What Organizations Need to Change When Managing Printers
Ask the Expert: Organizations need to close the ownership vacuum, establish durable security controls, and ensure printers are protected as rigorously as other endpoints.
Printer security covers vulnerabilities in networked devices, exposed interfaces, stored documents, and access controls that can affect data confidentiality.
Search across headline titles and summaries.
Background for this topic.
A printer converts digital documents or images into physical output; networked multifunction printers may also scan, copy, fax, and store temporary job data. In an enterprise, such a device is an endpoint with firmware, an operating system, network services, and often an administrative web interface.
Security concerns include unauthorized administration through exposed or weakly protected interfaces, exploitation of unpatched firmware or services, and disclosure of documents retained in queues, internal storage, or printed output. Organizations should restrict printer management to trusted networks, change default credentials, apply vendor firmware updates, use encrypted management and print protocols where supported, and limit stored job data. Access-controlled release printing can reduce exposure of sensitive pages. When printers are relocated or retired, stored jobs, address books, credentials, and configuration data should be securely erased; logs and device details may also matter during vulnerability management and investigations.
Weekly headline count for the current query.
Ask the Expert: Organizations need to close the ownership vacuum, establish durable security controls, and ensure printers are protected as rigorously as other endpoints.
The Internet of Things (IoT) has made everything more interconnected than ever, but an important US government security initiative is stuck in limbo even as threat actors step up attacks on everything from medical gear to printers.
Security teams aren't patching firmware promptly, no one's vetting the endpoints before purchase, and visibility into potential dangers is limited — despite more and more cyberattackers targeting printers as a matter of course.
A slew of vulnerabilities, including a critical CVSS 9.8 that enables an attacker to generate the default admin password, affect hundreds of printer, scanner, and label-maker models made by manufacturer Brother.
HP's 8000 Series enterprise and commercial printers, which include Color LaserJet Enterprise MFP 8801, Mono MFP 8601, and LaserJet Pro Mono SFP 8501, will feature new quantum ASICs and endpoint controllers to protect them from future quantum attacks.
Attackers are using patched bugs to potentially gain unfettered access to an organization's Windows environment under certain conditions.
The shift to a distributed work model has exposed organizations to new threats, and a low but continuing stream of printer-related vulnerabilities isn't helping.
VoIP gear, hypervisors, medical equipment, building automation, printers, and more pose broad risk to organizations, with many facing danger from a combo of IT, IoT, and OT all at once. This listicle breaks it down.
A grouping of serious printer bugs, unveiled at last summer's Pwn2Own, were patchless for months, but are finally fixed now.
A printer bug could lead to much worse, in IT networks without proper segmentation.
Nearly 200 models are affected by vulnerability that may give wireless access to unauthorized third parties.
Vulnerabilities in the device firmware and drivers underscore how printers cannot be set-and-forget technology and need to be managed.
A nasty SSRF bug in Web Services plagues a laundry list of enterprise printers.
Offensive security researchers found 63 previously unreported vulnerabilities in printers, phones, and network-attached storage devices in the Zero Day Initiative's latest hackathon.