Tagged With "hackers"
Reply
Re: Hackers can crash your printer, how to not let it happen to you
good blog to send to your customers
Reply
Re: CPD declines to pay ransom in data attack
agree or disagree, did they make the right move?
Topic
HP has another security flaw
HP has another security flaw - Security Week magazine reports that TrapX Security found a cryptocurrency miner on some HP devices - The malware used by the hackers is a self-spreading downloader that runs malicious scripts associated with Lemon_Duck - The hackers uses the HP MFP as an entry point to the victim’s network
Topic
Cybersecurity Update
- TV celebrity Scott Disick, father of 3 children with Kourtney Kardashian, has filed a lawsuit against All Points Lodge Rehab in Edwards, Colorado for a HIPAA breach. o He reportedly had recently checked himself into the facility for substance abuse, and apparently an employee at the facility may have sold this story to tabloid publications. - Ann and Robert Lurie Children’s Hospital of Chicago, IL notified 4,824 patients that their PHI was illegally accessed by a former employee. - Vanessa...
Topic
Hackers hit A-list law firm of Lady Gaga, Drake and Madonna
The website for Grubman Shire Meiselas & Sacks is down and hackers claim to have 756 gigabytes of data including contracts and personal emails. A screenshot allegedly of a Madonna contract has been released, and the criminals are demanding payment. The New York law firm says it has notified its clients and is working with cyber-security experts. It's not known what sum the hackers are demanding and whether the law firm is negotiating with them. read the rest here
Topic
Hackers Expose Data of 2.4M UK Cellphone Co. Customers
Hackers Expose Data of 2.4M UK Cellphone Co. Customers British data protection watchdog the Information Commissioner's Office said Monday that it is investigating a hacking breach of mobile phone retailer Carphone Warehouse that may have exposed the...
Topic
Auxilio Announces New Printer Fleet Security Service Offering to Combat an Increasing Entry Source for Hackers
AUXILIO Earns Expanded Managed Print Services Contract with Sutter Health Adding Sutter Health East Bay Region MISSION VIEJO, CA, United States, via ETELIGIS INC., 11/12/2014 - - A uxilio , Inc. ( http://www.auxilioinc.com/ ) (OTC Q B : AUXO...
Topic
Hackers can crash your printer, how to not let it happen to you
It's difficult getting into the mind of a cybercriminal, you never know how they're going to attack. Lately, they seem to be favoring phishing emails used to steal your credentials and ransomware that encrypts your critical files. Sometimes they get super creative so people don't see it coming. That's exactly what's happening now. Hackers have found a way to crash your printer, but you have the power to stop them. Is your printer secure? Security researchers at Trustwave say hackers have a...
Topic
IT Managed Services Provider HaonTech.com, LLC Announces 3rd Annual FBI Cyber Crime ...
Teaneck-based IT managed service provider HaonTech.com, LLC announces FBI Cyber Crime Briefing for Healthcare executives and business owners on Hackers, Cyber Crime and The Dark Web - Protecting Your Business From Cybercriminals, Hackers and Breaches on Thursday December 19, 2019 at 12:30 pm. Attendees can register for this event http://www.CybersecurityEXPO.net . During this education seminar attendees will discover: The #1 security threat to your business that anti-virus, firewalls and...
Topic
Apple launches bug bounty program
Apple launches bug bounty program - Now offering up to $1 million to hackers who can find security holes in Apple products - Includes Watch, iPhone, iPad, Apple TV and iCloud
Topic
CPD declines to pay ransom in data attack
Data at the Chadron Police Department was temporarily unavailable for a time recently, after the department was hit with a ransomware attack. Hackers accessed an old server with a vulnerable port connected to a copy machine about a month ago, said Police Chief Tim Lordino. “There was no data taken. All of our data was essentially corrupted or encrypted,” he said. The hackers demanded $20,000 in ransom to turn over a key to un-encrypt the data. “We chose not to pay it,” Lordino said. While...
Topic
The Big Hack Attack
Rob is an advisor in Cincinnati at a firm with some half a billion in assets. He’s always thought his cybersecurity was pretty good and figured his firm would be a fairly unappealing target for thieves and hackers. Still, he decided to go one step further and get a penetration test—paying professional good-guy hackers to try to break into his company’s systems and test his weak spots. He felt confident. He had a brother who worked in IT security at a big company and felt he knew the risks...
