A recent security alert warns of three critical vulnerabilities actively exploited in the wild, of which the first is CVE-2023-48788, an SQL injection vulnerability in Fortinet FortiClient EMS.
Attackers can use SQL injection vulnerabilities to insert malicious SQL code into a program that depends on a database.
It can give attackers unauthorized access to sensitive information, modify data, or disrupt operations.
The second vulnerability (CVE-2021-44529) is a code injection vulnerability present in the Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA).
Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.:
The problem of vulnerability fatigue today
Difference between CVSS-specific vulnerability vs risk-based vulnerability
Evaluating vulnerabilities based on the business impact/risk
Automation to reduce alert fatigue and enhance security posture significantly
AcuRisQ, that helps you to quantify risk accurately:
Code injection vulnerabilities allow attackers to inject malicious code into a legitimate program or application.
In the case of CVE-2021-44529, it enables attackers to take control of the EPM CSA server, steal data, or install malware.
The third vulnerability (CVE-2019-7256) is an OS command injection vulnerability found in Nice Linear eMerge E3-Series devices, which allows attackers to execute arbitrary commands on the operating system of the affected device.
It can grant attackers complete control over the device, allowing them to steal data, install malware, or disrupt critical systems, as all three of these vulnerabilities are classified as critical due to the potential severity of an exploit.
As per CISA , a recent security alert highlights three critical vulnerabilities actively exploited by malicious actors, posing a significant risk to federal systems and affecting the following software and devices, which many people use: Nice Linear eMerge E3-Series devices (CVE-2019-7256), which may be used for IP telephony or videoconferencing, Fortinet FortiClient EMS (CVE-2023-48788); and Ivanti Endpoint Manager Cloud Service Appliance (EEM CSA, CVE-2021-44529).
Example of SQL Injection
The vulnerabilities themselves cover different injection techniques but achieve similar results: attackers can inject malicious code to gain unauthorized access, steal data, install malware, or disrupt system operations.
The vulnerabilities align with the established Binding Operational Directive (BOD) 22-01, which identified known exploited vulnerabilities as a major threat to federal systems.
The BOD mandates Federal Civilian Executive Branch (FCEB) agencies to address such vulnerabilities by designated due dates to safeguard their networks from active exploitation.
A security alert underscores the critical importance of promptly addressing vulnerabilities listed in a central catalog, known as vulnerability management, which is essential for maintaining a strong cybersecurity posture.
It involves proactively identifying, classifying, prioritizing, and remediating security weaknesses in systems and applications, while a specific directive (BOD 22-01) mandates vulnerability management for certain agencies, but all organizations are urged to follow suit.
Attackers are actively utilizing critical vulnerabilities in the central catalog and taking various forms, including SQL injection, code injection, and OS command injection vulnerabilities.
In a successful SQL injection attack, for instance, attackers can inject malicious SQL code into a program to steal data or disrupt operations, while code injection vulnerabilities allow attackers to inject malicious code into a target system to achieve similar ends.
OS command injection vulnerabilities grant attackers the ability to execute arbitrary commands on the operating system, potentially giving them full control over the affected device.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.
April 2024 security update starts rolling out to the Galaxy S24 series with camera fixes
Needless to say, this is quite early for an April update, as we’re still in March at this point. It’s not even the last day of March or anything like that, we have almost a week to go at this point. This update will spread to more markets soon.
As already mentioned, the update is rolling out to all three Galaxy S24 handsets. The firmware version is S92xNKSU1AXCA in Korea and S92xBXXU1AXCA in Europe, and the download size is 797.83MB and 920.97MB, respectively. So it’s not a small update by any means, and we presume that those camera updates are the main reason why.
Samsung improved the white balance accuracy and exposure when it comes to the camera. In addition to that, the low-light image quality has been improved too. The company also fixed up the color accuracy in the ExpertRAW camera app.
If you’ve been having issues with text clarity in high-zoom shots, don’t fret, as that should be better now too. The last entry says that support for videos with 480×480 pixels resolution in the Instant Slow Mo feature has been added.
This update is rolling out in stages in Korea and Europe. More markets are expected to follow in the coming days/weeks. Considering the size of the update, it may not be a bad idea to update via a WiFi connection, rather than mobile data. It’s up to you, though.
