BD (NYSE:BDX) today voluntarily posted a product security bulletin for a number of vulnerabilities with its Alaris infusion system. Franklin Lakes, New Jersey-based BD recently identified eight vulnerabilities. These vulnerabilities are associated with the BD Alaris system with Guardrails Suite MX, versions 12.1.3 and earlier. The company discovered the vulnerabilities through routine internal security testing […]
Cybersecurity
BD warns on cybersecurity risk with BodyGuard infusion pumps
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) today issued an advisory regarding infusion pumps from BD (NYSE:BD). CISA’s advisory concerns the BD BodyGuard infusion pumps. They may contain a vulnerability in the form of a missing protection mechanism for an alternate hardware interface. No known public exploits specifically target this vulnerability, CISA said. Attackers […]
Many infusion pumps are vulnerable to hackers, study says
Palo Alto Network’s Unit 42 released results from a study showing that 75% of infusion pumps observed had known cybersecurity gaps. The results involved crowdsourced data from scans of more than 200,000 infusion pumps on the network of health providers using IoT Security for Healthcare from Palo Alto Networks. Vulnerabilities observed in the study included […]
Glytec garners cybersecurity certification for insulin management system
Glytec announced today that its eGlycemic Management System received certified status for information security from HITRUST. Waltham, Massachusetts-based Glytec’s certification validates its platform’s ability to meet the highest standards for protecting sensitive data and information when working with its health system customers. According to a news release, HITRUST CSF certified status means the eGlycemic Management […]
DHS warns on Insulet Omnipod
The U.S. Dept. of Homeland Security (DHS) issued a medical advisory to warn of vulnerabilities with the Insulet (NSDQ:PODD) Omnipod insulin management system. According to the advisory, the affected insulin pumps are designed to communicate using a wireless RF with Insulet’s personal diabetes manager device, but the RF communication protocol does not properly implement authentication or authorization. […]
MedCrypt and QuiO partner to protect devices from cyberattacks
MedCrypt and QuiO have announced an integration partnership for a set of cloud-connected injection devices known as the Smartinjector devices to provide safe data transfers of patient prescriptions and injections. OuiO will receive software security with this partnership for its Si One, for specialty drugs, and Si Pen, for diabetes patients. MedCrypt’s software will be able to sync […]