Merlin@home Transmitter contained vulnerabilities in U.S.A

Farzana Sharmin
For implantable pacemaker and defibrillator devices, medical device maker St. Jude Medical on Monday began deploying software designed to protect its remote monitoring system.

The move came on the heels of the U.S. food and Drug Administration's warning that the company's Merlin@home Transmitter contained vulnerabilities that could be exploited by hackers.

Merlin@home wirelessly communicates with implanted cardiac devices. It gathers data and sends it to a physician over the Merlin.net Patient Care Network via a continuous landline, cellular or Internet connection.

An unauthorized user could exploit the vulnerabilities in Merlin@home to modify commands to an implanted device, which could result in rapid battery depletion or administration of inappropriate pacing or shocks, the FDA explained.

There have been no reports of patient harm related to these cybersecurity vulnerabilities, the agency noted.

Benefits Outweigh Risks

St. Jude Medical has created a software patch, which is now available, to address the security flaws in the Merlin@home Transmitter, the FDA said. It will be installed automatically when the Merlin@home device is plugged in and connected to the Merlin.net Patient Care Network.

The FDA has reviewed St. Jude Medical's software patch to ensure that it addresses the greatest risks posed by the cybersecurity vulnerabilities, thus reducing the risk of exploitation and subsequent patient harm, according to the agency's alert.

The FDA conducted an assessment of the benefits and risks of using the Merlin@home Transmitter and determined that the health benefits to patients from continued use of the device outweigh the cybersecurity risks.

The new patch includes additional validation and verification between the Merlin@home device and Merlin.net, St. Jude Medical explained.

"There has been a great deal of attention on medical device security, and it's critical that the entire industry continually enhances and improves security while bringing advanced care to patients," said Ann Barron DiCamillo, an adviser to St. Jude Medical's Cyber Security Medical Advisory Board.
Critical Cooperation

The coordination between the FDA and St. Jude Medical is laudable, observed Alfred Chung, senior product manager at Guidance Software.

"As the number and type of devices connected to the Internet grows, so does the risk of cyberattack," he told . "Threats against medical facilities and devices are especially alarming, given the potential for physical harm or even loss of life."

Since the healthcare industry can expect to be in the sights of hackers, it's critical for device makers, healthcare institutions and government to cooperate, Chung maintained.

"In this case, St. Jude demonstrated how seriously they take cybersecurity, immediately releasing a patch to address the problem and coordinating clear communications with the public," he said.
Ransomware Potential

Although there's the potential of severe harm to Merlin@home users if anyone should tamper with the devices, the risk of that happening is small, observed Lysa Myers, a security researcher at Eset.

"The likelihood for the average person is likely to be very low, as most attacks are financially motivated, and there is very little monetary gain in going after implantable medical devices," she told .

"However, the severity if a vulnerable device were to be attacked is quite high," she added, "as the problems it could cause could be fatal."

There's a money angle that could be worked by Net bottom feeders, though, suggested Arxan Vice President of Research Aaron Lint.

"This new echelon of body-interfacing IoT devices, like connected pacemakers, have the ability to cause direct physical harm. That could be effectively used as leverage against someone financially," he told .

"Take a moment to consider the ramifications of body-level ransomware," Lint said.
Robot Army

There's been much news lately about exploiting flaws in devices connected to the Internet so they can be enlisted into robot armies used to launch crippling distributed denial of service attacks on websites or the Internet itself. Could medical devices be used that way?

"It's very likely," said Erik Knight, CEO of SimpleWan.

"Since you can't exactly monitor or install antivirus on these IoT devices, no one really knows what they're doing," he told .

However, medical devices are not the ideal vehicles for DDoS attackers who want to avoid tipping off owners that their devices have been hijacked, argued Eset's Myers.

"There are so many unsecured IoT devices as well as mobile devices and traditional computers that they could use instead," she pointed out.

"If all of a sudden a bunch of people with medical devices came into hospitals with batteries that had run down way more quickly than usual," said Myers, "that would cause quite an uproar.



Source  : Website

The Norton Core has omnidirectional antenna

Farzana Sharmin



The Norton Core is  exraordinary featured based  router on the market of twenty first century.
Still, Symantec is "a widely known security brand in the consumer space, and they're using Qualcomm's latest radios to ensure the device is as current as they
can make it,"noted Rob Enderle, principal analyst at the Enderle Group.

The Norton Core "anticipates mesh networking in the home to provide full coverage," he told , although it has not yet been implemented.