WhatsApp stands as one of the most widely used messaging apps globally, and ever since its acquisition by the tech giant Meta, it’s been evolving with more social media-like features. Recently, we reported on WhatsApp status updates becoming increasingly similar to Instagram stories, now allowing users to tag others. And it seems further changes are on the horizon for status updates.In the newest WhatsApp beta for Android (v2.24.7.16) update, the team at WABetaInfo uncovered a redesigned editor page for status updates. It now includes a Text option alongside the existing Video and Photo options at the bottom of the screen. Currently, WhatsApp only allows video and photo updates through the My Status option in the Updates tab.
Image Credit–WABetaInfo
In the screenshot, you can see that at the bottom of the screen, users will have the choice to select whether to share text, videos, or photos, making the sharing process even better. This new way of sharing status updates is still in the works and will be available in a future update of the app.
Right now, users can only get to the text-based status editor by tapping the pencil icon in the Updates tab. It’s good to know that WhatsApp doesn’t let you switch the status type (text, photo, video) once you’re in the editor/preview page. If you need to change it, you will have to go back and start over.
If the new update moves out of beta and becomes official, it could bring several benefits, especially by cutting down the number of steps needed to switch between text and media. With this choice integrated directly into the composer, users can swiftly switch between various types of content without having to leave the current screen. This will improve efficiency and convenience.
CrowdStrike and HCLTech, a leading global technology company, have announced a strategic partnership.
This collaboration aims to enhance HCLTech’s managed detection and response (MDR) solutions with the cutting-edge AI-native CrowdStrike Falcon® XDR platform.
Here’s a detailed look at this partnership and its implications for the cybersecurity landscape.
Partnership Announcement
CrowdStrike and HCLTech’s partnership marks a pivotal step in the fight against the ever-evolving cyber threats facing organizations today.
Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.:
The problem of vulnerability fatigue today
Difference between CVSS-specific vulnerability vs risk-based vulnerability
Evaluating vulnerabilities based on the business impact/risk
Automation to reduce alert fatigue and enhance security posture significantly
AcuRisQ, that helps you to quantify risk accurately:
By integrating the CrowdStrike Falcon® XDR platform into HCLTech’s MDR solutions, this alliance is set to deliver comprehensive cybersecurity transformation across various domains, including device, identity, cloud, data, next-gen SIEM, and more.
This collaboration empowers organizations with the tools and expertise needed to effectively counteract cyber threats and ensure robust digital security.
Quotes from HCLTech and CrowdStrike Executives
“Delivering a Dynamic Cybersecurity Posture is core to our solutions and engagements, and the partnership with CrowdStrike will further strengthen our commitment to accelerate this journey for our customers.”
Amit Jain, Executive Vice President – HCLTech
He highlighted the synergy between HCLTech’s managed services solutions and the CrowdStrike Falcon XDR platform, which creates a formidable defense against cyber threats.
“Our partnership with HCLTech extends the reach of the Falcon platform to new customers and markets, expediting spend consolidation and improving operational efficiencies.”
Daniel Bernard – CrowdStrike’s Chief Business Officer
He emphasized the mutual mission of securing the world’s largest enterprises on cybersecurity’s winning platform.
This strategic partnership between CrowdStrike and HCLTech represents a significant advancement in enterprise cybersecurity. It promises to deliver robust defenses against the sophisticated cyber threats of today and tomorrow.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.
HONOR has been making strides in the market for quite some time now. The company has been growing quite a bit, and it released some truly compelling devices in the last year or so, including some innovative foldable smartphones. What HONOR did not launch is a flip phone, but it will do so soon. The alleged HONOR Magic Flip design appeared onli
The alleged HONOR Magic Flip design surfaced online
The image surfaced on Weibo, from a tipster known as Mr. Guan. You can check out the image below. Based on this, the HONOR Magic Flip will have a large cover display and two vertically-oriented cameras.
Those two cameras will seemingly be a part of the phone’s display, they won’t be a separate entity. The phone will fold right down the middle, of course, and HONOR’s logo is visible here too. You’ll also notice that vegan leather is used on the back, if you take a closer look.
This is an all-black model of the device, and you will notice its physical buttons on the right-hand side. The power/lock button doubles as a fingerprint scanner, and the volume rocker buttons sit above it.
