sincity Posted August 8, 2019 Share Posted August 8, 2019 Researchers at the NCC Group have discovered significant vulnerabilities in six commonly used enterprise printers which could open up organizations to potential attacks and data breaches.The vulnerabilities were uncovered after the team tested multiple aspects of six mid-range enterprise printers including web application and web services, firmware and update capabilities and hardware analysis.The team tested printers from HP, Ricoh, Xerox, Lexmark, Kyocera and Brother using basic tools to reveal a wide range of vulnerabilities with some emerging almost instantly.Printer security a major worry in the education sectorSharp boosts printer security with new launchesYour printer: it's a vulnerable, connected deviceNCC Group will present its findings at several security conferences including DEF CON, Hack in the Box and 44Con later this year.Internet-connected printersIf the vulnerabilities were exploited by attackers, the potential impact could range from denial of service attacks that could cause the printers to crash, backdoors that would allow attackers to maintain a hidden presence on an enterprise network or even the ability to spy on every print job sent and to send print jobs through to unauthorized parties.Thankfully though, all of the vulnerabilities discovered by NCC Group have either been patched or will be in the near future. However, the firm is advising all system administrators to update all vulnerable printers with the latest firmware and to monitor further updates.Research director at the NCC Group, Matt Lewis provided additional insight on the researchers' findings, saying:“Because printers have been around for so long, they’re not seen as enterprise IoT devices—but they’re embedded in corporate networks and therefore pose a significant risk. Building security into the development lifecycle would mitigate most if not all of these vulnerabilities. It’s very important that manufacturers continue to invest in security for all devices, just as corporate IT teams should guard against IoT-related vulnerabilities with even small change: changing default settings, enforcing secure configuration guides and regularly updating firmware.” We've also highlighted the best printers of 2019http://feeds.feedburner.com/~r/techradar/digital-home/~4/B9tDnVSw9_0 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.