Welcome Guest [Log In] [Register]

Kia Ora
You are currently viewing our forum as a guest. This means you are limited to certain areas of the board and that there are some features you can't use or read.

We are an active community of worldwide senior members participating in chat, politics, travel, health, blogging, graphics, computer issues & help, book club, literature & poetry, finance discussions, recipe exchange and much more. Also, as a member you will be able to access member only sections, many features, send personal messages, make new friends, etc.

Registration is simple, fast and completely free. Why not register today and become a part of the group. Registration button at the very top left of the page.

Thank you for stopping by.

Join our community!

In case of difficulty, email worldwideseniors.org@gmail.com.
If you're already a member please log in to your account to access all of our features:

Username:   Password:
Add Reply
A Hidden Security Threat: Beware the Office Multifunction Printer
Topic Started: Sep 8 2011, 12:18 PM (48 Views)
Deleted User
Deleted User

Quote:
 
A Hidden Security Threat: Beware the Office Multifunction Printer
By Robert Vamosi, PCWorld

Cybercriminals are always looking for easy ways to break into your network, whether at work or at home. In a talk at this summer's DefCon 19 conference, security researcher Deral Heiland demonstrated various ways to compromise Internet-ready consumer-grade multifunction printers. These include printers that can scan to a file, scan to email, and fax documents, and the vulnerabilities he found are similar across all vendors.

If you haven't taken the time to access the administration control panel webpage for your printer and change its default passwords, do so now. Unfortunately, that will only slow down a very persistent criminal. For example, Heiland demonstrated that if you did change the default Toshiba printer password from 123456 to something unique, a criminal can simply add an extra backslash to the URL to gain administrator access to the device. And he said that if you copy the URL from the HP OfficeJet printer login page and then add "page=" to the end when you paste it back in, this will bypass any new passwords that have been added to those printers. This could let a hacker access sensitive documents that have been recently scanned or printed.

On some of the printer administration webpages, basic coding flaws can also expose sensitive information such as passwords. With the HP Officejet multifunction page, Heiland said he was able to right-click the page in Firefox in order to see the plaintext of the password normally hidden by black dots. The same, he said, was true on the Toshiba models he'd tested.


Full details here - http://www.pcworld.com/businesscenter/article/239456/a_hidden_security_threat_beware_the_office_multifunction_printer.html
Quote Post Goto Top
 
1 user reading this topic (1 Guest and 0 Anonymous)
« Previous Topic · ALERTS, UPDATES, WARNINGS, NEWS · Next Topic »
Add Reply