HONOR confirmed that it will launch its first flip phone in 2024
Do note that this design could be false, it could be just a concept. It looks plausible enough, though, and HONOR is launching its first flip phone this year, so… take note of that.
The HONOR Magic V2 managed to surprise many people, us included, with how thin and light it is. It feels like a regular smartphone in the hand. HONOR followed that up with a Porsche Design variant of the phone, which is just as compelling, if not more so.
HONOR has big plans for this year, and they include two firsts, as already mentioned. Let’s wait and see what will HONOR offer in the flip phone category.
WhatsApp’s latest update brings a couple of new features and a bunch of fixes, especially on iOS. One of the highlights of the update is the ability to forward and rewind a video, thus adding a bit more convenience when you want to return to a video to check something in particular.
This feature has been in testing since last year, but it seems to be making its way to iOS devices now. We’re not sure if the same feature is also available for Android users since the changelog hasn’t been updated on the Google Play Store yet.
What you should know is that the update released on March 25 should allow you to quick forward/rewind by double tapping the edge of a video. According to WhatsApp, this feature will be rolled out to everyone in the coming weeks, so be patient if you don’t see it yet.
Along with the new functionality, WhatsApp has also included a bunch of improvements and bug fixes, as well as the ability to start conversations and discuss with Meta AI and AI bots from Mac. Here is the full changelog below:
You can now see the chat options menu when hovering over the chat list
Improved spacing and hover states in Call History and Status
Fixed an issue where the cursor disappeared after clicking an emoji suggestion
Fixed an issue where quoted message text was sometimes extending outside the message
Fixed an issue where messages were sometimes duplicated when editing a media caption
Fixed an issue that prevented quitting the app when it had expired
Fixed an issue where reactions sometimes didn’t appear in message previews
Fixed an issue where the toolbar was sometimes obscured
Fixed an issue where the Cancel button was hidden when forwarding media
Although the Android version has been updated too on the same day, it’s unclear if includes the ability to forward/rewind a video directly in the app.
Giant Tiger, a prominent Ottawa-based discount retailer, has announced a breach of customer data.
This incident, linked to a third-party vendor responsible for managing the retailer’s customer communications and engagement, has put the personal information of an undisclosed number of customers at risk.
The Breach Unveiled
The security lapse was discovered on March 4, and Giant Tiger concluded by March 15 that customer information was indeed compromised.
Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.:
The problem of vulnerability fatigue today
Difference between CVSS-specific vulnerability vs risk-based vulnerability
Evaluating vulnerabilities based on the business impact/risk
Automation to reduce alert fatigue and enhance security posture significantly
AcuRisQ, that helps you to quantify risk accurately:
Alison Scarlett, a spokesperson for Giant Tiger, emphasized the company’s commitment to resolving the issue swiftly and transparently.
However, the identity of the implicated vendor remains undisclosed.
In response to the breach, Giant Tiger has been proactive in notifying affected customers and advising them to be vigilant about suspicious emails and phone calls.
The compromised data varies among customers but predominantly includes names, email addresses, and, for some, phone numbers and street addresses.
This information pertains to Giant Tiger’s email subscribers, loyalty members, and those who have placed online orders for in-store pickup or home delivery.
According to a recent report by CBC News, Giant Tiger, the discount retailer, has confirmed that its customer data was compromised due to a third-party breach.
The Scope of the Breach
Scarlett refrained from providing a specific figure but indicated that the number of impacted customers correlates with each program’s enrollment.
This breach is part of a growing trend of cybersecurity incidents involving third-party vendors, a point highlighted by Ritesh Kotak, a cybersecurity technology analyst and lawyer based in Ontario.
Kotak warns that such breaches often occur when companies share data with third parties for marketing and advertising, leaving customers vulnerable if these partners lack robust cybersecurity and privacy protocols.
He advises those affected to monitor their accounts closely and be wary of phishing attempts designed to harvest further information or deceive them into making purchases.
In a recent tweet by NewsMarket Today, it was reported that Giant Tiger’s customer information was compromised in a data breach.
No Payment Information Compromised
It’s a small consolation that no payment information or passwords were included in the compromised data.
Giant Tiger has enlisted cybersecurity experts to investigate the breach independently.
