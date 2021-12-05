ContributorsPublishersAdvertisers
Computers

Week in review: 150+ HP multifunction printers open to attack, how to combat ransomware with visibility

By Help Net Security
helpnetsecurity.com
 6 days ago

Cover picture for the articleHere’s an overview of some of last week’s most interesting news, articles and interviews:. Determined APT is exploiting ManageEngine ServiceDesk Plus vulnerability (CVE-2021-44077) An APT group is leveraging a critical vulnerability (CVE-2021-44077) in Zoho ManageEngine ServiceDesk Plus to compromise organizations in a variety of sectors, including defense and tech....

www.helpnetsecurity.com

Comments / 0

Related
bleepingcomputer.com

8-year-old HP printer vulnerability affects 150 printer models

Researchers have discovered several vulnerabilities affecting at least 150 multi-function (print, scan, fax) printers made by Hewlett Packard. Since the flaws discovered by F-Secure security researchers Alexander Bolshev and Timo Hirvonen date back to at least 2013, they've likely exposed a large number of users to cyberattacks for a notable amount of time.
TECHNOLOGY
CSO

New HP MFP vulnerabilities show why you should update and isolate printers

Security researchers have published details about two serious vulnerabilities that impact over 150 different HP multifunction printer models with FutureSmart firmware going back at least nine years. The attack vectors associated with the flaws and their impact serve as a reminder that printers can pose significant security risks to enterprise networks if not properly secured, updated and segmented.
COMPUTERS
inforisktoday.com

The Concept of Shared Responsibility in Combating Ransomware

Ransomware continues to dominate headlines with no sign of slowing down. What started more than 30 years ago has become one of the most prevalent and lucrative cyberattacks that does not discriminate by company size, industry or geography. In addition, with the growth of the digital ecosystem, ransomware now can...
TECHNOLOGY
Dark Reading

HP Issues Firmware Updates for Printer Product Vulnerabilities

HP Inc. has issued firmware updates for multiple security vulnerabilities that affect more than 150 models of its multifunction printer (MFP) products. These issues are not particularly easy to exploit. However, they present a threat to enterprise organizations because they give attackers a means to steal data and gain a foothold on a network, according to F-Secure researchers who discovered the bugs and reported them to HP in April 2021.
ELECTRONICS
IN THIS ARTICLE
#Hp Printers#Phishing Attacks#Internet Security#Google Cloud#Android#Gitlab#Cto#Api#Apwg
theregister.com

Visiting a booby-trapped webpage could give attackers code execution privileges on HP network printers

Tricking users into visiting a malicious webpage could allow malicious people to compromise 150 models of HP multi-function printers, according to F-Secure researchers. The Finland-headquartered infosec firm said it had found "exploitable" flaws in the HP printers that allowed attackers to "seize control of vulnerable devices, steal information, and further infiltrate networks in pursuit of other objectives such as stealing or changing other data" – and, inevitably, "spreading ransomware."
COMPUTERS
ZDNet

Printing Shellz: Critical bugs impacting 150 HP printer models patched

HP has patched critical flaws impacting approximately 150 printer models. Printers are usually connected to business networks -- and potentially forgotten when it comes to security -- so they can easily provide an avenue of attack. Highlighting this issue is PrintNightmare, CVE-2021-34481, a Windows Print Spooler service vulnerability that permits attackers to escalate privileges to system level, which was patched in August. In addition, HP patched a separate, 16-year-old privilege escalation driver flaw in July.
SOFTWARE
siliconangle.com

Security vulnerabilities found in more than 150 HP multifunction printers

Researchers at cybersecurity solutions firm F-Secure Corp. today revealed they have discovered a range of security vulnerabilities that affect more than 150 multifunction printers from HP Inc. The researchers, Timo Hirvonen and Alexander Bolshev, started with testing one printer from HP to see if it was vulnerable to hacking. It...
COMPUTERS
Bank Info Security

