Ever Seen Printer Malware in Action? Install this HP Ink Patch – or you may find out
Firmware update tackles remote code bugs in InkJet machines
HP Inc has posted an update to address a pair of serious security vulnerabilities in its InkJet printers.
The firmware update patches CVE-2018-5924 and CVE-2018-5925, two flaws that can be exploited by printing a file that triggers a stack or static buffer overflow, giving you the ability to then execute malicious code on the targeted printer.
In total, HP says the patch will need to be applied to some 225 different models of inkjet printers across its Pagewide, DesignJet, OfficeJet, Deskjet, and HP Envy product lines.
Expect to see more of this going forward. HP Inc recently opened up a bug bounty program to bring more researchers into the fold and find printer bugs before they can turn into zero-day exploits.
That bug bounty program, announced earlier this week in partnership with Bugcrowd, will see the printers n' PCs side of the Hewlett Packard break-up offer researchers up to $10,000 apiece for reporting security vulnerabilities.
The aim, says HP print security chief technologist Shivaun Albright, is to keep HP printers protected from the growing crop of botnets and malware packages that target printers and other internet-facing device that have traditionally had little to no security protection in place.
"As we navigate an increasingly complex world of cyber threats, it’s paramount that industry leaders leverage every resource possible to deliver trusted, resilient security from the firmware up," Albright said.
"HP is committed to engineering the most secure printers in the world."
The bug bounty program also gives HP another point for an ongoing marketing push the vendor is making to enterprise customers around the security of its printer line.
HP said that not only will it be handing out bounty payments for previously unknown bugs, but also "good faith" payouts to researchers who report bugs that HP itself had already discovered, but not gotten around to patching and disclosing yet.
Source: theregister
Latest Jobs
-
- Sales Manager (IT Managed Services)
- Manchester
- Up to £80,000 Base + Double OTE
-
Sales Manager (IT Managed Services) Ref BD7627 Salary: Up to £80,000 Base + Double OTE A great opportunity has come up for a Sales Manager to join a fast-growing IT infrastructure provider to manage their north west-based new business sales team. The Sales Manager will be responsible for leading an enterprise new business sales team who will be bidding and winning new business within the North West region. Skills & Experience required: Direct sales experience in the telecommunications/technology sector. Strong leadership/team skills and a positive track record in executing sales process & strategies and coordinating among internal and external stakeholders. Strong understanding of IT managed services such as Cloud, Cyber Security, Telecommunications (WAN/MPLS/SDWAN etc.) & Unified Communications. Have a team player attitude as well as being able to manage. Sales Manager Jobs, Telecoms Jobs, Telecommunications Jobs
-
- Security Overlay Specialist, Presales Consultant
- London
- Up to £80,000 plus 25% Commission and benefits
-
RA7291 Location: South East Salary Up to £80,000 plus 25% Commission and benefits Security Overlay Specialist, Presales Consultant A technically minded but sale focus individual is needed to be the Security Overlay Specialist for a global Tier 1 Service provider, Your remit will be to be the technical sales advocate for solutions based on security and Managed Network Services products; proactively working with the Account teams, Marketing Teams, Strategic Partners and key customer prospects directly in the development of pipeline and closure of key deals in this technology domain. They are looking for someone who has the technical networking and security background with the ability to do high-level technical solution design but who enjoys being more sales-focused and is able to help shape and develop deals with customers and work internally in helping to shape and develop the solution proposition Key responsibility will include 1) Technical qualification 2) pipeline generation 3) key deal leadership They are not looking for a hardcore Security Deep Domain expert, more of a global network services generalist with good broad security knowledge and some experience in working on managed UTM and Threat Monitoring services deals, but eager to learn and skill up in this area. Presales Jobs, Pre-Sales Jobs, Overlay Sales Jobs, Cyber Security Jobs, IT Security Jobs
-
- Presales Consultant (Collaboration)
- London
- £60,000 - £70,000 + bonus + benefits
-
Presales Consultant (Collaboration) RA7316B Location: London £60,000 - £70,000 + bonus + benefits One of the leading Global Telco’s are looking to expand their Collaboration presales team. The Presales Consultant will be responsible for providing technical guidance to the sales team and Enterprise Customer focusing around Cisco and Microsoft UC solutions. The Presales Consultant will have a good technical and general knowledge of cisco UC and Contact centre solutions and ideally experience to Microsoft Skype for Business and teams, you will be able to translate enterprise customer requirements into functional, effective and appropriate solutions for your customer base. Candidates need to have previous presales experience advising customers on collaboration solutions. You will need experience of doing high level design and presenting these solutions to C-level Executives. (Unified Comms Jobs, Unified Communications Jobs, UC Jobs, Collaboration Jobs)
-
- Collaboration Practice Lead
- London
- Up to £90,000 + bonus + benefits
-
Collaboration Practice Lead RA5791 Location: London Salary up to £90,000 plus bonus and benefits Collaboration Practice Lead is required for a global Tier 1 Service provider, you will be part of a global team helping to shape and deliver UC and Contact centre (CC) solution to enterprise clients and select SI partners. Responsibilities include Regular interaction with multi Regional SMEs to understand divergent UC/ CC needs and drive a team of Solution engineers and aid them in review/ approve the functional design, prepare and present customized solutions etc. Support the Proposal team in RFI, RFP and SO Identify desired UC/ CC solution functionality, evaluate alternatives, close gaps with Product. Strong alignment with Various OEMs in Collaboration (Audio, Video, Web and Social) Industry. Ability to work with Engineering, Product and Marketing teams to offer feedback, bridge Gaps and conduct technology sessions and participate in Industry forums representing TCL. Create readily demonstrable demos and develop POCs with prospective customers thereby enhancing Sales Funnel for UCC portfolio. Able to position Hosted Solutions across Contact center, Webex and IPT Solutions against premise setups You will require Proven leadership skills that build relationships with key stakeholders. Ability to communicate effectively and experience in documenting requirements and specifications is essential. Ability to cross-train and mentor associates on UCC technologies and updates Strong Knowledge around SIP, IP PBX, Webex, IPT, Various Video endpoints, interoperability scenarios is desired. Knowledge and experience designing and implementing enterprise room-based and mobile videoconferencing systems Experience with enterprise Cisco voice platforms is required, including Communications Manager, Unity Connection, Cisco Presence, Contact Center Express or Enterprise, Telepresence, Jabber etc Enterprise voice, video, and collaboration architectures including core call processing, voicemail, presence, contact centre, call recording, video conferencing, instant messaging, etc. In depth understanding of high availability design best practices for enterprise voice and video systems Microsoft Skype and teams experience would be beneficial (Unified Comms Jobs, Unified Communications Jobs, UC Jobs, Collaboration Jobs)