- May 7, 2002
- 10,376
- 762
- 126
Maybe one of these days these companies will get a clue? Then again, I doubt it.
https://www.bleepingcomputer.com/ne...d-panels-and-password-reset-functions-online/
The cause of all these exposures is Brother's choice of shipping the printers with no admin password. Most organizations most likely connected the printers to their networks without realizing the admin panel was present and wide open to connections. These printers are now easy discoverable via IoT search engines like Shodan or Censys.
...
For example, an attacker could change the printers' passwords and cause downtime to affected organizations.
...
An attacker could include spyware-like behavior in tainted firmware updates and have printers send copies of printed documents to an attacker's server.
https://www.bleepingcomputer.com/ne...d-panels-and-password-reset-functions-online/