Skip to main content

Tagged With "vulnerability"

Reply

Re: Fax vulnerability in HP all-in-one printers

fisher ·
One of my large medical accounts contacted me about this one. They were totally freaked out over this potential threat even though they had no machines in their fleet with the vulnerability. Meanwhile you could walk to almost any fax machine in any of their locations and grab patient info from the fax trays.
Topic

Fax vulnerability in HP all-in-one printers

Art Post ·
Fax vulnerability in HP all-in-one printers August 22, 2018 Ricoh Company Ltd. A vulnerability was recently disclosed by Check Point Software Technologies Ltd. wherein the fax protocol was exploited on a Hewlett Packard all-in-one printer to take control of the device by sending a crafted fax via telephone line and then gain access to the connected network. Because the vulnerability is part of the fax protocol itself, it's suspected that devices from other manufacturers may also be...
Topic

More security threats for printers/MFPs

Art Post ·
More security threats for printers/MFPs Forescout Security published new report detailing how millions of IoT devices are at risk from TCP/IP stack flaws Named the new vulnerabilities “Amnesia 33” “you can crash devices with a single data packet”; stated Elisa Costante, VP of Research “We find that the DNS, TCP and IP substacks are the most often vulnerable” Flaws impact any system that is running a vulnerable TCP/IP stack, which could include printers, MFPs, medical devices, industrial...
Topic

Recent highlights from the associated MSSP Alert research

Art Post ·
Recent highlights from the associated MSSP Alert research MSSP revenue expects a 16% increase from 2020 MSSPs surveyed that 85% expect to be profitable Frequent attacks targeting MSSP clients in 2021 Vulnerability exploits 87% Phishing 96% Ransomware 89%
Topic

Cybersecurity Notes

Art Post ·
Cybersecurity Updates Positive Technologies published research that 93% of penetration tested computer networks are vulnerable to some type of security breach. 71% of the cases, an attacker could affect businesses in a way deemed “unacceptable” Fort Smith Health Centre of Fort Smith, Canada notified an unknown number of patients that their PHI was exposed after paper medical records were discovered spread across the floor in a staff washroom. SonicWall notified an unknown number of customers...
Blog Post

Lead for Vulnerability Assessment

Art Post ·
click image for web link
Blog Post

Lead for Vulnerability Study

Art Post ·
SEE Attached document
Topic

mportant update! iPhones, Macs, and more vulnerable to zero-day bug

Art Post ·
On Monday, Apple released a long list of patched vulnerabilities to its software, including a new zero-day flaw affecting Macs and iPhones. The company revealed it's aware that threat actors may have been actively exploiting this vulnerability, which is tracked as CVE-2022-32917 . As it's a zero-day, nothing much is said about CVE-2022-32917, only that it may allow malformed applications to execute potentially malicious code with kernel privileges. Apple says it's patched this flaw with...
Topic

TPx Introduces Penetration Scanning, Expands Security Advisory Services

Art Post ·
TPx Introduces Penetration Scanning, Expands Security Advisory Services AUSTIN, Texas, Sept. 19, 2022 /PRNewswire-PRWeb/ — TPx, a leading nationwide managed services provider (MSP) delivering cybersecurity, managed networks, and cloud communications, today announced the addition of Penetration Scanning to its Security Advisory Services portfolio. Penetration Scanning is one of the best ways organizations can understand where security weaknesses and risks exist across the network and what the...
Topic

Kyocera has yet another security issue

Art Post ·
Kyocera has yet another security issue Article published by JVN News The web interfaces of some Kyocera MFPs and printers apparently contain multiple security vulnerabilities A hacker could log into the device and modify settings without authentication Arbitrary script could be executed Vulnerabilities found by researchers at Yokohama National University of Japan New firmware can apparently resolve the issues
Blog Post

Todays Hacked!

