Cybersecurity News in Asia

Features
- Featured
  
  Bridging the data science talent gap for national cyber defenses: Urgent action needed
  
  Monday, April 29, 2024, 10:16 AM Asia/Singapore | Features
- Featured
  
  AI adoption in India: A balancing act worth chatting about
  
  Thursday, April 25, 2024, 2:53 PM Asia/Singapore | Features, Newsletter
- Featured
  
  AI vulnerability testing: Knowing the In’s and Out’s of proper red teaming
  
  Monday, April 22, 2024, 4:40 PM Asia/Singapore | Case Study, Features
News
- Featured
  
  Understanding the “multiplier effect” of digital fraud in the region
  
  Thursday, May 2, 2024, 2:05 PM Asia/Singapore | News, Newsletter
- Featured
  
  Cyber resilience requires leaders that manage risk with full organizational support: report
  
  Thursday, May 2, 2024, 10:11 AM Asia/Singapore | News, Newsletter
- Featured
  
  Sophisticated China-linked DNS threat actor exposed
  
  Thursday, May 2, 2024, 9:03 AM Asia/Singapore | News, Newsletter
Opinions
Tips
Whitepapers
Awards 2024
Directory
E-Learning

News

Seven new IoT/IoMT vulnerabilities exposed in healthcare/manufacturing sectors

By CybersecAsia editors and webmaster webmaster | Friday, March 11, 2022, 8:49 AM Asia/Singapore

The 9+ CVE rating of these vulnerabilities could mean life-threatening supply chain attacks affecting hospital patients worldwide: report

With escalating cybersecurity threats amid high geopolitical tension, healthcare organizations need to be vigilant against network and device vulnerabilities to manage risks of cyberattacks.

Recently, a major supply chain component utilized by hundreds of IoT and IoMT devices was found to contain seven hitherto undiscovered vulnerabilities. Over 150 device models from more than 100 device manufacturers are potentially implicated. Over half of the affected device vendors belonged to the healthcare industry (55%), followed by almost a quarter (24%) that developed IoT solutions.

The vulnerabilities were found most often in medical imaging (36%) and laboratory (31%) machines.

Seven fresh IoT vulnerabilities

The vulnerabilities were found in PTC’s Axeda agent, which constantly communicate with surgical, ventilation and various lab equipment and devices. However, the agent also interacts with things such as ATM machines. Also:

The vulnerabilities share a lot of similarities to what played out with the Kaseya attack
If the vulnerabilities are exploited, it means hackers could take full control of these devices, access device data, alter critical patient data or modify configurations in the devices

The list of seven fresh vulnerabilities were published by Vedere Labs, in partnership with CyberMDX. Due to the 9+ CVE rating, CISA will be issuing an advisory shortly.

Said Daniel dos Santos, Head of security research, Vedere Labs, Forescout: “The nature of these vulnerabilities could lead to heightened risk and expose healthcare organizations to further cybersecurity threats and risks. (The findings) further illustrate the problems with supply chain components that we have seen before in (other cyber incidents). However, this time it affects a remote management solution that could enable hackers to remotely execute malicious code. Complete protection (these new vulnerabilities) requires patching devices running the vulnerable versions of the Axeda components.”

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

CybersecAsia Voting Placement

Gamification listing or Participate Now

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

Securing Industry 4.0
The world is advancing to Industry 4.0 in full swing, and this is a key …Download Whitepaper
Secure Access Service Edge (SASE) Solutions for Today’s Work-From-Anywhere (WFA) Environment
Organizations are turning to Secure Access Service Edge (SASE) solutions for securing remote work environments, …Download Whitepaper
Identity Has Breached the Ecosystem
This whitepaper explores the dual nature of identity in cybersecurity, emphasizing its role in both …Download Whitepaper
Fortanix Buyers Guide for Modern Key Management and Data Security
This document underscores the pressing challenges in key management and data securityDownload Whitepaper

Middle-sidebar-banner

Case Studies

How medical devices manufacturer Tuttnauer protects patient and personal-data safety
In running a cloud-based portal to link its smart medical equipment, the firm has also …Read more
AI vulnerability testing: Knowing the In’s and Out’s of proper red teaming
To test the safety/security of a generative AI feature, what unchartered bugs and human testing …Read more
Real estate logistics provider GLP steps up to zero trust architecture
With its physical and digital footprint growing, the global firm’s outdated legacy security stack has …Read more
Identity security woes now a thing of the past for Heng Leong Hang
The retail chain was grappling with numerous cyber risks in its IT infrastructure until it …Read more

Cybersecurity News in Asia

Featured

Bridging the data science talent gap for national cyber defenses: Urgent action needed

Featured

AI adoption in India: A balancing act worth chatting about

Featured

AI vulnerability testing: Knowing the In’s and Out’s of proper red teaming

Featured

Understanding the “multiplier effect” of digital fraud in the region

Featured

Cyber resilience requires leaders that manage risk with full organizational support: report

Featured

Sophisticated China-linked DNS threat actor exposed

Seven new IoT/IoMT vulnerabilities exposed in healthcare/manufacturing sectors

Seven fresh IoT vulnerabilities

Related Posts

Leave a reply Cancel reply

Voters-draw/RCA-Sponsors

CybersecAsia Voting Placement

Gamification listing or Participate Now

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

Middle-sidebar-banner

Case Studies

Bottom sidebar