Latest News

2019/07/01

FDA Warns of Potentially Fatal Flaws in Insulin Pumps

The Food and Drug Administration (FDA) has issued an emergency alert, warning that Medtronic MiniMed insulin pumps are vulnerable to potentially life-threatening cyberattacks.

Specifically impacted are Medtronic’s MiniMed insulin pumps, the MiniMed 508 insulin pump and MiniMed Paradigm series insulin pumps. Up to 4,000 patients in the U.S. have been identified using vulnerable insulin pumps – Medtronic, which has issued a recall for the products, is still working to identify more users.
2019/07/01

Baltimore approves $10M for ransomware relief, expects $18M in damages

Baltimore officials approved using $10 million in excess revenue to cover ongoing expenses related to a ransomware attack that immobilized several of the cities computer systems in early May.

The city’s budget office estimates the total cost of responding to the attack will be $18 million after threat actors demanded $80,000 in ransom to unlock the systems, but city officials have been advised by law enforcement not to pay.
2019/06/24

Building an LTE Access Point with a Raspberry Pi

Interesting read on building a minimal feasible configuration for a LTE A.P. using commodity hardware and software.
Source: snikt.net
2019/06/24

Palo Alto’s Unit 42 discovered 10 ‘Important’ Microsoft bugs


Palo Alto’s Unit 42 researchers discovered 10 new Microsoft vulnerabilities all of which had a Maximum Severity Rating of “Important.”

“The severity of the vulnerabilities discovered were all rated ‘Important,’” according to a June 20 blog post, which said that one vulnerability had been addressed in the June 2019 Microsoft Security Response Center (MSRC) update release and the other nine in the May 2019 updates.
2019/06/24

[PATCH] Apple releases eight updates for AirPort Base Station bugs

Apple released eight updates to address vulnerabilities in AirPort Express, AirPort Extreme, and AirPort Time Capsule wireless routers with 802.11n that could allow a remote attacker to take control of an affected system, according to a June 20 security update.

One vulnerability could allow a remote attacker to leak memory due to an out-of-bounds read that was addressed with improved input validation. Another flaw allowed a remote attacker to cause a system denial of service due to an issue that was addressed with improved validation.