The retailer assures that the incident did not affect its store systems and applications.
This incident adds Giant Tiger to the list of Canadian organizations hit by cybersecurity breaches in recent years, joining the ranks of Indigo Books & Music, the LCBO, the Nova Scotia government, the Toronto Public Library, and the City of Hamilton in Ontario.
Scarlett’s statement to The Canadian Press underscores Giant Tiger’s regret over the incident and its dedication to employing best practices to prevent future breaches.
As the digital landscape continues to evolve, so too does the complexity of protecting consumer data, highlighting the need for stringent cybersecurity measures across all sectors.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.
Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have warned technology manufacturers and their customers about the persistent threat posed by SQL injection vulnerabilities.
Despite being a well-documented issue for over two decades, SQL injection—or SQLi—vulnerabilities continue to be a prevalent defect in commercial software products, leaving thousands of organizations at risk.
Persistent Threat of SQL Injection
SQL injection vulnerabilities allow malicious cyber actors to compromise a database’s confidentiality, integrity, and availability by executing arbitrary queries.
Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.:
The problem of vulnerability fatigue today
Difference between CVSS-specific vulnerability vs risk-based vulnerability
Evaluating vulnerabilities based on the business impact/risk
Automation to reduce alert fatigue and enhance security posture significantly
AcuRisQ, that helps you to quantify risk accurately:
This class of vulnerability stems from the software developers’ failure to adhere to security best practices, particularly the separation of database queries from user-supplied data.
The recent campaign exploiting SQLi defects in a managed file transfer application, impacting thousands, has prompted CISA and the FBI to urge a formal review of code by technology manufacturers to eliminate this threat.
Secure by Design: A Proactive Approach
The “Secure by Design” concept emphasizes the importance of incorporating security measures from the outset of product development.
This approach reduces the cybersecurity burden on customers and minimizes public risk.
Despite being labeled as “unforgivable” since 2007, SQL vulnerabilities continue to rank high on the list of most dangerous and stubborn software weaknesses in 2023, according to MITRE’s CWE Top 25.
DeepBlue Security & Intelligence recently tweeted that the Cybersecurity and Infrastructure Security Agency (CISA) has recommended developers eliminate SQL injection vulnerabilities in their software.
Preventing SQL Injections
To combat SQLi vulnerabilities, software developers are encouraged to use parameterized queries with prepared statements, which effectively separates SQL code from user-supplied data.
This method ensures that user input is treated as data rather than executable code, mitigating the risk of SQL injection attacks.
However, CISA and the FBI caution against solely relying on input sanitization techniques, which can be bypassed and are difficult to enforce at scale.
Principles for Secure by Design Software
CISA and the FBI have outlined three key principles for achieving Secure by Design software:
Take Ownership of Customer Security Outcomes:
Manufacturers must prioritize security by adopting prepared statements with parameterized queries and conducting formal code reviews to identify vulnerabilities.
Embrace Radical Transparency and Accountability:
Transparency in disclosing product vulnerabilities and tracking software defects is crucial.
Manufacturers should participate in the CVE program, which aims to eliminate entire classes of vulnerabilities.
Build Organizational Structure and Leadership to Achieve These Goals:
Security should be a core business goal, with investments and incentives aligned to promote secure coding practices and proactive vulnerability detection.
The alert serves as a call to action for software manufacturers to adopt a comprehensive set of Secure by Design practices beyond just mitigating SQL injections.
Manufacturers are urged to publish their Secure by Design roadmap, demonstrating a strategic commitment to customer safety.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.
The OnePlus 10T was announced on August 3, at an event in New York City. The company’s first in-person event in nearly two years, due to the pandemic. This would be OnePlus’ second flagship device launched in 2022, behind the successful OnePlus 10 Pro which was initially launched in China in January, and then launched globally in 2022.
The OnePlus 10T isn’t necessarily a successor to the OnePlus 10 Pro. Unlike in previous years, OnePlus is really trying to keep both phones on the market, at different price points. The OnePlus 10 Pro is the premium flagship, while the OnePlus 10T is a slight step down in specs, features and price.
OnePlus 10T will continue to get updates until October 2025, with security updates until October 2026.