For a first-time product, "this shows an impressive amount of thought," Enderle remarked. "The only limitation, prior to testing, is that the mesh capability
won't be enabled instantly. Also, Symantec isn't known as a router vendor."  Norton by Symantec on Tuesday announced the Norton Core secure router for smart
devices in the connected home at CES  A Good First Effort


The router combines an omnidirectional antenna design with advanced beam forming to "ensure your devices get stellar WiFi anywhere in your home," Symantec's Karim said.

It can pause the home network as required, and can identify which devices can and can not be paused, he said. IoT devices such as alarm systems, door locks, IP cameras, healthcare devices and appliances won't be paused.

Consumers can preorder the Norton Core now; it will begin shipping in the United States this summer.

The router is priced at US$200, which includes a one-year complimentary subscription to Norton Core Security Plus. The subscription will cost $10 a year after that.  A Good First Effort

The Norton Core is not the first such router on the market; F-Secure, for example, has been shipping a router for the connected home for some time.

Still, Symantec is "a widely known security brand in the consumer space, and they're using Qualcomm's latest radios to ensure the device is as current as they can make it,"noted Rob Enderle, principal analyst at the Enderle Group.

The Norton Core "anticipates mesh networking in the home to provide full coverage," he told  although it has not yet been implemented.







(Source -website)



 

Eco-conscious Transport

 Farzana Sharmin



Transportation technology is most important  factor of economy . In this century those poeple who can reduce cost of transportation as lower as smart  profit icreasing highr then hhighest.
Besides that in this century pollution of environment harm both of people and nature which could threaten the speed of economic progress at the far .



 Not only in terms of bank accounts but to our Earth’s health and our own. Those emissions given off  by our preferred mode of travel mix in with the air we breathe, as well as the Earth’s atmosphere. I’m sure you’ve heard it before, but this is not a good thing.

Using the natural power of the Sun and a bunch of creativity, Hadar has created a new, sexy,
and spending thousands of dollars over the course of a machine’s lifetime to get from one place to the next.
I spent over $60 a week to get to and from school in my beat up Jeep Liberty when I was in high school. It definitely turned heads, but not because of any cool factor.

“No one has ever crossed the street to get a better look at a Prius,” reads the about page on Hadar’s website, where you can check out more of his creations and what goes into them.


Instead of trying to change the Earth and force it to give us what we want, we should to work with it, striving for the health and happiness of all beings that live here by supporting the only globe we roam.

Check out a few other articles we’ve featured here on EWC that use the fusion of art, design and science to move us forward, such as these beautiful cells and bacteria or the way this specially designed place for the deaf population can change each of our lives.

Find the beauty in what surrounds you, and remember, it’s still an amazing world out there.

eco-conscious form of transportation. Check out what he’s doing to change the way we move and why he does it in this short video brought to us by the video network Great Big Story…Hadar combines art and science by using the natural power from the sun to fuel and create his handmade electric bikes. Aside from a one-time payment at purchase, there’s virtually no cost with these beauties. Say goodbye to stopping



Source - internet

Beware of posting false news in facebook!

Farzana Sharmin


Beware  of posting false news in facebook!  Facebook's fake news problem isn't going away. The company may face steep fines in Germany . if it fails to address it satisfactorily.A bill slated for consideration next year would establish fines of up to $500,000 euros per day for each day that a fake news story persisted
after notification of its falsehood was provided. The legislation, which has bipartisan support, would apply to other sites as well, but Facebook
clearly is its main target.  Following that action system Bangladesh could be being

taken  effective but hard  action applying with the help of  laws.

Bad news for Adobe and Apple

Farzana Sharmin


Bad news for  Adobe and Apple  in the upcoming year of 2017!More security vulnerabilities will appear in the software of Adobe and Apple than in Microsoft's, more attacks on the Internet's infrastructure will occur, and cybersecurity events will stoke international tensions. Those are a few of the predictions for 2017 that security experts shared  .

Users of Apple desktops and laptops for years have been relatively insulated from the kinds of malicious activity that has besieged those in the Windows world, but that's going to change next year, warned Trend Micro.

More software flaws will affect Adobe and Apple in 2017, compared to Microsoft, the company noted in a security predictions report.

Declining PC sales and an exodus to mobile platforms have dampened interest in targeting devices running Windows, Trend Micro explained. Microsoft also has upped its security game in recent times, which has made it more difficult for attackers to find vulnerabilities in Windows.

