Archive for August 16, 2024

Fubo Sports Network now available on Prime Video in Canada

Posted in Commentary with tags on August 16, 2024 by itnerd

FuboTV Inc. today announced the launch of Fubo’s owned and operated TV network, Fubo Sports Network, on Prime Video Channels in Canada. This marks the first time the sports network is available in Canada outside of a subscription to Fubo’s platform, making it accessible to Prime members across the country.  

Fubo Sports Network on Prime Video provides subscribers full access to a thrilling live sports catalog from soccer to MMA, including over 1,000 live events each year. The agreement also brings Fubo’s exclusive soccer content to Prime Video in Canada, including the English Premier League. In addition to leading soccer matches, programming includes partner content from both breakout and niche sports leagues such as Bare Knuckle Fighting Championship (BKFC), The Professional Fighters League (PFL) and World Poker Tour, among others.  

Fubo is the leading sports-first live TV streaming platform operating in Canada, the U.S., France and Spain. In Canada, Fubo has become the premier soccer streaming platform with local and international top-tier soccer content along with a growing offering of linear sports and entertainment channels. Cord cutters can stream Fubo on mobile and connected TV devices, or on the web, at the fraction of the cost of a cable TV subscription. 

Leave a comment »

New Research: Current Development Trends Significantly Challenging Application Security Modernization

Posted in Commentary with tags on August 16, 2024 by itnerd

Legit Security has released a report on development trends driving the modernization of AppSec programs and pressing challenges to underscore the need to modernize AppSec practices to support growth and mitigate risks.

The report shows that application teams face difficulties with the speed and volume of releases, and prioritizing remediation, highlighting the importance of a modernized approach and alignment with development and DevOps teams for improved collaboration. 

Most organizations reported difficulties fixing vulnerabilities after applications were deployed, reinforcing the significance of incorporating security processes and tools in the build process and challenges concerning developers’ methods, such as unsecured secrets, pipeline tools, containers, and source code repositories. 

Key findings include: 

  • 60% use Infrastructure as Code (IaC) templates to simplify provisioning cloud infrastructure/quickly deploy software apps; 67% are experiencing increasing misconfigurations 
  • The top challenge for AppSec teams supporting cloud-native dev processes is understanding and managing risk associated with GenAI (45%).
  • 59% release new builds multiple times per week or more; faster development cycles challenges: prioritize remediation, lack of visibility and control, and software released without security testing. 
  • Most use (64%) or plan to use (21%) GenAI or chatbot for code development. 83% of organizations are concerned about the visibility and discovery of developer usage of Gen AI 
  • AI or gen AI (36%) is the most susceptible to compromise and concerning element in the cloud-native application stack. 
  • Only 39% of organizations report that their security teams have visibility for specific applications, reinforcing the necessity for visibility into security testing in development.

You can read the report here. There’s also a blog entry regarding this here.

Leave a comment »

T-Mobile Slapped With A Big Fine For Big Data Leaks

Posted in Commentary with tags on August 16, 2024 by itnerd

If you go through my blog, you’ll find example, after example, after example, after example, after example, after example of T-Mobile being pwned by hackers and customer data being exposed. And according to this Reuters story, The Committee on Foreign Investment in the United States has had enough of the pwnage and has decided to teach T-Mobile a lesson:

The Committee on Foreign Investment in the United States, or Cfius, fined T-Mobile $60 million earlier this year for failing to prevent or disclose unauthorized access to “certain sensitive data,” the panel said on its website. T-Mobile had signed a national security agreement with Cfius in 2018 as part of its merger with Sprint. 

This is the first time that the panel has disclosed the fine, and the decision to mention T-Mobile by name broke with past practice for a government body that’s known for secrecy and whose deliberations are often classified. The panel also published a list of all its penalties since 2018, though without naming the companies involved.

Cfius said the $60 million fine imposed on T-Mobile was the largest in its history. 

Now T-Mobile is a company that according to Wikipedia made about $14 billion in 2023. So a $60 million fine is likely going to be a rounding error to them. Because given how often they’ve been pwned by hackers, it’s pretty clear that they don’t take the security of their customer’s data seriously. Perhaps this fine will send a message that those in charge in the US are finally getting serious about punishing companies that screw up in this manner. Their next task in my opinion is to make the punishments hurt, and hurt so severely so it provides the proper incentive not to be T-Mobile. If I were them, I’d start with copying the EU who got this part right years ago.

Leave a comment »