Now we’re here to tell you everything you need to know about the OnePlus 10T and if you should actually buy this phone or not.
When will the OnePlus 10T be available?
In most regions, it’ll be available in August. However in North America, pre-orders open September 1 and it’ll be available starting on September 29.
China will have access to the OnePlus 10T starting on August 3. India will have open sales starting on August 6, and Europe will start open sales in mid-August.
It’s currently unclear why there is such a staggered release date for the OnePlus 10T, but the global chip shortage is likely a big reason why.
How much will the OnePlus 10T cost?
The OnePlus 10T will come in two colors – Moonstone Black and Jade Green. It’ll also come in two RAM and storage configurations like usual for OnePlus. That’s a 8GB of RAM and 128GB of storage, or 16GB of RAM and 256GB of storage. OnePlus says that the 16GB model can actually allow for about 35 apps to stay in memory, compared to only 6 with the 8GB of RAM model. These are apps that will stay in memory and not need to redraw when you go back to them.
As far as price goes, the 8GB/128GB model is going to cost $649 in the US, and the 16GB/256GB model will cost $749.
Where can I buy the OnePlus 10T?
At launch, the OnePlus 10T will be available from OnePlus.com, Amazon and Best Buy. With pre-sales starting on September 1.
OnePlus has not yet announced any carrier partnerships for the OnePlus 10T, but we are expecting it to be on sale at T-Mobile.
What offers are available for the 10T?
With pre-sales not starting until next month, OnePlus has not yet announced any offers for the OnePlus 10T just yet. And neither have the carriers. But there will likely be some decent trade in offers that will help you get a good price on the 10T.
Does the OnePlus 10 Pro get a price drop?
OnePlus is also announcing that the 10 Pro is getting a price drop. It’s dropping $100, going down to $799. That means that for $150 more, you’re getting a lot more phone with the 10 Pro, compared to the 10T.
This price drop will be permanent.
What carriers will support the OnePlus 10T?
The OnePlus 10T is a carrier unlocked smartphone, so you do need to pay attention to what carriers it’ll work on. It will work on T-Mobile, and likely on Verizon once it gets certified.
The spec sheet shows that it does support Sub-6 5G bands across all three carriers – AT&T, T-Mobile and Verizon. However, Verizon and AT&T will need to certify the device for it to work on its network. It’s also important to note you likely won’t get HD Voice or WiFi Calling in addition to no 5G access. That’s why certification is so important, and OnePlus doesn’t normally get certification before their launch.
What colors does the OnePlus 10T come in?
OnePlus is offering the 10T in two colors once again, which are similar to the 10 Pro from earlier this year. It’ll come in Moonstone Black and Jade Green.
The Moonstone Black is kind of an homage to the sandstone material that OnePlus used on the OnePlus One many years ago. It’s a textured back, that actually looks and feels really nice in the hand. This makes it easier to hold onto, if you do decide you want to go without a case.
The Jade Green is more of a matte finish, kinda like a lot of the other phones on the market today.
What are the specs of the OnePlus 10T?
In the table below, we are comparing the specs of the OnePlus 10T to the OnePlus 10 Pro. Since both are on the market as “flagships” from OnePlus, and are pretty similar in price.
OnePlus 10T
OnePlus 10 Pro
Display
6.7-inch FHD+ Fluid AMOLED Adaptive 120Hz
6.7-inch FHD+ LTPO Fluid2 AMOLED Adaptive 120Hz
Processor
Snapdragon 8+ Gen 1
Snapdragon 8 Gen 1
RAM
8GB/16GB
8GB/12GB
Storage
128GB/256GB
128GB/256GB
Battery Capacity
4800mAh
5000mAh
Charging Speeds
150W (125W in North America) fast wired charging No wireless charging
80W (65W North America) fast wired charging 50W wireless charging Reverse wireless charging
Software
Android 12, OxygenOS 12.1
Android 12, OxygenOS 12
Rear Cameras
50MP wide 8MP ultrawide 2MP macro
50MP wide 8MP telephoto 48MP ultrawide
Front Camera
8MP
32MP
Dimensions
163 x 75.37 x 8.75mm
163 x 73.9 x 8.6mm
Weight
203.5 grams
200.5 grams
Price
$649
$799.99
Colors
Moonstone Black Jade Green
Volcanic Black Forest Emerald
Available
Pre-order on Sept. 1
Yes
What new features did OnePlus unveil?