Topic
Russian hackers show why you need to change your office printer password
Microsoft is warning that a Russian group that was involved with the 2016 DNC hack is attacking corporate networks in a fresh attack against high-value targets. In a blog post (via ZDNet ), the Microsoft Threat Intelligence Center says the Russian hacking group known as Strontium (perhaps more widely known as Fancy Bear ) is responsible for the new attack, which occurred in April. According to Microsoft, the attack went after "a VOIP phone, an office printer, and a video decoder," exploiting...
Topic
80,000 printers are exposing their IPP port online
For years, security researchers have warned that every device left exposed online without being protected by a firewall is an attack surface. Hackers can deploy exploits to forcibly take control over the device, or they can just connect to the exposed port if no authentication is required. Devices hacked this way are often enslaved in malware botnets, or they serve as initial footholds and backdoors into larger corporate networks ( Russian hackers already use this technique ). However,...
Topic
Hackers demand $7.5 million from Telecom Argentina
Telecom Argentina SA suffered a ransomware attack on July 18 and hackers have demanded a ransom of $7.5 million to unlock encrypted files, ZDNet reported. The attack, which is considered to be one of the biggest hacks in the country, caused extensive damage to the company's network. Read more.
Topic
Cybersecurity Update
Cybersecurity Update Bill Gates, Barack Obama, Jeff Bezos, Joe Biden, Kanye West, Elon Musk and many other high profile people had their Twitter accounts hacked. o All their followers received a tweet trying to convince users to send in $1000 in bitcoin - The US National Security Agency is warning hospitals, universities and pharmaceutical companies that Russian hackers are attempting to steal COVID-19 research using email phishing and malware attacks. - Wells Fargo ordered all of its...
Topic
Deloitte report on printer security
Deloitte report on printer security Estimates a 15% increase in sales of desktop printer/MFPs in 2020 due to increase in employees working from home and needing device to complete work o Many retail stores seeing massive increases in sales o Depletion of inventory of devices o 62% of US households had a printer/MFP before COVID-19 pandemic, so actual number is now much higher - Remote workers often do not use strong passwords - Commonly do not have latest firmware on device - Hackers could...
Topic
Cybersecurity Updates
Cybersecurity Updates Cyber consulting firms are getting dragged into post-breach lawsuits, according to article published by Bloomberg Law. o Accenture Plc’s unit was compelled to provide info during recent suit filed against Marriott International o Was forced to turn over cybersecurity firm Mandiant’s report on a cloud hack in another case. o Class action lawyers claim it could provide “a vivid trail for liability” The feds report that in the month of October, 2020, over 2.1 million...
Topic
Cybersecurity Updates
The FBI is reporting that pranksters are hacking into smart devices in the home, accessing the audio and video feeds from the devise (i.e. Alexa, smart TVs, etc.) and then contacting local law enforcement to report a fake crime Hacker than watches the live footage of police response This is called “swatting” Ticketmaster Corp. of New York agreed to pay $10 million to resolve charges stemming from insider-caused breach. Former employee Zeehsan Zaidi pled guilty to the incident T-Mobile Corp.,...
Topic
Computer hackers give tips in interview
Computer hackers give tips in interview article published by Digital Shadows Cybersecurity from discussions with black hat hackers on Dark Web “best country” to live in as a hacker is Russia “underappreciation and low wages” drives people to become hackers Russian police “will not care” if hacker is caught targeting U.S. If former Soviet Union nations are targeted then Russian police will “hunt you down” One tactic used to force company to pay ransom is to shame victim to pressure them into...
Topic
Xerox has another data security issue
Xerox has another data security issue Securicon published report entitled; “Hackers Can Gain Active Directory Privileges Through Vulnerability In Xerox Printers” - Affects WorkCentre MFPs and color MFPs due to Lightweight Directory Access Protocol (LDAP) vulnerability - Hackers can launch a pass-back attack, and then gain control over a customer’s network - Xerox published bulletin notifying customers of forthcoming patches to fix problem
Topic
Tokyo Olympics becomes the latest victim of the Fujitsu hackers
Hackers have made away with data from the computers of the organizing committee of the Tokyo Olympics , according to reports in the Japanese media. Kyodo News reports that the breach has affected over 150 people, all of whom had earlier participated in a cybersecurity drill ahead of next month’s Olympic Games. The leaked data included the names and affiliations of the individuals, who were linked with roughly one hundred organizations that are involved in hosting the sporting event. read...
