The UK’s NCSC wants smart device manufacturers to follow new law banning default passwords. The law, known as the Product Security and Telecommunications Infrastructure act (or PSTI act), will be effective on April 29, 2024.
“From 29 April 2024, manufacturers of consumer ‘smart’ devices must comply with new UK law.” reads the announcement published by NCSC. “The law, known as the Product Security and Telecommunications Infrastructure act (or PSTI act), will help consumers to choose smart devices that have been designed to provide ongoing protection against cyber attacks.”
By infosecbulletin
/ Friday , May 17 2024
ISA issued seventeen advisories about Industrial Control Systems (ICS) on May 16, 2024. These advisories give important information about security...
Read More
By infosecbulletin
/ Thursday , May 16 2024
Intel released 41 security advisories this Patch Tuesday, which contain information about over 90 vulnerabilities in their products. The company...
Read More
By infosecbulletin
/ Thursday , May 16 2024
Adobe released security updates for the vulnerabilities in Adobe software. Bad actors could exploit some of these vulnerabilities taking control...
Read More
By infosecbulletin
/ Wednesday , May 15 2024
FBI has seized hacking forum "BreachForums" popularly known as a Breached hacking forum in the underground market on Wednesday morning...
Read More
By infosecbulletin
/ Wednesday , May 15 2024
Antivirus manufacturer Kaspersky inform that it has detected over 34,000 ransomware attacks targeting various organizations in Bangladesh from January to...
Read More
By infosecbulletin
/ Wednesday , May 15 2024
A vulnerability has been discovered in Fortinet’s FortiOS SSL-VPN and FortiProxy SSL-VPN. The flaw is identified as FG-23-225 which allows...
Read More
By infosecbulletin
/ Wednesday , May 15 2024
According to the Threatmon advanced threat monitoring platform, LockBit is in the top position in the category of top active...
Read More
By infosecbulletin
/ Wednesday , May 15 2024
On Tuesday (May 14), CISA released four Industrial Control Systems (ICS) advisories which provide timely information about current security issues,...
Read More
By infosecbulletin
/ Wednesday , May 15 2024
Microsoft patched May 2024 Tuesday including updates for 61 flaws and three publicly disclosed zero days. This update fixed Microsoft...
Read More
By infosecbulletin
/ Tuesday , May 14 2024
On Tuesday (14.05.2024) Bangladesh Bank spokesperson Majbaul Haque said to media that the information published in the report is completely...
Read More
The U.K. is the first country to ban default passwords on IoT devices. This law stops manufacturers from providing devices with easily accessible passwords that can be shared.
The law applies to the following products:
Smart speakers, smart TVs, and streaming devices
Smart doorbells, baby monitors, and security cameras
Cellular tablets, smartphones, and game consoles
Wearable fitness trackers (including smart watches)
Smart domestic appliances (such as light bulbs, plugs, kettles, thermostats, ovens, fridges, cleaners, and washing machines)
Hackers could use these to get into a network or carry out cyber attacks.
Companies must provide a way to report security issues and specify how long the device will get important security updates.
The NCSC stated that the PSTI act applies to organizations that import or sell products for the UK market. This includes most smart devices made outside the UK. Manufacturers who do not comply with the act will be fined up to £10 million or 4% of their worldwide revenue.