Critical Bugs in Canon Printers Allow Code Execution, DDoS
(www.darkreading.com)
from IllNess@infosec.pub to securitynews@infosec.pub on 07 Feb 2024 02:36
https://infosec.pub/post/8070199
from IllNess@infosec.pub to securitynews@infosec.pub on 07 Feb 2024 02:36
https://infosec.pub/post/8070199
No exploitations have been observed in the wild as of yet, according to the company’s European site, but owners should scan for indicators of compromise given that the bugs have been publicly known but unpatched for months.
Beyond the obvious step of updating to the latest firmware, Canon is advising its customers to “set a private IP address for the products and create a network environment with a firewall or wired/Wi-Fi router that can restrict network access.”
#securitynews
threaded - newest
Ah yes, so simple a child could do it.
Good thing citizens are all well versed in networking and cyber security.
If only there were vast profits in writing secure code maybe we wouldn’t see the same thing over and over again.
You and I know that, and IT people know that as you say, but to grandma that is a foreign language.
I just found the wording amusing imagining some people I know trying to parse it.
PS: and also wanted to bitch about companies churning out buggy shit. :)
How much would it cost to merge and test operating systems?
I’m pretty sure it can’t be more than the potential damages these devices can do…
Canon doesn’t have to pay for hacked devices, though. And it costs money to develop and maintain a secure coding program. Companies want to cut costs not improve quality. And so here we are.