In a concerning development for healthcare cybersecurity, the FDA and CISA have issued urgent advisories about two critical patient monitors found to have severe security vulnerabilities: the Contec CMS8000 and Epsimed MN-120 models.

These devices, widely used for remote monitoring of patients in hospitals and at home, are now at risk due to several alarming backdoor flaws, including:

• Hard-coded IP addresses and credentials: making the devices easy targets for cyber attackers.
• Remote code execution vulnerabilities: enabling attackers to potentially take control of the device.
• Patient data exposure risks: leaving sensitive health information open to compromise.

The Serious Threat to Patient Care

These vulnerabilities are not just theoretical risks—they pose real threats to both patient data privacy and operational healthcare safety. A compromised patient monitor could result in tampered vital readings or unauthorized access to personal health information.

Perhaps the most alarming aspect? There is currently no patch available to address these security flaws.

What Can Be Done?

While the lack of a software fix creates an urgent problem, healthcare providers and patients must act swiftly:

• Healthcare Providers: Review your use of these devices and evaluate whether local, non-networked monitoring solutions are safer for high-risk patients.
• Patients: Contact your healthcare provider if you are using one of these devices at home. Discuss potential alternatives or monitoring solutions.
• Security Professionals: Implement network monitoring to detect unusual activity and secure connected healthcare devices at all possible endpoints.

Healthcare devices have historically lagged behind in security compared to other connected systems. This situation underscores the need for more robust security frameworks and proactive device hardening in the healthcare industry.

When a patch isn’t an option, the response must shift toward containment and prevention strategies to minimize risk exposure.

We’ll continue to monitor this situation and provide updates as they become available.

The post Security Flaw Found in Patient Monitors: No Fix Yet appeared first on Centraleyes.

A coordinated effort by U.S. and international law enforcement agencies has dismantled the PlugX malware network, removing it from thousands of compromised devices globally. This decisive action targeted one of the most persistent cyber threats, responsible for espionage and data theft across government, business, and dissident targets since 2008.

What Happened?

Court documents from the Eastern District of Pennsylvania reveal the U.S. Department of Justice (DOJ) collaborated with French law enforcement and cybersecurity experts to take down the malware, a sophisticated Remote Access Trojan (RAT) tied to a state-sponsored group known as Mustang Panda.

PlugX, which has been used extensively in Chinese state-sponsored cyber campaigns, allowed attackers to:

• Take full control of infected machines.
• Execute commands remotely.
• Steal sensitive data, including keystrokes, screen captures, and system information.

The operation, conducted under court-authorized warrants, successfully eradicated PlugX from 4,258 U.S. systems. A parallel investigation in France uncovered a botnet comprising millions of devices, further underscoring the scale of this cyber threat.

Why It Matters

PlugX has a long history of targeting critical entities, including governments, businesses, and dissident groups. Its stealth and versatility made it a preferred tool for espionage and advanced persistent threats (APTs).

The malware’s history includes its use in:

• The 2015 breach of the U.S. Office of Personnel Management, where it enabled attackers to exfiltrate sensitive data.
• Various ransomware campaigns, expanding its scope from espionage to financial crime.

PlugX’s ability to remain undetected for years highlights the vulnerabilities in traditional cybersecurity measures and the critical need for proactive defense strategies.

The post PlugX Malware Network Dismantled appeared first on Centraleyes.