Security News

Canon is warning users of home, office, and large format inkjet printers that their Wi-Fi connection settings stored in the devices' memories are not wiped, as they should, during initialization, allowing others to gain access to the data. The specific information stored in a Canon printer varies depending on the model and configuration but generally includes the network SSID, the password, network type, assigned IP address, MAC address, and network profile.

During the first day of Pwn2Own Austin 2021, contestants won $362,500 after exploiting previously unknown security flaws to hack printers, routers, NAS devices, and speakers from Canon, HP, Western Digital, Cisco, Sonos, TP-Link, and NETGEAR. At Pwn2Own Austin, security researchers will target mobile phones, printers, routers, network-attached storage, smart speakers, televisions, external storage, and other devices, all up to date and in their default configuration. Pwn2Own Austin's consumer-focused event was extended to four days after 22 different contestants registered for 58 total entries.

Canon USA is being sued for not allowing owners of certain printers to use the scanner of faxing functions if they run out of ink. Since at least 2016, other customers have contacted Canon about this exact problem [1, 2] and were told by support agents that ink cartridges must be installed and contain ink to use the printer's features, as shown by the agent's response below.

Canon, ransomware, Maze, data stolenImaging and optical giant Canon this week revealed that data was stolen in a ransomware attack it fell victim to in early August 2020. The incident, discovered on August 4, resulted in threat actors having access to Canon's network between July 20 and August 6.

Canon has finally confirmed publicly that the cyberattack suffered in early August was caused by ransomware and that the hackers stole data from company servers. In a public announcement on Wednesday evening, Canon says that the data accessed by the attacker included employees' names, Social Security number, date of birth, the number for the driver's license number or government-issued ID, the bank account number for direct deposits from Canon, and their electronic signature.

UPDATE. The Maze ransomware gang has reportedly leaked Canon U.S.A. data online. The leaked data consists of a single file, according to the report: About 2.2 GB-worth of marketing data and videos, compiled into an archive called "STRATEGICPLANNINGpart62.zip." The Maze gang claims it represents 5 percent of all of the data stolen from the camera giant.

Canon pulled the plug on service, and restored it days later, on Tuesday, August 4 when the data-gobbling glitch was fixed, we're told. According to Bleeping Computer, Canon was hit by a Maze ransomware infection.

General Electric revealed last week that the personal information of some employees may have been compromised as a result of a data breach suffered by Canon Business Process Services. In a data breach notification sent to affected individuals and submitted to the California Attorney General, GE said an unauthorized party gained access to a Canon email account containing documents belonging to some of its employees.

With more than 470,000 patient records exposed or stolen in January of 2018 alone, cyberattacks, viruses and other malicious threats are a growing challenge for healthcare providers. To help...

The threat of ransomware is becoming more prevalent and severe as attackers' focus has now moved beyond computers to smartphones and other Internet-connected smart devices. In its latest research,...