NCSC
NEW UK LAW BANS DEFAULT PASSWORDS ON SMART DEVICES

The UK’s NCSC wants smart device manufacturers to follow new law banning default passwords. The law, known as the Product Security and Telecommunications Infrastructure act (or PSTI act), will be effective on April 29, 2024.

“From 29 April 2024, manufacturers of consumer ‘smart’ devices must comply with new UK law.” reads the announcement published by NCSC. “The law, known as the Product Security and Telecommunications Infrastructure act (or PSTI act), will help consumers to choose smart devices that have been designed to provide ongoing protection against cyber attacks.”

• Event

CYDES 2025 Reinforces Malaysia’s Vision of Secure and Trusted Digital Nation

By F2 / Thursday , July 3 2025

The final day of the Cyber Defence & Security Exhibition and Conference (CYDES) 2025 concluded with high-impact engagements at the...

Read More

• Alert
• Vulnerabilities

Cisco alerts that Unified CM has hardcoded root SSH credentials

By F2 / Thursday , July 3 2025

Cisco warns that a vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition...

Read More

• Event
• International

CYDES 2025
MCSS to implement 6 strategic goals with 7 objectives over 6 year: NACSA Chief

By F2 / Wednesday , July 2 2025

The second day of the Cyber Defence & Security Exhibition and Conference (CYDES) 2025 further cemented Malaysia’s position as a...

Read More

• International

CYDES 2025
Malaysia placed cybersecurity heart of the regional agenda: DPM Ahmad Zahid

By F2 / Tuesday , July 1 2025

Malaysia's Deputy Prime Minister Datuk Seri Dr. Ahmad Zahid Hamidi said that Malaysia has placed cybersecurity at the heart of...

Read More

• International

Amid Meta moves; OpenAI is largely shutting down next week: Wired

By F2 / Tuesday , July 1 2025

Mark Chen, the chief research officer at OpenAI, sent a forceful memo to staff on Saturday, promising to go head-to-head...

Read More

• Alert
• Hot Topic

Canada orders Hikvision to close operations over national security

By F2 / Tuesday , July 1 2025

The Canadian government ordered Hikvision to stop all operations in the country due to national security concerns. Hikvision, based in...

Read More

• International

First couple “Rosie” to conceive using AI tech “STAR” successfully

By infosecbulletin / Sunday , June 29 2025

Doctors at Columbia University Fertility Center have reported what they are calling the first pregnancy using a new AI system,...

Read More

• Alert
• Cyber Attack

Scattered Spider Actively Attacking Aviation and Transportation: FBI

By infosecbulletin / Saturday , June 28 2025

Cybersecurity experts and federal authorities are warning that the Scattered Spider hackers are now targeting aviation and transportation, indicating a...

Read More

• Alert
• Hot Topic
• International

Russia’s restrictions on Cloudflare making websites inaccessible

By F2 / Saturday , June 28 2025

Since June 9, 2025, Russian users connecting to Cloudflare services have faced throttling by ISPs. As the throttling is being...

Read More

• Cyber Attack
• Data Breach

61 million Verizon records allegedly posted online for sale

By infosecbulletin / Saturday , June 28 2025

A new report from SafetyDetectives reveals that hackers posted a massive 3.1GB dataset online, containing about 61 million records reportedly...

Read More

The U.K. is the first country to ban default passwords on IoT devices. This law stops manufacturers from providing devices with easily accessible passwords that can be shared.

The law applies to the following products:

Smart speakers, smart TVs, and streaming devices
Smart doorbells, baby monitors, and security cameras
Cellular tablets, smartphones, and game consoles
Wearable fitness trackers (including smart watches)

Smart domestic appliances (such as light bulbs, plugs, kettles, thermostats, ovens, fridges, cleaners, and washing machines)

Hackers could use these to get into a network or carry out cyber attacks.
Companies must provide a way to report security issues and specify how long the device will get important security updates.

The NCSC stated that the PSTI act applies to organizations that import or sell products for the UK market. This includes most smart devices made outside the UK. Manufacturers who do not comply with the act will be fined up to £10 million or 4% of their worldwide revenue.