Transcription Service Leaked Medical Records MEDantex, a Kansas-based company that provides medical transcription services for hospitals, clinics and private physicians, took down its customer Web portal last week after being notified by KrebsOnSecurity that it was leaking sensitive patient medical records — apparently for thousands of physicians. Source: krebsonsecurity… Read More
Hackers Behind Healthcare Espionage Infect X-Ray and MRI Machines Dubbed ‘Orangeworm,’ the hacking group has been found installing a wormable trojan on machines hosting software used for controlling high-tech imaging devices, such as X-Ray and MRI machines, as well as machines used to assist patients in completing consent forms. Source: thehackernews… Read More
FDA Wants Medical Devices to Have Mandatory Built-In Update Mechanisms An FDA document released this week reveals several of the FDA’s plans, including the desire to force device makers to include mandatory update systems inside products for the purpose of delivering critical security patches. Source: bleepingcomputer… Read More
Time of death? A therapeutic postmortem of connected medicine To find a potential entry point into medical infrastructure, we extract the IP ranges of all organizations that have the keywords “medic”, “clinic”, “hospit”, “surgery” and “healthcare” in the organization’s name, then we start the masscan (port scanner) and parse the specialized search engines (like Shodan and Censys) for publicly available resources of these organizations.… Read More