Watch This? Patch This! LG Fixes Smart TV Vulns
Richi Jennings | | BitDefender, bitdefender research, Consumer IoT, CVE-2023-6317, CVE-2023-6318, CVE-2023-6319, CVE-2023-6320, iot, LG, SB Blogwatch, Smart TV, Smart TV Security, Smart TV Vulnerability, Smart TVs, The ‘S’ in IoT stands for Security, TV, WebOS4×CVE=RCE or Merely CE? Update your LG TV now, or let hackers root it. But is Bitdefender overhyping the issue? ... Read More
FCC Mulls Rules to Protect Abuse Survivors from Stalking Through Cars
Jeffrey Burt | | automobile, automobiles, Car, connected car security, domestic abuse, fcc, government, MVNO, telematicsTo protect domestic violence survivors from abusers, the FCC wants to include internet-connected vehicles under the Safe Communication Act ... Read More
Techstrong Group Announces Rebranding of Security Bloggers Network to Security Creators Network
Veronica Haggar | | Cyber Marketing Professionals Society, cybersecurity community, networking event, Security Creators Meetup, Security Creators Network, security meetupBOCA RATON, FL, April 9, 2024 — Techstrong Group, the power source for people and technology, is excited to announce the rebranding of the renowned Security Bloggers Network to the Security Creators Network. With over 350 security-focused content creators, the network has been a staple in the cybersecurity community for ... Read More
HHS: Health Care IT Helpdesks Under Attack in Voice Scams
Jeffrey Burt | | cyberattacks in healthcare, Generative AI risks, healthcare, helpdesk, MFA, social engineering, SpearPhishing, Voice CloningScammers are impersonating employees in voice calls to gain access to healthcare organizations' systems and steal money, the agency says ... Read More
Here Comes the US GDPR: APRA, the American Privacy Rights Act
Richi Jennings | | American Data Privacy and Protection Act, APRA (American Privacy Rights Act), Cathy McMorris Rodgers, Consumer privacy rights, customer privacy, EU GDPR, GDPR, GDPR (General Data Protection Regulation), gdpr legislation, Maria Cantwell, Privacy, SB BlogwatchEnter the lobbyists: A draft federal privacy act has Washington DC buzzing. But it’s just a bill—and it’s a long, long journey before it becomes a law ... Read More
FCC: Phone Network Bugs Must Be Fixed — But are SS7/Diameter Beyond Repair?
Richi Jennings | | Big Telecom, carrier, Carriers, Diameter, digital telecom, fcc, FCC Failures, FCC Follies, FCC privacy rules, Federal Communications Commission, Federal Government, Location, location access risks, location data, Location data privacy, location history, location intelligence, location privacy, location sharing location tracking, location tracking, mobile carrier, mobile carrier vulnerability, Mobile carriers, Mobile Location Tracking, Mobile Tracking, Phone Carrier, RADIUS, roaming, Ron Wyden, SB Blogwatch, Sen. Ron Wyden, Smartphone Location Tracking, ss7, telco, Telecom, Telecom Cybersecurity, Telecom Industry, Telecom Industry Vulnerabilities, telecommunications, Telecommunications Security, telephone, telephones, U.S. Federal Communications Commission, wireless carrierFast enough for government work: The Federal Communications Commission is finally minded to do something about decades-old vulnerabilities ... Read More
Ivanti CEO Promises Stronger Security After a Year of Flaws
Ivanti CEO Jeff Abbott, in an open letter and a video, outlined the steps the embattled company is taking to improve its security ... Read More
Google Chrome Enlists Emerging DBSC Standard to Fight Cookie Theft
Google is prototyping a new technology in Chrome that is designed to thwart the growing trend among cybercriminals of stealing browser session cookies, which enables hackers to bypass multifunction authentication (MFA) protections and gain access to users’ online accounts The tech giant this week said it is piloting the use ... Read More
Biden Review Board Gives Microsoft a Big, Fat Raspberry
Richi Jennings | | Active Directory, Authentication, azure, Azure Active Directory, Azure AD, Azure security, cisa, CISA.gov, CSRB, Cyber Safety Review Board, Cybersecurity Infrastructure Security Administration, Entra ID, Exchange, Microsoft, Microsoft Azure, Microsoft Azure Active Directory, Microsoft Azure Security, Outlook.com, SB Blogwatch, Storm-0558Storm-0558 forecast: Last year’s Chinese hack of federal agencies’ email is still a mystery, and “should never have occurred,” says CISA ... Read More
NIST Proposes Public-Private Group to Help with NVD Backlog
An embattled National Institute of Standards and Technology (NIST), hobbled by budget cuts, is looking for more help from both inside and outside the government. NIST is trying to manage a growing backlog of security vulnerabilities coming into the database it maintains. The National Institute of Science and Technology, which ... Read More
