BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Stuxnet? Night Drag0n? Nope,You Got Pwned by a Printer.

Posted September 6, 2011    Mike Puterbaugh

At the recent BlackHat and DefCon conferences, our annual eEye Research Team T-shirt was one of the more memorable ones we’d done in a while (and if you remember 2005, that’s saying something). In keeping with the theme of Security in Context, the shirt parodied the fear that attacks like Stuxnet, NightDragon and Operation Aurora had put into many attendees’ minds, when in reality you were more likely to end up getting hacked by a caricature of Mr. Peanut.


I can think of literally hundreds of examples where security pros would be better off focusing on the fundamentals of their vulnerability management strategy  rather than throwing all of their resources at the most recent “attack du jour.”
A perfect case in point – at this year’s DefCon Conference, security researcher Deral Heiland showed off some interesting attack scenarios targeting multi-function printers. No – not the printer! Just when you thought that PC Load Letter was your biggest problem at the print station. Nope, it’s fairly easy for these ubiquitous office products to now be accessed by a remote attacker – pulling down digital images of everything you’ve printed, scanned or faxed from the device.

That means contracts, purchase orders, new customer invoices, medical records … (you get the point) are up for grabs. I’ll sit right here and wait as you run and rip your printer off your network. <sips coffee>  Actually, that wasn’t necessary.  What is necessary is ensuring that every connected device (workstations, servers, mobile devices, virtual devices and apps, etc.) are part of your regularly scheduled vulnerability management process. Our Retina family of products has always included (and will continue to include) audits for non-end user devices like routers, switches and yes, even printers.

Why? Your network is only as secure as its weakest device. You have to keep these things in context.   Our compliments to Deral for his research and presentation.

Tags:

Leave a Reply

Additional articles

PBPS-screenshot-blog aug2014

Failing the Security Basics: Backoff Point-of-Sale Malware

Posted August 22, 2014    Marc Maiffret

At the beginning of this month, US-CERT issued a security alert relating to a string of breaches that had been targeting Point of Sale (POS) systems. The alert details that attackers were leveraging brute forcing tools to target common remote desktop applications such as Microsoft’s Remote Desktop, Apple Remote Desktop, Splashtop and LogMeIn among others….

Tags:
, , , , , ,

Troubleshooting Windows Privilege Management Rules with Policy Monitor

Posted August 21, 2014    Jason Silva

When defining and testing PowerBroker for Windows rules for production or pilots, customers sometimes tell us, “I don’t think this policy / program is working.” This is usually a case of the policy not properly triggering because of the way the rule was created. A unique feature of PowerBroker for Windows compared to other solutions is a client-side…

Tags:
, , ,
darren-mar-elia

BeyondTrust Webcast: Darren Mar-Elia’s 4 Active Directory Change Scenarios to Track

Posted August 20, 2014    Chris Burd

In our latest webcast, we joined Darren Mar-Elia, CTO at SDM Software, to discuss best practices for Active Directory (AD) change management. Here are some key takeaways from the presentation, followed by a link to a full-length video of the presentation. Mar-Elia kicks things off with a critical insight: that the best AD change management…

Tags:
, , , , , , ,