Being that the OnePlus 10T is running Oxygen OS 12.1, there’s not a lot of new features here on the 10T, compared to the 10 Pro. As most of those new features are being saved for Oxygen OS 13 which will come later this year. But there are some new goodies here.
HyperBoost Gaming Engine
The OnePlus 10T wants to be a gaming phone, without really being a gaming phone. So it has included its new HyperBoost Gaming Engine.
This powers three features on the OnePlus 10T, to make gaming smoother and more responsive. That includes:
General Performance Adapter (GPA) Frame Stabilizer
GPU Load Control (GLC)
LSTouch
The GPA Frame Stabilizer on the 10T will reduce the frame rate fluctuation when gaming for a smoother and more stable gaming experience. While GLC is designed to improve the efficiency of graphics rendering and to reduce rendering power consumption when playing games. Finally, the LSTouch works with the 1,000Hz instant touch sampling on the OnePlus 10T to improve the responsiveness when gaming.
All of that works to bring you an impressive gaming experience on the OnePlus 10T.
Smart Link
Another new feature on the OnePlus 10T is the Smart Link. This works to improve upload signals and speed by acting as an advanced signal navigation system that proactively finds the best way to avoid network congestion. So it can provide you with the best experience possible.
This actually works well with the new 360-degree antenna system on the 10T. The OnePlus 10T has 15 antennas that inside, and form a 360-degree antenna system. This is why the Alert Slider was removed from the 10T, to make room for this. The new system works to deliver stronger WiFi and cellular signals, no matter how you are using or holding your phone.
How many software updates will the OnePlus 10T get?
OnePlus is promising three Android version updates, which means it’ll be updated through Android 15. It comes at a rather odd time for releasing phones, since Android 13 is set to be released within the next month, and that would count as the first Android version update.
On the security side, OnePlus is promising four years of updates.
How fast does it charge?
OnePlus has been pushing the envelope for a few years, on how fast it can charge a device. And with the OnePlus 10T, we’re getting 125W of charging speeds.
Similar to the OnePlus 10 Pro, the 10T is getting faster charging outside of the US. This comes down to the outlets found in homes in the US versus in Europe and Asia. In the US, we normally have 110V or 120V outlets. While many other countries have 220V or 240V outlets. Which allows the new SUPERVOOC charger to charge faster. So in the US, we get 125W, while Europe and India get 150W.
However, OnePlus is including the exact same charger in the box for all 10T models. That means that if you buy a 10T in the US and then travel to Europe with your charger, you’ll get those faster charging speeds. The charger is 160W, and the reason for that, is to ensure that it has the higher voltage needed to get the best charging speeds possible.
Even at 125W, OnePlus claims that it can charge from 1 to 100% in 20 minutes. And 1 to 65% in just under 10 minutes.
How does OnePlus protect my battery?
Fast charging a smartphone battery can really damage it over time, and keep it from lasting as long as it should. But OnePlus has some safe guards in place. Like the new Intelligent Charging Management. The OnePlus 10T supports a trio of charging management systems that improve charging safety, efficiency and reduce heat emitted during the process. These include:
Dual charge pump
VFC trick charging optimization algorithm
Customized Smart Charging Chip
OnePlus is also using a dual-cell battery on the OnePlus 10T. Basically, it’s two batteries like you’d find in a foldable smartphone, which enables the phone to support a higher battery current, for faster charging speeds.
So you don’t need to worry about the charging of your OnePlus 10T affecting the battery in the long run. OnePlus says that the battery is rated at 1,600 cycles to remain around 80% of its capacity. Which is far more than most other smartphones. Since the majority of its competition rates it around 300-500 cycles to remain at 80% capacity.
Should I upgrade to the OnePlus 10T?
That’s a tough question, but OnePlus is clearly positioning the 10T and the 10 Pro for different audiences. The OnePlus 10T is all about performance, while the 10 Pro is more about the experience and the cameras.
At $649, however, the OnePlus 10T is a very competitive smartphone. It’s right on par with the Galaxy S22 Plus which retails for $999, however OnePlus is selling their 10T for $350 less, with almost identical specs.
