Researchers blame a 700% spike in IoT-specific malware attacks in part on personal device usage such as digital home assistants, media players and smart TVs.
Most providers are aware of the importance of medical device security. But that acknowledgement hasn’t translated into stronger processes for inventory or response.
A lack of real-time data on inventories, connections, and device communications, combined with reliance on legacy platforms and slow patch management processes have resulted in many providers leaving the door open to attackers.
The half-dozen flaws are found in all versions of the ZOLL Defibrillator Dashboard prior to 2.2. It would take a low-skill level to exploit and could enable an attacker to gain access to credentials or impact the confidentiality, integrity, and availability of the application.
Many Android device OEMs may have offerings with similar flaws, any of which could provide an avenue in to home networks and even enterprise resources.
ReFirm provides drag-and-drop automated firmware analysis, which Microsoft hopes will provide security insight for industrial IoT products, where security personnel often struggle to look inside built-in hardware.
