Vulnerabilities in healthcare devices and hospital systems are leading to growing concerns in the infosec community about patient safety.

A slew of products from medical dispensing company BD are susceptible to the KRACK vulnerability disclosed last fall.

Pacemakers and pacemaker programmers lack authentication and are plagued with thousands of software vulnerabilities across leading manufacturers.

Companies such as Siemens and Bayer are planning to release patches for medical devices hit by the ransomware WannaCry over the past several days.

Mike Mimoso and Chris Brook recap this year’s SOURCE Boston Conference and discuss the week in news, including the long term implications of the NSA’s DoublePulsar exploit, and the HipChat breach.

At Source Boston, Josh Corman of the Atlantic Council said that healthcare is suffering from a lack of security talent, devices rife with vulnerabilities, and government incentivizing bad behavior.

The FDA sent Abbott Laboratories a warning letter citing that it had inadequately addressed the security of the maligned Merlin@home Transmitter.

Harley Geiger, director of public policy at Rapid7, talks about how policy goes hand in hand with technology when it comes to cybersecurity, the government’s focus on IoT and critical infrastructure, and more.

MedSec CEO Justine Bone talks to Mike Mimoso about the St. Jude Medical vulnerabilities, the considerations her company and Muddy Waters made in short selling St. Jude stock, and the current state of medical device security. Download: Justine_Bone_on_St._Jude_Vulnerabilities_and_Medical_Device_Security.mp3 Music by Chris Gonsalves

The news of the week is discussed, including the ShadowBrokers’ farewell, GoDaddy’s buggy domain validation issue, MongoDB ransoms, and the latest with St. Jude Medical.