Follow the Money

Signs of hackers' increased interest in Adobe and Apple started appearing in 2016, Trend Micro noted. Zero day vulnerabilities -- flaws unknown to researchers until malicious actors exploit them -- numbered 135 for Adobe compared to 76 for Microsoft.

Meanwhile, Apple's vulnerability count during the same period increased to 50, shooting up from 25 in 2015.

The increased attention Apple has drawn from criminals can be associated with its growing success in the desktop and laptop market.

"There's a much broader use of Apple products now," said Ed Cabrera, vice president of cybersecurity strategy  .

"The criminals go where consumers and enterprises are," he told . "If consumers and enterprises are utilizing more Apple products, then that's where they're going to focus their activity, because that's where the money is going to be."
Upstream Attacks

Distributed denial of service attacks long have functioned as a cyberweapon against websites, but their use reached a new level in 2016, when they disrupted Internet service in parts of North America and Europe by choking an important piece of Net infrastructure: the domain name system.

The DNS converts domain names into corresponding IP addresses. If a domain name can't be paired with its IP address, then a browser becomes lost on the Net.

More "upstream" attacks on the Internet will take place in 2017, said Chase Cunningham, director of cyberoperations at A10 Networks.

"If you're an enemy of someone who depends on the Internet for business or commerce, last year it was shown that if you upstream a little bit and launch a crafted Denial of Service attack, you can bring down large provider websites and infrastructure," he told .
"In 2017, we're going to see more upstream attacks, and DDoS is going to make a comeback as a cyberweapon," Cunningham said. "We're going to see a powerful denial of service attack on something that will cause problems for a national infrastructure."
Geopolitics Feeding Cyberattacks

Simmering tensions over nations hacking nations will come to a boil in 2017, predicted Tom Kellermann, CEO of Strategic Cyber Ventures.

"Geopolitics will be the harbinger for cyberattacks in 2017," he told .

Those cyberattacks will be fostered by both old and new presidents of the United States.

"Due to the president elect's rhetoric against China, Chinese hacking will begin again with increased vigor," Kellermann said. "North Korea will leverage IoT for more denial of service attacks against the West."

In addition, he continued, Trump's anti-Muslim statements during the presidential campaign have increased the membership of cyberterrorist organizations -- like al-Qaida and the Cyber Caliphate -- that will use their new resources to dismantle and destroy U.S. infrastructure in the coming year.

Russian cyberattacks also will increase.

"Once President Obama takes revenge upon Putin for the hacking of the election and other things, you will see increased cybermilitia activity via Russian proxies in Eastern Europe against the U.S.," Kellermann said.
Election Hangover

A cyberhangover from a divisive and inconclusive presidential election also can be expected in 2017.

"Disillusioned American voters will become more inclined toward hacktivism," Kellermann predicted.

That hacktivism will be more destructive than it has been in the past, he said. For example, ransomware will be used to encrypt data solely for denying access to that data and not for ransom. Malicious software delivering "wiper" payloads, which destroy data, also will increase.

Voter disillusionment could give old line hactivist groups, like Anonymous, a new reason for being.

"Anonymous has been fractured for some time," Kellermann noted. "On Jan. 20, you could see a consolidation of Anonymous once again, for the cause of acting out against the incoming administration."
Breach Diary

    Dec. 12. Quest Diagnoistics, a medical lab operator based in New Jersey, says it's investigating data breach in November that placed at risk the personal health information of some 34,000 people.
    Dec. 13. KFC in the UK advises some 1.2 million members of its Colonel's Club loyalty program to reset their passwords because of an intrusion at program's website.
    Dec. 13. Data for more than 200 million people allegedly from credit agency Experian is being offered on sale on the Dark Web for US$600, CSO Online reports.
    Dec. 13. A 17-year-old youth who previously admitted to cyberattack costing UK telecom company TalkTalk $75 million is sentenced to 12-month rehabilitation order in British court.
    Dec. 13. October data breach at Peachtree Orthopedics in Atlanta put 531,000 people at risk of identity theft, WSB-TV reports.
    Dec. 13. Frederick County Public Schools in Maryland says some 1,000 students who attended public schools between November 2005 and November 2006 are affected by data breach discovered in September.
    Dec. 14. Owner of adultery website Ashley Madison agrees to pay $1.65 million to settle state and federal cases stemming from 2015 data theft of personal information of 37 million users.
    Dec. 14. Yahoo says it's discovered data breach from August 2013 exposing accounts of more than 1 billion users.
    Dec. 14. Joshua Samuel Aaron, 32, arrested in New York City by federal authorities and charged with stealing contact information for more than 100 million customers of American financial institutions, brokerage firms and financial news publishers.
    Dec. 15. Threat intelligence firm Recordfed Future says it's discovered evidence that Russian-speaking hacker may have compromised more than 100 access credentials at U.S. Election Assistance Commission.
    Dec. 15. Protenus reports that the number of healthcare data breaches in November reached an annual high of 57 but records exposed during the month declined from October to 458,639 from 776,533.
    Dec. 15. Prosecutors in Los Angeles issue arrest warrant for Austin Kelvin Onaghinor, 37, for launching cyberattack on county that placed at risk confidential information of 750,000 people.
    Dec. 16. President Barack Obama vows to retaliate against Russia for interfering with U.S. elections by stealing information from computer systems of the Democratic Party.
    Dec. 16. Bleacher Report alerts its online and mobile users it is resetting their passwords in 72 hours due to a data breach of its systems.