It’s official, DIRECTV Stream is finally here. On the surface, DIRECTV Stream is really just a rebrand of AT&T TV (which was a rebrand of DIRECTV NOW). But there are some changes here that you need to be aware of. So we are going to tell you everything you need to know about DIRECTV Stream. And whether it’s worth using as your new Live TV Streaming service.
When did DIRECTV Stream launch?
DIRECTV Stream officially launched on August 26, 2021.
As mentioned, it’s really just a rebrand of AT&T TV (and AT&T TV NOW), and that’s because AT&T kinda sold off DIRECTV. So it needed to branch out its streaming TV service, and get rid of the “AT&T” name from it. But instead of going back to DIRECTV NOW, it’s now DIRECTV Stream.
How much does DIRECTV Stream cost?
Update: Prices for DIRECTV Stream will increase in January 2023. All plans are seeing a price increase, of at least $5 per month. Some are seeing a $10 increase.
Update 2: Prices for DIRECTV Stream have increased a second time this year. Starting in November 2023, prices will start at $79.99 per month
DIRECTV Stream offers four different tiers, similar to AT&T TV. Their no-contract plans start at $94.98 per month for their Entertainment Plan, which includes 65 channels. Then there’s the Choice Plan that begins at $123.98, with Ultimate at $134.98. DIRECTV Stream has also added its Sports package to every plan, so now you’re paying $15 more than you would without sports, which is rather unfortunate, especially if you don’t like sports or don’t watch them.
What different tiers are available?
As mentioned already, there are four tiers available for DIRECTV Stream. Entertainment will cost you $69.99 per month and includes 65+ channels. If you want to get your regional sports channels (which DIRECTV Stream is the only streaming service that has these now), you’ll want to get Choice or higher. This includes 90+ channels for $84.99.
If that’s not enough channels, Ultimate is available for $94.99 with 140+ channels.
Contract vs no-contract plans?
DIRECTV Stream is available as a no-contract streaming TV service, which is honestly how you should sign up for it. While the contract plans are cheaper, they then jump to a much higher price in the second year. It’s also almost impossible to sign up for DIRECTV Stream on a contract. And that’s probably a good thing.
What channels does DIRECTV Stream offer?
So what channels are available on DIRECTV Stream? Well, most of them, to be quite honest. In the table below, you can see how the channel lineups stack up for each tier.
Entertainment $95
Choice $124
Ultimate $134
Premier $170
A&E
✓
✓
✓
✓
AMC
✓
✓
✓
✓
BET
✓
✓
✓
✓
Bravo
✓
✓
✓
✓
Cartoon Network
✓
✓
✓
✓
CNN
✓
✓
✓
✓
Comedy Central
✓
✓
✓
✓
Discovery
✓
✓
✓
✓
Disney Channel
✓
✓
✓
✓
Disney Junior
✓
✓
✓
✓
E!
✓
✓
✓
✓
ESPN
✓
✓
✓
✓
Food Network
✓
✓
✓
✓
Fox News
✓
✓
✓
✓
Freeform
✓
✓
✓
✓
FX
✓
✓
✓
✓
FXX
✓
✓
✓
✓
Hallmark Channel
✓
✓
✓
✓
HGTV
✓
✓
✓
✓
History
✓
✓
✓
✓
Investigation Discovery
✓
✓
✓
✓
Lifetime
✓
✓
✓
✓
MSNBC
✓
✓
✓
✓
MTV
✓
✓
✓
✓
Nickelodeon
✓
✓
✓
✓
Paramount Network
✓
✓
✓
✓
Syfy
✓
✓
✓
✓
TBS
✓
✓
✓
✓
TLC
✓
✓
✓
✓
TNT
✓
✓
✓
✓
Travel Channel
X
✓
✓
✓
truTV
✓
✓
✓
✓
USA Network
✓
✓
✓
✓
VH1
✓
✓
✓
✓
WE tv
✓
✓
✓
✓
And here’s how DIRECTV Stream stacks up against the competitors.
Given the fact that a number of streaming TV services have been forced to drop regional sports networks, you may be interested in seeing which ones DIRECTV Stream actually has. Let’s see how they stack up in both national and regional sports networks.