Topic
HP, Xerox & Samsung security issues
HP, Xerox & Samsung security issues Article published by ITPro magazine and The Digital Hacker magazine Reported on research conducted by University of Catania in Sicily, Italy “16 year old flaw haunts millions of HP, Xerox and Samsung printers” Regarding a collection of hacks labeled “Printjack” Vulnerabilities disclosed included: Attackers can send print jobs in an infinite loop until printer/MFP runs out of paper Intercept print jobs, to steal confidential information Remote code...
Topic
Hackers attacking receipt printers
Hackers attacking receipt printers Vice magazine published report on new hacking activity Bad actors are hacking into receipt printers to force them to insert a pro-labor message on the receipts given to customers Messages are anti-work, pro-union and anti-capitalism in nature
Topic
New Hack Hits Networks 100X Per Minute?
New Hack Hits Networks 100X Per Minute? Dozens of IT magazines reporting of new vulnerabilities being exploited by hackers Called “Log4Shell” or “Log4j”, the security vulnerability affects devices or solutions that use Java platform Apache Log4j is a Java-based logging tool that is used by many manufacturers/companies around the world, that has vulnerabilities recently discovered that hackers are taking advantage of Either through open source libraries or directly embedded in their software...
Topic
Xerox has another security vulnerability
Xerox has another security vulnerability Several IT technology magazines, including NetSmart Technologies, notified customers of a vulnerability that can “brick the device”, making the Xerox printer or MFP unusable. - Hackers can send customers an infected document with a TIFF file that contain malware to lock updevice - Even when device is rebooted, still will not function - Apparently issue is resolved with new firmware
Topic
Hackers attack fax boards in MFPs?
Hackers attack fax boards in MFPs? Article published in Information Security Buzz newsletter - Details how hackers can execute a “faxploit” - Fax lines are not protected by firewalls - Send malicious code across phone line which contain a script that runs on MFP and takes control - Then gain entry onto network to steal data and/or load malware
Reply
Re: Hackers attack fax boards in MFPs?
... I am not sure how you can send malicious code across copper fax lines but there are a lot of devious thinking people out there trying to extort money. As more and more business switch from their traditional analog telephone systems to VOIP systems, traditional analog fax boards in copiers are experiencing more frequent connection problems. XM Fax offers a relaible fax over IP service.
Topic
Cybersecurity
The U.S. federal government is warning organizations that cyberattacks will increase due to the war in Ukraine. Fed gov warns healthcare industry that hackers are using the “Log4j” vulnerability in devices (including some printers and MFPs) to infiltrate networks. The federal Office for Civil Rights (aka HIPAA police) reported that it is aware of 2,304,607 patients that had their PHI exposed in 1/2022 due to breaches. 58% of organizations that have been hit with ransomware have paid the...
Topic
Hackers aim their sites at printers in Russia
Hackers aim their sites at printers in Russia T he infamous hacking group named “Anonymous” announced it is hacking into unsecured printers/MFPs in Russia Goal is to force the devices to print propaganda documents condemning the Russian attack on the country of Ukraine
Topic
Hackers steal over $600 million from video game Axie Infinity's Ronin network
New York (CNN Business) The latest crypto hack has targeted a gaming-focused blockchain network that supports the popular video game Axie Infinity. Hackers made off with about $625 million worth of Ethereum and USDC, two cryptocurrencies, in one of the largest crypto hacks of all time. The hackers breached the Ronin Network, an independent and Ethereum-compatible blockchain developed by Axie Infinity publisher Sky Mavis. Axie Infinity co-founder Jeff Zirlin discussed the hack on stage during...
Topic
Canon warns of possible security issue
Canon warns of possible security issue Potential security vulnerability in the RSA key generating process in the cryptographic library used by many Canon imageRUNNER ADVANCE MFPs and printers as well as imagePRESS models Hackers could use to possibly decipher captured communications Firmware updates to resolve problem now available
Topic
Ricoh warns of possible security issue
Ricoh warns of possible security issue Bulletin describes how some products may be impacted by new Spring4Shell security vulnerability Hackers could launch a RCE (remote code execution) on systems using Java Development Kit Stated investigation is ongoing
Topic
Canon admits another MFP/printer security issue
Canon admits another MFP/printer security issue Published bulletin to its dealers regarding a “buffer overflow vulnerability” in some of its laser printers and MFPs Hackers could use to execute arbitrary code and/or Denial-of-Service attacks Firmware apparently now available to fix vulnerability
Topic
Hackers actively exploit critical RCE bug in PaperCut servers
reported on Bleeping computer Print management software developer PaperCut is warning customers to update their software immediately, as hackers are actively exploiting flaws to gain access to vulnerable servers. PaperCut makes printing management software compatible with all major brands and platforms. It is used by large companies, state organizations, and education institutes, while the official website claims it serves hundreds of millions of people from over 100 countries. The company...
