Monday , May 27 2024
NCSC

NCSC
NEW UK LAW BANS DEFAULT PASSWORDS ON SMART DEVICES

The UK’s NCSC wants smart device manufacturers to follow new law banning default passwords. The law, known as the Product Security and Telecommunications Infrastructure act (or PSTI act), will be effective on April 29, 2024.

“From 29 April 2024, manufacturers of consumer ‘smart’ devices must comply with new UK law.” reads the announcement published by NCSC. “The law, known as the Product Security and Telecommunications Infrastructure act (or PSTI act), will help consumers to choose smart devices that have been designed to provide ongoing protection against cyber attacks.”

Researcher claimed: Biometrics of Indian Forces Exposed

Jeremiah Fowler, a security researcher, claimed to discover a major vulnerability in India's data security. He found an unprotected database...
Read More
Researcher claimed: Biometrics of Indian Forces Exposed

NSA Releases Guidance on Zero Trust Maturity

The NSA released an information sheet called "Advancing Zero Trust Maturity Throughout the Application and Workload Pillar." This sheet will...
Read More
NSA Releases Guidance on Zero Trust Maturity

Data protection is sovereignty: Mohammad A. Arafat
INFOCOM Dhaka ends promoting cyber resiliency

The two day long 7th edition of INFOCOM, India's biggest business, technology, and leadership event, themed "Sustainable Disruption", concluded today...
Read More
Data protection is sovereignty: Mohammad A. Arafat  INFOCOM Dhaka ends promoting cyber resiliency

Phoenix Summit 2024
Two days phoenix summit ended successfully at Dhaka

TheTeamPhoenix, a non-profit organization, successfully hosted Phoenix Summit 2024, the largest cyber security event in Bangladesh, from May 23-24. This...
Read More
Phoenix Summit 2024  Two days phoenix summit ended successfully at Dhaka

CISA Added Apache Flink CVE-2020-17519 Vulnerability to KEV

CISA warns Apache Flink users about a critical vulnerability. Cybercriminals are exploiting this flaw to compromise systems. Apache Flink is...
Read More
CISA Added Apache Flink CVE-2020-17519 Vulnerability to KEV

Cisco released software updates for CVE 2024-20360

Cisco, a global network solutions leader, has reported a security issue with its Firepower Management Center (FMC) software. This vulnerability,...
Read More
Cisco released software updates for CVE 2024-20360

Ivanti Patches Critical RCE Flaws in Endpoint Manager

Ivanti on Tuesday declare to patch for several products, including fixes for critical vulnerabilities in Endpoint Manager (EPM). Ivanti resolved...
Read More
Ivanti Patches Critical RCE Flaws in Endpoint Manager

German police warn of cyberattacks via Office 365

ompanies in Germany are facing a new wave of cyberattacks. The State Criminal Police Office of North Rhine-Westphalia has issued...
Read More
German police warn of cyberattacks via Office 365

Hacktivists group target Philippines government ransomware attack

SentinelOne researchers found that the Ikaruz Red Team is targeting the Philippines government using different ransomware builders like LockBit, Vice...
Read More
Hacktivists group target Philippines government ransomware attack

CISA ALERT
CISA Warns Exploiting NextGen Healthcare Mirth Connect Flaw

The US cybersecurity agency, CISA, added a flaw in NextGen Healthcare's Mirth Connect product to its catalog of Known Exploited...
Read More
CISA ALERT  CISA Warns Exploiting NextGen Healthcare Mirth Connect Flaw

The U.K. is the first country to ban default passwords on IoT devices. This law stops manufacturers from providing devices with easily accessible passwords that can be shared.

The law applies to the following products:

Smart speakers, smart TVs, and streaming devices
Smart doorbells, baby monitors, and security cameras
Cellular tablets, smartphones, and game consoles
Wearable fitness trackers (including smart watches)

Smart domestic appliances (such as light bulbs, plugs, kettles, thermostats, ovens, fridges, cleaners, and washing machines)

Hackers could use these to get into a network or carry out cyber attacks.
Companies must provide a way to report security issues and specify how long the device will get important security updates.

The NCSC stated that the PSTI act applies to organizations that import or sell products for the UK market. This includes most smart devices made outside the UK. Manufacturers who do not comply with the act will be fined up to £10 million or 4% of their worldwide revenue.

Check Also

trojan

New “Antidot” Banking Trojan disguised Fake Google Play Updates

The “Antidot” Android Banking Trojan pretends to be a Google Play update app and targets …

Leave a Reply

Your email address will not be published. Required fields are marked *