While local channels are indeed free, and you can get them just by buying an antenna for your TV, it is definitely convenient to have it included in your TV service. And DIRECTV Stream does have all of your locals. Here’s how it stacks up to the competition.
The features available on DIRECTV Stream are very similar to AT&T TV (NOW). That includes DVR support, a ton of simultaneous streams, and more. Let’s go over the features of DIRECTV Stream.
Is there DVR included in DIRECTV Stream?
All new customers will get unlimited DVR with DIRECTV STREAM. If you are on a grandfathered plan, you will stick with your current DVR plan – that could be as little as 20 hours.
Unlimited DVR is included in the price, and recordings will remain on your account for up to 9 months. However, there is a caveat. In a series, DIRECTV STREAM will only keep the most recent 30 episodes. Deleting the oldest recordings. So you won’t be able to keep episodes of something like Friends on your account, to watch whenever.
How many simultaneous streams are included?
Get ready to be blown away. DIRECTV Stream allows you to have 20 simultaneous streams. That’s pretty crazy. Most services only offer 3-5 simultaneous streams. And you can pay more for more streams.
But there is a caveat, as you might expect. It’s 20 simultaneous streams in the same home and on the same WiFi network. However, there are only three if you are on different WiFi networks. So, if you are sharing DIRECTV Stream with others who are not in your home, you’re still limited to just three streams at a time.
What devices work with DIRECTV Stream?
DIRECTV Stream works on pretty much every device you would expect it too. But if for some reason you don’t have any of these devices, you can “rent” a box from AT&T, which is essentially an Android TV box with DIRECTV Stream pre-loaded on it. And they will happily charge you $5 per month for it. If you don’t have one of the devices below, we recommend buying the Chromecast with Google TV or even a Roku, which can be as cheap as $20.
These devices work with DIRECTV Stream:
Amazon Fire TV (2nd generation and newer)
Android
Android TV
Apple TV (4th and 5th generation)
Chromecast with Google TV
Chromecast Built-in TV (select models)
DIRECTV Stream device
iOS (devices running iOS 11 and later)
Roku
Samsung Smart TV (2017, 2018, 2019 and 2020 models)
What is the DIRECTV Stream device?
The DIRECTV Stream device is essentially an Android TV box that AT&T is renting to customers. It has the DIRECTV Stream app pre-installed, of course. However, you can also install other apps from the Google Play store. It also has Google Assistant available, and it’s super easy to set-up. There’s no need to have someone come and install it for you.
AT&T will “rent” this to you for $5 per month. Or you can pay $120 upfront. This is pretty overpriced for what it is. When the Chromecast is combined with Google TV, it will likely perform better for less than half the price.
Can I keep my existing plan & price from AT&T TV?
Existing DIRECTV Now, AT&T TV, and AT&T TV Now customers are grandfathered in. So you can keep your current plan and price.
However, you may find that these plans are better than what you currently have even though the prices are now higher. But the bottom line is, if you had DIRECTV Now, AT&T TV, or AT&T TV Now, you won’t be moved to one of these new plans, which is a good thing.
Do AT&T TV customers need to do anything to use DIRECTV Stream?
Nope. Like with most service rebrandings, the current AT&T TV app will be rebranded to DIRECTV Stream. That update will likely begin rolling out on August 26. All you need to do is update the app on all of your devices, and you’re good to go. It’s very likely that the update will happen automatically. So there’s even less to worry about here, which is really nice.
Is it worth it to switch to DIRECTV Stream?
This really depends on what channels you need and what content you watch. And if you really want your regional sports networks back. As DIRECTV Stream is the only service with the regional sports networks right now. And that is also why it is more expensive than other services like YouTube TV.
However, DIRECTV Stream is becoming a very competitive service with this rebrand. It offers more channels and an unlimited DVR option. It has me looking twice at the service, considering that was the biggest reason I was sticking with YouTube TV – that unlimited DVR. But it is quite a bit more expensive than YouTube TV when you add the DVR and regional sports. Looking at $95/month plus tax. At the same time, YouTube TV is still $65. Are sports really worth an extra $30? Perhaps to some people.
This is what we need in the streaming live TV space, though. We need more competition, and forcing these services to compete with each other is going to either drive the price down or give us more channels and features to justify that price because cable is indeed dead.