Topic
FBI reports on hackers in China
FBI reports on hackers in China FBI Director, Christopher Wray recently testified in a House Appropriations Committee Informed Congress that Chinese hackers outnumber U.S. cyber specialists by 50 to 1 “If you look at China, their hacking program is bigger than that of every other nation combined” “China is the greatest threat to our country” FBI currently blocks 15 million cyber attacks on the U.S. every week
Topic
Russia hackers attack Papercut servers
Russia hackers attack Papercut servers Microsoft has confirmed that the active exploitation of Papercut on-premise servers is linked to attacks that are designed to deliver Russian C10p and LockBit ransomware Papercut issued bulletin stating that if server is behind a firewall and/or has latest patches, external hackers would not be able to gain access.
Topic
“Juice jacking” is new cyber attack threat
“Juice jacking” is new cyber attack threat Report from the FCC Hackers now using free USB charging outlets in shopping centers, hotels and airports Are able in some cases to plant malware and monitoring software onto smartphones and tablets that use the USB charging stations Reports of infected USB cables given away as promotional gifts
Topic
Bugcrowd report on hackers’ mindset
Bugcrowd report on hackers’ mindset 84% believe that less than half of companies understand the true risk of being hacked 93% are fluent in at least 2 languages 84% say there are more vulnerabilities now than before pandemic 94% plan on using AI to hack 96% are men
Topic
Xerox has another security problem
Xerox has another security problem The Breaking Latest News Security Newsletter is reporting that researchers at BSI in Germany found a new security vulnerability in Xerox’s FreeFlow print servers for production print devices The server’s UNIX and Windows operating systems are affected Hackers can use to compromise the confidentiality, availability and integrity of the system
Topic
Hackers can hear you type?
Hackers can hear you type? Cornell University published research that claims artificial intelligence can identify computer passwords with almost 100% accuracy by listening to sound of keyboard keys being pressed Hackers could use apps like Zoom to listen in “I can only see the accuracy of such models, and such attacks, increasing”; stated Dr. Ehsan Toreini
Topic
Kyocera security issue in the news
Kyocera security issue in the news A number of IT security magazines reported on issue with Kyocera’s Device Manager A web based application that customers use to manage their Kyocera printers and MFPs Hackers could use a vulnerability to gain unauthorized access to customer’s accounts, steal data, or carry out malicious activities Kyocera claims to have issued a patch to fix problem
Topic
HP details security issue related to cartridges
HP details security issue related to cartridges Report from Shivaun Albright, HP Chief Technologist of Print Security If end user places a non-OEM cartridge in an HP device, it could have malware embedded Takes advantage of a vulnerability over the serial interface between cartridge and the device Hacker is apparently able to overflow into memory beyond bounds of buffer, giving them ability to inject code into device Malware could remain on the device after cartridge is removed
Topic
Report on hackers
Report on hackers Research published by HP Inc. 70% of attacks by hackers start with a network endpoint (which includes printers and MFPs) 80% of threats start with an email
Topic
Endpoints still not protected from hackers?
Endpoints still not protected from hackers? Results of survey of IT decision makers published by Delinea Security 64% say top reason for attacks is to steal data 50% say risk of attacks is always on management agenda 91% say more money is being allocated for data security 35% admit that they do not have adequate endpoint protection Category of “endpoints” includes printers, MFPs, scanners, fax
Topic
Canon has another security issue
Canon has another security issue Reported by Security Scorecard Buffer overflow vulnerability could allow hacker to execute arbitrary code Apparently impacts imageCLASS A4 laser MFPs and printers
Topic
Lexmark has another security issue
Lexmark has another security issue Reported by B2B Cyber Security magazine A “server side request forgery” vulnerability exists in over 150 “newer” Lexmark printers and MFPs Hacker can use to get onto customer’s network to “exploit otherwise inaccessible internal systems or extract secrets” (Lexmark is majority owned by Ninestar of China, which, according to federal government, uses slave labor in printer/MFP/toner manufacturing plants in Zhuhai, China)
Topic
Microsoft wants of new Android hack
Microsoft wants of new Android hack Published warning about new “Dirty Stream” security vulnerability which could impact 4 billion devices that use Android OS. Hackers could use to overwrite files and lead to arbitrary code execution and token theft (unknown if this impacts Ricoh MFPs that use the Android OS)