Upcoming Security Events

    Dec. 20. Insiders Are the New Malware. 1 p.m. ET. Webinar by Presidio. Free with registration.
    Dec. 22. Part 2: How Is This Yahoo! Breach Different from Their Other Breach? 1 p.m. ET. Webinar by Fidelis Cybersecurity. Free with registration.
    Jan. 6. The 2017 Threatscape. 10 a.m. Webinar by Cyber Management Alliance. Free with registration.
    Jan. 9. 2017 Predictions: Authentication, Identity & Biometrics in a Connected World. 11 a.m. ET. Webinar by BioConnect.
    Jan. 12. 2017 Trends in Information Security. 11 a.m. ET. Webinar by 451 Research. Free with registration.
    Jan. 12. The Rise of Malware-Less Attacks: How Can Endpoint Security Keep Up? 1 p.m. ET. Webinar by Carbon Black. Free with registration.
    Jan. 12. FTC PrivacyCon. Constitution Center, 400 7th St. SW, Washington, D.C. Free.
    Jan. 13. I Heart Security: Developing Enterprise Security Programs for Millennials. 5 p.m. ET. Webinar by NCC Group. Free with registration.
    Jan. 13-14. BSides San Diego. National University, Spectrum Business Park Campus, 9388 Lightwave Ave., San Diego. Tickets: $30 (includes T-shirt).
    Jan. 16. You CAN Measure Your Cyber Security After All. 1 p.m. ET. Webinar by Allure Security Technology. Free with registration.
    Jan. 26. The True State of Security in DevOps and Expert Advice On How to Bridge the Gap. 1 p.m. ET. Webinar by HPE and Coveros. Free with registration.
    Jan. 31. Using GDPR To Your Advantage To Drive Customer Centricity and Trust. 5 a.m. ET. Webinar by Cognizant. Free with registration.
    Feb. 4. BSides Huntsville. Solutions Complex building, Dynetics, 1004 Explorer Blvd.,Huntsville, Alabama. Tickets: $10.
    Feb. 13-17. RSA USA Conference. Moscone Center, San Francisco. Full Conference Pass: before Nov. 11, $1,695; before Jan. 14, $1,995; before Feb. 11, $2,395; after Feb. 10, $2,695.
    Feb. 21. Top Trends That Will Shape Your Cybersecurity Strategy in 2017. 11 a.m. ET. Webinar by vArmour, American University, TruSTAR and Cryptzone.
    Feb. 25. BSides NoVa. CIT Building, 2214 Rock Hill Rd.#600, Herndon, Virginia. Tickets: conference, $25; workshops, $10.
    Feb. 28. Key Steps to Implement & Maintain PCI DSS Compliance in 2017. 1 p.m. ET. Webinar by HPE Security.
    March 28-31. Black Hat Asia. Marinia Bay Sands, Singapore. Registration: before Jan. 28, S$1,375; before March 25, S$1,850; after March 24, S$2,050.



(SOURCE # Farzana Sharmin)

100 Chrysler Pacifica hybrid minivans

Farzana Sharmin


Waymo,  unveiled a fleet of 100 Chrysler Pacifica hybrid minivans with the latest high-tech sensors, telematics, and other gear designed for fully autonomous operation.

Modifications were made to several parts of the Pacifica -- including its electrical, powertrain, chassis and structural systems -- to optimize it for fully autonomous driving.

With the additional computer equipment, the cars will undergo more challenging tests. They will be subjected to a broader variety of traffic and weather conditions, as well as other variables, with the goal of being ready for introduction by 2017.


