12-04-17 – News This Past Week

Hacked IV Pumps and Digital Smart Pens Can Lead to Data Breaches
An attack on a single IV infusion pump or digital smart pen can be leveraged to a widespread breach that exposes patient records, according to a Spirent SecurityLabs researcher.
https://www.darkreading.com/mobile/hacked-iv-pumps-and-digital-smart-pens-can-lead-to-data-breaches/d/d-id/1330536

Industrial Cybersecurity Startup SCADAfence Secures $10 Million
The Tel Aviv-based company explains that it helps industrial network operators bridge the cybersecurity gap that comes when connecting operational technology (OT) and IT networks to ensure operational continuity and the security of valuable assets
http://www.securityweek.com/industrial-cybersecurity-startup-scadafence-secures-10-million

Siemens Patches Several Flaws in Teleprotection Devices
According to advisories published by both Siemens and ICS-CERT, medium severity vulnerabilities have been found in the EN100 Ethernet module used by SWT 3000 devices running IEC 61850 and TPOP firmware
http://www.securityweek.com/siemens-patches-several-flaws-teleprotection-devices

Robocars Should Be ‘Disconnected,’ Warns Former EFF Chief
Brad Templeton has been a software architect, a former Electronic Frontier Foundation (EFF) chair, an adviser to Google’s self-driving car project, and a Chair for Computing at the Singularity University. He has recently started warning about the cybersecurity issues self-driving cars, or “robocars,” may face if automotive companies don’t start to take security more seriously as they race to bring them to market
http://www.tomshardware.com/news/brad-templeton-robocars-security-plan,36015.html

AWS allows customers to manage and protect IoT devices
AWS IoT 1-Click, AWS IoT Device Management, AWS IoT Device Defender, AWS IoT Analytics, Amazon FreeRTOS, and AWS Greengrass ML Inference make getting started with IoT as easy as one click, enable customers to onboard and manage large fleets of devices, audit and enforce consistent security policies, and analyze IoT device data at scale

AWS allows customers to manage and protect IoT devices

Tenable Delivers Industrial Security
Organizations are continuously leveraging new data and information capabilities to accelerate their business processes and deliver greater value to customers. As a result, industries such as energy, utilities, and manufacturing are becoming increasingly digital and connected
https://www.tenable.com/blog/tenable-delivers-industrial-security

Linux for the Industry 4.0 era: New distro for factory automation
NXP Semiconductors, a world leader in secure connectivity solutions, just announced a Linux distribution that is intended to support factory automation. It’s called Open Industrial Linux (OpenIL), and it’s promising true industrial-grade security based on trusted computing, hardened software, cryptographic operations and end-to-end security
https://www.networkworld.com/article/3238727/linux/linux-for-factory-automation.html

Recently Patched Dnsmasq Flaws Affect Siemens Industrial Devices
Dnsmasq is a lightweight tool designed to provide DNS, DHCP, router advertisement and network boot services for small networks. It can be found in Linux distributions, smartphones, routers, and many Internet of Things (IoT) devices
http://www.securityweek.com/recently-patched-dnsmasq-flaws-affect-siemens-industrial-devices

Posted in Uncategorized.