Networked printers 'ripe for exploiting'

Johannesburg, 22 Jan 2007

Networked printers 'ripe for exploiting'

Networked printers are ripe for exploiting if IT and security personnel don't get their act together, claims ComputerWorld.

"Blaster and Sasser gave IT execs some religion about the vulnerabilities network printers can introduce to corporate networks," said an IT director quoted in the article.

"Since then, however, there has been little evidence of printer-based attacks spreading across large networks. Corporate IT shops haven't been concerned about printer security. Instead of patching and hardening printers, they have been complacent. Security experts say printers are loaded with more complex applications than ever, running every vulnerable service imaginable, with little or no risk management or oversight."

Security low-down for SMEs

We live in a networked world and there are plenty of advantages to doing so, notes ITSecurity.

Unfortunately, and despite the best efforts of network security managers, the last five years have seen hackers and criminals become increasingly effective at compromising these networks, as they have quickly developed new and ever more malicious threats to network security, it states.

The article also features a primer on the top 10 security threats to small businesses.

Web 2.0 hacks are all about the money

Read/Write Web analyses security firm Finjan's latest report on Web threats, including attacks on Wikipedia and MySpace.

"2006 saw the arrival of a diverse range of Web-based infection techniques - including rogue anti-spyware, ransomware and rootkits - that elude traditional security solutions geared to protect against e-mail viruses and spam," it notes.

"Another development in 2006 was the commercialisation of malicious code, as financial motivations played an increasing role in the evolution of malware. Motivated by financial gain, hackers are trading vulnerabilities in online auctions, commercialising products such as malicious Web site creation toolkits, and developing new distribution techniques, including spam, for the propagation of malicious code."