Art Post ·
HACKED! 11/21/2022 Kids' information is more valuable than adults'. That's one reason schools are getting hacked ... . It could be years before the FBI identifies the data theft of a student. In the meantime, cyber criminals have had a lot of time to abuse that ... Hacked Brisbane billboard broadcast pornography after cyberattack - 9News ....A Brisbane billboard was hacked to show pornographic content. (Supplied). READ MORE: Two children seriously injured in experiment gone wrong at ... this...
Topic

Lexmark warns of RCE bug affecting 100 printer models, PoC released

Art Post ·
Lexmark has released a security firmware update to fix a severe vulnerability that could enable remote code execution (RCE) on more than 100 printer models. The security issue is tracked as CVE-2023-23560 and, according to the company, it has a severity rating of 9.0. It is a server-side request forgery (SSRF) in the Web Services feature of Lexmark devices. No evidence of exploitation The vendor’s advisory says that the bug could be leveraged to gain arbitrary code execution on the device,...
Topic

Multiple vulnerabilities for Xerox FreeFlow Print Server – Risk: High

Art Post ·
As the BSI reports, vulnerabilities have been identified for Xerox FreeFlow Print Server. You can read here on news .de which systems and products are affected by the security gaps. The Federal Office for Security in der Informationstechnik (BSI) published an update on April 4th, 2023 to a vulnerability with several vulnerabilities for Xerox FreeFlow Print Server that became known on February 4th, 2022. The BIOS/firmware operating system and the Xerox FreeFlow Print Server product are...
Topic

Canon has another security vulnerability

Art Post ·
Canon has another security vulnerability Canon announced that some of its devices have a newly discovered vulnerability that could allow some to access information stored in memory The vulnerability is if the users do not delete all stored WiFi settings, before selling the device or returning it to leasing company.
Topic

Ricoh has more security issues?

Art Post ·
Ricoh has more security issues? Article published by Wirth Consulting, and bulletin published by Ricoh Ricoh’s Streamline NX solution is impacted by “Vulnerability of SLP implementation” Allows DoS (denial of service) attacks Ricoh devices could be impacted by “Heap buffer overflow vulnerability”’ Could allow a remote attacker to perform memory write Security Week published an article warning customers that BadBox hacking group has designed new Triada malware which infects any connected...
Blog Post

MSP, MSSP & IT Industry Notes for November 12th, 2023

Art Post ·
Sponsored by November 12th, 2023 Arcoa Group Why partnering with ARCOA makes sense Electronics Recycling is an important and profitable part of the IT asset lifecycle, but it can be overwhelming with all you already do, varying state regulations, and the limited resources at hand. That’s where ARCOA comes in. When you partner with ARCOA, you get all the benefits of a big company without any of the capital investment. We’ve been doing this since 1989 and have the expertise, certifications,...
Topic

CrowdStrike Overall Customers' Choice in 2024 Gartner Report

Art Post ·
CrowdStrike is the Only Vendor Named as Overall Customers’ Choice in 2024 Gartner Peer Insights™ Voice of the Customer for Vulnerability Assessment Report AUSTIN, Texas – February 7, 2024 – CrowdStrike (Nasdaq: CRWD) today announced it has been recognized as the only Customers’ Choice in the 2024 Gartner Peer Insights™ Voice of the Customer for Vulnerability Assessment among eight other providers. The AI-native CrowdStrike Falcon® XDR platform harnesses AI to prioritize risks in real time...
Topic

Google admits new Android OS security issues

Art Post ·
Google admits new Android OS security issues (Ricoh is only manufacturer that uses Android OS in its MFPs. It's used as the user interface) Google announced 26 new security vulnerabilities have been discovered in its Android OS which is used in many devices, including smartphones, MFPs, etc. Could allow hackers to “escalate their privileges on vulnerable devices” Also could allow “malicious app with no additional execution privileges needed” Google is issuing new patches to resolve the issues
Topic

Toshiba admits more MFP security issues

Art Post ·
Toshiba admits more MFP security issues The vulnerabilities impact “dozens of eSTUDIO MFP models” Could allow hackers to execute a DDoS attack Allow hackers to executive arbitrary malicious code on customers’ network Possible to extract confidential information Also a vulnerability with Toshiba’s TopAccess web management tool
Topic

Xerox Printers Vulnerability Let Attackers Remotely Takeover Devices

Art Post ·
Multiple Xerox printer models have been found to have a severe security vulnerability, which allows attackers with administrative access to completely take control of the devices. According to SEC Consult, the high-severity flaw tracked as CVE-2024-6333 affects various printer lines, including EC80xx, AltaLink, VersaLink, and WorkCentre series. The security flaw enables authenticated attackers to execute arbitrary commands with root privileges on the printer’s operating system through the...
×
×
×
×
×