WatchGuard’s latest security appliance, the XTM 330, allows business travelers from small enterprises to use their iPads or iPhones to communicate securely with the office, the vendor said on Tuesday.

WatchGuard has implemented the IPSec functionality already present on the Apple devices, allowing users of Apple’s iOS-based products to securely access corporate resources irrespective of where they are using encrypted tunnels.

View full post on Security – Infoworld

An MSNBCblog has published the recent findings of a study from Columbia University saying millions of HPprinters are vulnerable to a devastating hack attack.
In essence, the vulnerability is that the LaserJet (InkJet not vulnerable) printers made before 2009 (according to HP) do not check digital signatures before installing a firmware update. Thus, a specially crafted version of firmware could be remotely installed by creating a crafted printjob including the new firmware version. The researchers demonstrated overheating a fuser to simulate what kind of physical destruction could incur (it charred the paper but was shut off by a safety before a fire started). Long story short, for an embedded system (or any system for that matter) if you can rewrite the Operating System you can control the device and make it do all sorts of unintended things.
This isn’t the first time HPLaserJet printers have had vulnerabilities, though this is the first time (that I recall at least) of using the firmware to do it. I think the severity of this vector is somewhat less than portrayed but worth noting, particularly for organizations that operate highly secure environments.
Best practices are likely sufficient to prevent against this attack, namely, you should never have printers (or any other embedded device for that matter) exposed to the Internet. In theory, you could create malware that infects a PC to then infect a printer but I would suspect such effort would only be used in rare circumstances. Additionally beyond firewalling the device, network traffic to and from the device could be monitored for traffic other than printjobs which should give indication of a problem. For instance, any printer initiating an outbound TCP/IPconnection is a sign that something is awry.
The study is a helpful reminded that even devices we don’t think of as computers can be hacked and do things we don’t intend and compromise our security.
Do you monitor printers or other embedded devices in your environment for compromise or otherwise protect them? Take the poll and feel free to comment below.
–

John Bambenek

bambenek \at\ gmail /dot/ com

Bambenek Consulting

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

View full post on SANS Internet Storm Center, InfoCON: green

Hungarian man pleads guilty to stealing confidential financial and other information from Marriott and threatening to expose it if the hotel chain didn’t offer him employment

View full post on Dark Reading – All Stories

View full post on Job Central computer AND security in West Virginia

A group of hackers that go by the name of "Teamp0ison" has apparently hacked one (or more) of UN's servers and dumped over 1000 email addresses, usernames and passwords of its staff on Pastebin.

…

View full post on Help Net Security – News