Friday Squid Blogging: Squid Food Poisoning

Read Time:36 Second

University of Connecticut basketball player Jordan Hawkins claims to have suffered food poisoning from calamari the night before his NCAA finals game. The restaurant disagrees:

On Sunday, a Mastro’s employee politely cast doubt on the idea that the restaurant might have caused the illness, citing its intense safety protocols. The staffer, who spoke on condition of anonymity because he was not authorized to officially speak for Mastro’s, said restaurants in general were more likely to arouse suspicion when they had some rooting interest against the customer-athletes.

As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

Read my blog posting guidelines here.

Read More

CISA warns of critical flaws in ICS and SCADA software from multiple vendors

Read Time:55 Second

The US Cybersecurity and Infrastructure Security Agency (CISA) published seven advisories this week covering vulnerabilities in industrial control systems (ICS) and supervisory control and data acquisition (SCADA) software from multiple vendors. Some of the flaws are rated critical and two of them already have public exploits.

The impacted products include:

Scadaflex II controllers made by Industrial Control Links
Screen Creator Advance 2 and Kostac PLC programming software from JTEKT Electronics
Korenix JetWave industrial wireless access points and communications gateways
Hitachi Energy’s MicroSCADA System Data Manager SDM600
mySCADA myPRO software
Rockwell Automation’s FactoryTalk Diagnostics

ScadaFlex II series controllers are what’s known in the industry as packaged controllers, stand-alone systems that are built with custom software, processing power and I/O capabilities for controlling and monitoring other industrial processes. According to CISA, multiple versions of the software running on the SC-1 and SC-2 controllers are impacted by a critical vulnerability — CVE-2022-25359 with CVSS score 9.1 — that could allow unauthenticated attackers to overwrite, delete, or create files on the system.

To read this article in full, please click here

Read More

What Parents Need To Know About TikTok’s New Screen Time Limits

Read Time:4 Minute, 44 Second

Social media platforms often get a hard time by us parents. But a recent announcement by TikTok of industry first screen time limits might just be enough to win you over. On March 1, the social media platform announced that it will automatically impose a 60-minute daily screen time limit to every account belonging to a user that is under the age of 18. How good??  

I hear what you’re thinking – maybe we can cross TikTok off our list of social media platforms that we need to get our head around? But no, my friends – not so fast! Tik Tok’s new screen time limits are all about parental involvement – which is why I am a fan! So, buckle-up because if you have an under 18 on TikTok (and you’re committed to their digital well-being) then my prediction is that you’ll soon know more about this social media platform than you even thought was possible!  

How Do The New Screen Time Limits Work? 

Over the coming weeks, every account that belongs to an under 18-year-old will automatically be set to a 60-minute daily screen time limit. Once they’ve clocked up an hour of scrolling, teens will be asked to enter a passcode, which TikTok will supply, to keep using the platform. TikTok refers to this as an ‘active decision’.  

So, clearly this isn’t quite the silver bullet to all your screen time worries as teens can choose to opt out of the 60-minute limits. But if they do choose to opt out and then spend more than 100 minutes a day on the platform, they will be prompted to set a daily screen time limit. ‘Will that actually do anything?’ – I hear you say. Well, in the first month of testing this approach, TikTok found that this strategy resulted in a 234% increase in the use of its screen time management tools – a move in the right direction! 

But Wait, There’s More… 

But here’s the part I love the most: TikTok offers Family Pairing which allows you to link your child’s account to yours. And as soon as you enable Family Pairing, your teen is no longer in control of their own screen time.  

Now, don’t get me wrong – I am not a fan of the authoritarian approach when it comes to all things tech. I do prefer a consultative ‘let’s work together’ vibe. However, TikTok’s move to involve parents in making decisions about their child’s screen time means that families will need to talk digital wellbeing more than ever before and here’s why… 

Within the Family Pairings settings, parents are able to set screen time limits based on the day of the week which means homework and holidays can be worked around. There is also a dashboard that shows your child’s screen time usage, the number of times the app was opened plus a breakdown of time spent during the day and night. Now, with all this control and information, you’ll be in quite the powerful position so be prepared to be sold hard by your teen on many the benefits of TikTok!  

Maybe It’s Time for A Family Digital Contract? 

For years I have been a fan of creating a Family Digital Contract which means you get to outline your family’s expectations around technology use. Now the agreement can include time spent online, the sites that can be visited and even the behaviour you expect of your child when they are online. So, if your kids are avid TikTok users then I highly recommend you do this ASAP. Check out the Family Safety Agreement from the Family Online Safety Institute as a starting point but I always recommend tailoring it to suit the needs of your own tribe.   

But let’s keep it real – your kids are not always going to comply, remember how you pushed the boundaries when you were young?? And that’s OK if they understand why their actions weren’t ideal and you have a suitable level of confidence that they will get back on track. However, if you have concerns that they need an additional level of structure to ensure their digital wellbeing remains intact then that’s when TikTok’s Family Pairing can work a treat! 

It’s no secret that social media can be incredibly captivating, possibly even addicting, for so many. And it’s not just TikTok – Instagram, Facebook even Twitter has all been designed to give us regular hits of dopamine with each scroll, like and post. And while I know that parental controls are only one part of the solution, they can be very handy if you need to bring your tween’s usage under control. 

Remember, Conversations Are King! 

But when all is said and done, please remember that the strength of your relationship with your child is the best way of keeping them safe online and their wellbeing intact. If your kids know that they can come to you about any issue at all – and that you will always have their back – then you’re winning!!  

So, be interested in their life – both online and offline – ask questions – who do they hang with? How do they spend their time? And remember to share your online experience with them too – get yourself a little ‘tech’ cred – because I promise they will be more likely to come to you when there is a problem. 

‘Till next time – keep talking!! 

Alex  

The post What Parents Need To Know About TikTok’s New Screen Time Limits appeared first on McAfee Blog.

Read More

NTC Vulkan leak shows evolving Russian cyberwar capabilities

Read Time:24 Second

National habits and perspectives on waging war are not just apparent in terrestrial conflict. In cyberspace, national ways of cyberwar clearly exist. From the unusually aggressive style of Israeli responses to regional cyber threat activities to the consistent correlation between Communist Party interests and China-attributed cyber espionage, a host of examples show that diverse geopolitical interests, national political imperatives, and institutional cultures seem to produce unique flavors of cybersecurity practice.

To read this article in full, please click here

Read More

CVE-2020-11935

Read Time:9 Second

It was discovered that aufs improperly managed inode reference counts in the vfsub_dentry_open() method. A local attacker could use this vulnerability to cause a denial of service attack.

Read More