Cybersecurity Archives - Page 2 of 3

MicroDicom viewer vulnerability could disclose sensitive information and allow code execution.

June 7, 2024

Baxter Welch-Allyn Configuration Tool Vulnerability

Successful exploitation of this vulnerability could lead to the unintended exposure of credentials to unauthorized users.

Read More →

Alerts, Cybersecurity, Medical Devices

June 7, 2024

Baxter Welch-Allyn Connex Spot Monitor Vulnerability

Successful exploitation of this vulnerability could modify device configuration and firmware data leading to device compromise.

Read More →

Alerts, Cybersecurity, Medical Devices

Critical Cybersecurity Flaws Found in GE HealthCare Ultrasound Systems

Nozomi Networks Labs found 11 critical vulnerabilities in GE HealthCare’s Vivid Ultrasound systems, risking ransomware and patient data breaches. Exploitation requires physical access. Affected systems include Vivid T9, Common Service Desktop, and EchoPAC software. GE HealthCare has released patches and mitigation strategies. Read the full blog post for details.

Read More →

Alerts, Cybersecurity, Medical Devices

Black Basta Ransomware Alert – Healthcare as a target

Black Basta ransomware targeting healthcare organizations. Warning issued by CISA, FBI, and HHS but no Canadian guidance.

Read More →

Commentary, Cybersecurity, Governance, Medical Devices

November 13, 2024

Canadian Regulatory and Legal Resources

Online resources to help understand the legal and regulatory framework within Canada as it relates to cybersecurity. Some resources specific to healthcare are also included.

Read More →

Commentary, Cybersecurity

March 27, 2024

Ransomware in the Canadian marketplace

A report from Telus cybersecurity that looks at ransomware in the Canadian marketplace with some insights into healthcare as well.

Read More →

Commentary, Cybersecurity, Medical Devices

March 27, 2024

ECRI lists ransomware as a health technology hazard

In their annual listing of top health technology hazards ECRI has listed ransomware as #6. Cybersecurity-related hazards have routinely made onto ECRI’s hazard list for the better part of a decade now.

Read More →

Commentary, Cybersecurity

March 27, 2024

Digital Health Laws and Regulations

I would love to see the Federal government enact some legislation for the Provinces to follow around minimum standards for cybersecurity – above just ensuring data privacy. The jurisdictional issues aside –

Read More →

Commentary, Cybersecurity

March 27, 2024

NIST releases CSF 2.0

NIST’s updated CSF aims to help organizations of all sizes improve their cyber-posture. Providing new documentation and resources and adding some additional focus on governance and supply chains.

Read More →

Commentary, Cybersecurity, Medical Devices, Vulnerabilities

March 27, 2024

Medical Device vulnerabilities actively exploited in the wild.

I came across an insightful article from 2022 during the holiday break, revealing that vulnerabilities in medical technology are actively exploited by advanced persistent threats (APTs). Our database highlights over 190 known vulnerabilities in medical devices, challenging the belief that our niche field in Biomedical Engineering is immune to cyber threats. This underscores the necessity…

Read More →