 The announcement comes just days after Waymo unveiled new branding and a new team of executives, amid increasing competition to bring autonomous vehicles to the U.S. market.

The joint program team has worked to integrate the self-driving computers and other systems into the Chrysler Pacifica minivans to get them ready for use, noted Waymo CEO John Krafcik. The work has included more than 200 hours of extreme-weather testing since the companies originally announced the partnership in June.

Waymo and Fiat Chrysler have co-located part of their engineering teams to a new facility in southeastern Michigan to speed development. The companies also have conducted extensive testing at FCA's Chelsea Proving Grounds in Chelsea, Michigan, and the Arizona Proving Grounds in Yucca, Arizona, as well as Waymo's test track in California.

FCA sells cars under the Chrysler, Jeep, Dodge, Ram and SRT performance vehicle brands. The firm also distributes under the Alfa Romeo and Topar brands. (source - website)

Samsung Galaxy S8

 Farzana Sharmin


Since from Last  Wednesday the people of technological world  have engaged arguments about  new feature of Samsung may include in its upcoming Galaxy S8. It's dubbed "Beast Mode," and that's just about all that is known about it so far.

Spotted in an EU trademark application, Beast Mode would apply to smartphones, mobile phones and application software for smartphones, noted Galaxy Club, a Netherlands-based blog.

The Galaxy S8 is expected to be the first smartphone built around Qualcomm's Snapdragon 835 processor. If true, that lines up with the notion that Beast Mode could allow super high performance.

Another rumor is that the Galaxy S8 will have an optical fingerprint scanner built into the display instead of the body.

Further, it's rumored that it will include Bluetooth 5.0, recently approved by the Bluetooth Special Interest Group -- and that idea seems to carry a fair amount of weight.

"There's a strong possibility that Samsung will incorporate Bluetooth 5 into the Galaxy S8," said Ken Hyers, director of wireless device strategies at Strategy Analytics.

"With the cancellation of the Note7, the Galaxy S8 is now [Samsung's] premier device to showcase the latest and best smartphone technology," he told .

Samsung had to institute a global recall of millions of Galaxy Note7s after multiple instances in which the device spontaneously burst into flames. Some replacement devices also caught fire.

"Samsung has a PR problem," observed Michael Jude, a program manager at Stratecast/Frost & Sullivan. "Note7 is a disaster, and they need something with which to seize the technological high ground."

Putting cutting-edge technologies in the S8 "will help a lot," he told .

"Remember, practically nothing is Bluetooth 5-compliant," Jude noted. "As long as the S8 can talk to existing Bluetooth devices, it's golden. People will be drawn to the latest, greatest technology."

Bluetooth 5.0 doesn't replace 4.0, 4.1 or 4.2. It extends the functionality of these previous versions of the Bluetooth Core Specification.

Further, Bluetooth 5.0 lets manufacturers leverage interoperability and performance improvements incorporated in the core specs since 4.2 was released.

"From Bluetooth headsets and speakers to home control, personal robots and drones, Bluetooth is a default technology for connecting devices, with the smartphone as the hub of consumers' device universe," Strategy Analytics' Hyers remarked.

"We are rapidly moving into a more complex connected device world," he pointed out.

Samsung has focused heavily on the Internet of Things, offering smart TVs and smart appliances that can be tied to its smartphones.

Bluetooth 5 "is a huge advance over previous versions of Bluetooth from a connectivity speed and capacity standpoint," Hyers pointed out, noting that it's a natural fit for Samsung's next flagship device.

The S8 will "be both a mass market flagship and a showcase for Samsung's technological leadership" since the company has canceled its Note series of phablets, he said.

Therefore, Samsung "will be careful to only put technology and features in it that it's certain will not create issues," Hyers contended. As a relatively low-risk feature, Bluetooth 5 likely will appear in the S8 in Q1 2017.


Bluetooth 5.0 offers 2Mbps of bandwidth, twice that of Bluetooth 4.2, with low energy.

The bandwidth can be decreased to achieve up to 4x the broadcast range of Bluetooth 4.2 with the same power requirement. That means home automation and security devices can cover entire homes, buildings or locations.

Developers can adjust the broadcast range, speed and security for different environments.

Bluetooth 5.0 delivers reliable Internet of Things connections, and it will increase the relevance of beacons and other location awareness technologies, which will enable a seamless IoT experience.

It also has ad extensions that enable more efficient use of broadcasting channels on the 2.4 GHz band.

Slot availability masks can detect and prevent interference on neighboring bands. (SOURCE - WEBSITE)