How to Stop a Potential Ransomware Attack Before it Happens

Backup and recovery can help you limit the impact of ransomware—at significant cost and effort—but it can’t prevent damage and disruption to your business. In this on-demand webinar, you’ll learn how you can get out in front of the ransomware threat to stop hackers from locking down your data in the first place.
TECHNOLOGY
YOU MAY ALSO LIKE
NewsBreak
Data Security
NewsBreak
Technology
NewsBreak
Computers
Bank Info Security

Banish Sequential Numbering: How to Combat 'BIN Attacks'

In order to identify BIN (Bank Identification Number) attacks or account testing attacks, it is important for payment card brands to leverage artificial intelligence and automated systems for monitoring transaction data to look for unusual patterns and work with merchants to improve processes, says Keri Crane, advisory technical product manager with Jack Henry & Associates. BIN attacks happen when fraudsters take the first six digits of a card and use a software to generate the remaining digits.
PERSONAL FINANCE
helpnetsecurity.com

Cybercrime supply chain: Fueling the rise in ransomware

Trend Micro released a research detailing the murky cybercrime supply chain behind much of the recent surge in ransomware attacks. Demand has increased so much over the past two years that many cybercriminal markets now have their own “Access-as-a-Service” sections. “Media and corporate cybersecurity attention have been focused only on...
PUBLIC SAFETY
helpnetsecurity.com

Attackers exploit another zero-day in ManageEngine software (CVE-2021-44515)

A vulnerability (CVE-2021-44515) in ManageEngine Desktop Central is being leveraged in attacks in the wild to gain access to server running the vulnerable software. CVE-2021-44515 is an authentication bypass vulnerability that could be triggered by attackers by sending a specially crafted request, with the goal of achieving unauthenticated remote code execution.
SOFTWARE
helpnetsecurity.com

Kafdrop flaw allows data from Kafka clusters to be exposed Internet-wide

Researchers at Spectral discovered a security flaw in Kafdrop, a popular open-source UI and management interface for Apache Kafka clusters that has been downloaded more than 20 million times. Kafdrop security flaw. Companies affected range from major global players to smaller organizations in healthcare, insurance, media, and IoT – basically...
SOFTWARE
helpnetsecurity.com

CIS Benchmarks communities: Where configurations meet consensus

Have you ever wondered how technology hardening guidelines are developed? Some are determined by a particular vendor or driven by a bottom-line perspective. That’s not the case with the CIS Benchmarks. They’re the only consensus-developed security configuration recommendations both created and trusted by a global community of IT security professionals from academia, government, and industry. There are currently 100+ CIS Benchmarks for various technologies. Some of the most used include web browsers, operating systems, and cloud infrastructure.
CELL PHONES
Beta News

How to prepare for and prevent a ransomware attack

There has been a lot of media attention lately in certain industries around a type of ransomware called DopplePaymer. Using this ransomware, an adversary will gain access to an organization. From there, they will start infecting systems and will demand a payment and/or threaten to release the victim’s data if the ransom is not paid. This trend of additional extortion become increasingly common with ransomware operators in the past two years.
TECHNOLOGY
securityboulevard.com

How to Outplay the Ransomware Playbook

Organizations across industries are increasingly concerned about their cybersecurity posture and overall ransomware preparedness – and rightfully so – with the 64% increase in attacks from 2019 to 2020 (304 million attacks worldwide in 2020). We have also seen a 2x increase in demand for ransomware preparedness assessments and exercises.
TECHNOLOGY
helpnetsecurity.com

Webcast: Why your email encryption solution is doomed

Have you tried to set up top-notch email encryption and failed? Up-to-date email encryption solutions are in states of constant change with new use-cases constantly being created. Access concerns, privacy regulations, and the challenges of maintaining an exceptional user experience across generations mean your company needs to adapt. In this...
INTERNET
helpnetsecurity.com

Code42 adds new insider threat detectors for government security teams

Code42 announced the FedRAMP Authorized Code42 Incydr Gov solution has added new data exfiltration detectors for cloud and email systems. In addition to detecting data exfiltration from endpoints, now security teams can detect, investigate and respond to insider risk activities, including monitoring unauthorized file movement, spillage and sharing from and within cloud and email systems.
POLITICS

Comments / 0

Community Policy