NYSE:MDT). Medtronic’s MyCareLink (MCL) Smart Model 25000 patient reader is potentially vulnerable to improper authentication, heap-based buffer overflow and the time-of-check/time-of-use race condition, according to a notice from DHS. Successful exploitation of the vulnerabilities could result in an attacker being […]
Labor unions, environmental groups sue feds over lack of PPE
Labor unions ranging across several types of frontline workers today joined environmental groups in a lawsuit against the federal government. Unions representing healthcare workers, teachers, transit operators and millions more joined the environmental groups to sue the feds over their failure to provide adequate reusable respirators, N95 masks, gloves and other personal protective equipment (PPE) […]
DHS warns on Philips patient monitoring systems
The U.S. Department of Homeland Security warned of several vulnerabilities in patient monitors made by Royal Philips (NYSE:PHG). Amsterdam-based Philips’ Patient Information Center iX, PerformanceBridge Focal Point, IntelliVue Patient Monitors MX100, MX400-MX850 and MP2-MP90 and IntelliVue X2 and X3 were all listed among the affected equipment in a DHS release. Potential vulnerabilities within those devices include […]
Labor unions, environmental groups demand federal action on PPE
A group of labor unions and environmental organizations is petitioning the Trump Administration to mandate production of personal protective equipment (PPE) using the Defense Production Act. The petition, submitted Aug. 11 to the U.S. departments of Health and Human Services and Homeland Security, dovetails with the FDA’s issuance on Monday of its first list of PPE shortages, […]
B,. Braun, Baxter, CareStream, Green Hills affected by Ripple20 cyber vulnerabilities
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said it is aware of vulnerabilities affecting Treck IP stack implications for embedded systems. Known as Ripple20, the vulnerabilities allow a remote attacker to exploit and take control of an affected system, according to the CISA statement. Among the affected companies were B. Braun, Baxter (NYSE:BAX), Green Hills […]
Baxter systems flagged for cybersecurity vulnerabilities
The U.S. Department of Homeland Security released notices citing cyber vulnerabilities with four devices made by Baxter (NYSE:BAX). Included among the devices listed by DHS were Baxter’s PrismaFlex/PrisMax devices, its ExactaMix, its Phoenix hemodialysis delivery system and its Sigma Spectrum infusion pumps. All four notices included warnings regarding the devices’ Cleartext transmission of sensitive information. According […]
Trump uses DPA to boost supplies to certain ventilator manufacturers
President Donald Trump yesterday invoked the Defense Production Act to reduce supply-chain problems for certain manufacturers to produce ventilators. In the executive order, the president gave the secretaries of the departments of Health & Human Services and Homeland Security the power to secure materials for General Electric (NYSE:GE), Hillrom (NYSE:HRC) , Medtronic (NYSE:MDT), ResMed (NYSE:RMD), Philips (NYSE:PHG) and Vyaire Medical. Ventilator […]
Homeland Security warns on BD Pyxis Medstation and Pyxis Anesthesia
The U.S. Dept. of Homeland Security (DHS) issued a medical advisory warning for a potential software vulnerability in the Pyxis MedStation and Pyxis Anesthesia (PAS) ES system made by Becton Dickinson (NYSE:BDX). According to the DHS warning, Becton Dickinson reported the vulnerability to the Cybersecurity and Infrastructure Security Agency (CISA). Affected models of the drug-dispensing devices […]
DHS warns on Insulet Omnipod
The U.S. Dept. of Homeland Security (DHS) issued a medical advisory to warn of vulnerabilities with the Insulet (NSDQ:PODD) Omnipod insulin management system. According to the advisory, the affected insulin pumps are designed to communicate using a wireless RF with Insulet’s personal diabetes manager device, but the RF communication protocol does not properly implement authentication or […]
Some SpaceLabs devices vulnerable to serious cyberattack
Certain SpaceLabs Healthcare telemetry receivers are at risk of cyberattack by a program as virulent as the WannaCry malware attacks of 2017, according to the U.S. Department of Homeland Security. The SpaceLabs Xhibit telemetry receiver model number 96280, v1.0.2 and all versions of a former SpaceLabs product, Arkon, may be affected by the BlueKeep virus, […]