 fox
II/IDEC networks :: bot.slashdot :: / feed
|
Login |
[>]
Brother Printer Bug In 689 Models Exposes Millions To Hacking
bot.slashdot
robot(spnet, 1) — All
2025-06-27 17:22:02
An anonymous reader quotes a report from SecurityWeek: Hundreds of printer models from Brother and other vendors are impacted by potentially serious vulnerabilities discovered by researchers at Rapid7. The cybersecurity firm revealed on Wednesday that its researchers identified eight vulnerabilities affecting multifunction printers made by Brother. The security holes have been found to impact 689 printer, scanner and label maker models from Brother, and some or all of the flaws also affect 46 Fujifilm Business Innovation, five Ricoh, six Konica Minolta, and two Toshiba printers. Overall, millions of enterprise and home printers are believed to be exposed to hacker attacks due to these vulnerabilities.
The most serious of the flaws, tracked as CVE-2024-51978 and with a severity rating of 'critical', can allow a remote and unauthenticated attacker to bypass authentication by obtaining the device's default administrator password. CVE-2024-51978 can be chained with an information disclosure vulnerability tracked as CVE-2024-51977, which can be exploited to obtain a device's serial number. This serial number is needed to generate the default admin password. "This is due to the discovery of the default password generation procedure used by Brother devices," Rapid7 explained. "This procedure transforms a serial number into a default password. Affected devices have their default password set, based on each device's unique serial number, during the manufacturing process."
Having the admin password enables an attacker to reconfigure the device or abuse functionality intended for authenticated users. The remaining vulnerabilities, which have severity ratings of 'medium' and 'high', can be exploited for DoS attacks, forcing the printer to open a TCP connection, obtain the password of a configured external service, trigger a stack overflow, and perform arbitrary HTTP requests. Six of the eight vulnerabilities found by Rapid7 can be exploited without authentication. Brother has patched most of the flaws, but CVE-2024-51978 requires a new manufacturing process to fully resolve, which will apply only to future devices.
[ Read more of this story ]( https://hardware.slashdot.org/story/25/06/26/2351234/brother-printer-bug-in-689-models-exposes-millions-to-hacking?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.
bot.slashdot
robot(spnet, 1) — All
2025-06-27 17:22:02
An anonymous reader quotes a report from SecurityWeek: Hundreds of printer models from Brother and other vendors are impacted by potentially serious vulnerabilities discovered by researchers at Rapid7. The cybersecurity firm revealed on Wednesday that its researchers identified eight vulnerabilities affecting multifunction printers made by Brother. The security holes have been found to impact 689 printer, scanner and label maker models from Brother, and some or all of the flaws also affect 46 Fujifilm Business Innovation, five Ricoh, six Konica Minolta, and two Toshiba printers. Overall, millions of enterprise and home printers are believed to be exposed to hacker attacks due to these vulnerabilities.
The most serious of the flaws, tracked as CVE-2024-51978 and with a severity rating of 'critical', can allow a remote and unauthenticated attacker to bypass authentication by obtaining the device's default administrator password. CVE-2024-51978 can be chained with an information disclosure vulnerability tracked as CVE-2024-51977, which can be exploited to obtain a device's serial number. This serial number is needed to generate the default admin password. "This is due to the discovery of the default password generation procedure used by Brother devices," Rapid7 explained. "This procedure transforms a serial number into a default password. Affected devices have their default password set, based on each device's unique serial number, during the manufacturing process."
Having the admin password enables an attacker to reconfigure the device or abuse functionality intended for authenticated users. The remaining vulnerabilities, which have severity ratings of 'medium' and 'high', can be exploited for DoS attacks, forcing the printer to open a TCP connection, obtain the password of a configured external service, trigger a stack overflow, and perform arbitrary HTTP requests. Six of the eight vulnerabilities found by Rapid7 can be exploited without authentication. Brother has patched most of the flaws, but CVE-2024-51978 requires a new manufacturing process to fully resolve, which will apply only to future devices.
[ Read more of this story ]( https://hardware.slashdot.org/story/25/06/26/2351234/brother-printer-bug-in-689-models-exposes-millions-to-hacking?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.
[>]
36% of Chinese Undergraduates Choose Engineering, Compared To 5% in US and UK
bot.slashdot
robot(spnet, 1) — All
2025-06-27 18:22:01
36% of all Chinese undergraduate entrants -- about 1.6 million people -- selected engineering degrees in 2022 (the latest year for which data are available), up from 32% in 2010, according to data from China's Ministry of Education. In Britain and America, which have far fewer students to start with, the proportion hovers around 5%.
The surge comes as China's government directs universities to focus on strategic industries and technological bottlenecks. Over 600 Chinese universities now offer undergraduate programs in artificial intelligence, a field the Communist Party vows to dominate by 2030. In 2023, officials started telling universities to overhaul their degree programs, and the education ministry announced an "emergency mechanism" to create degrees more quickly to meet "national priorities." Over half of China's young people now complete some form of higher education through 3,000-odd institutions. Youth unemployment reached 14.9% in May, driving students toward technical fields they believe offer better job prospects.
[ Read more of this story ]( https://news.slashdot.org/story/25/06/27/1340213/36-of-chinese-undergraduates-choose-engineering-compared-to-5-in-us-and-uk?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.
bot.slashdot
robot(spnet, 1) — All
2025-06-27 18:22:01
36% of all Chinese undergraduate entrants -- about 1.6 million people -- selected engineering degrees in 2022 (the latest year for which data are available), up from 32% in 2010, according to data from China's Ministry of Education. In Britain and America, which have far fewer students to start with, the proportion hovers around 5%.
The surge comes as China's government directs universities to focus on strategic industries and technological bottlenecks. Over 600 Chinese universities now offer undergraduate programs in artificial intelligence, a field the Communist Party vows to dominate by 2030. In 2023, officials started telling universities to overhaul their degree programs, and the education ministry announced an "emergency mechanism" to create degrees more quickly to meet "national priorities." Over half of China's young people now complete some form of higher education through 3,000-odd institutions. Youth unemployment reached 14.9% in May, driving students toward technical fields they believe offer better job prospects.
[ Read more of this story ]( https://news.slashdot.org/story/25/06/27/1340213/36-of-chinese-undergraduates-choose-engineering-compared-to-5-in-us-and-uk?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.
[>]
Starlink Helps Eight More Nations Pass 50% IPv6 Adoption
bot.slashdot
robot(spnet, 1) — All
2025-06-27 19:22:01
Eight nations have surpassed 50% IPv6 deployment since June 2024, bringing the total number of countries in the majority IPv6 club to 21, according to the Internet Society. Brazil, Guatemala, Hungary, Japan, Mexico, Puerto Rico, Sri Lanka, and Tuvalu all crossed the threshold over the past year.
Tuvalu's adoption coincided with the arrival of Elon Musk's Starlink satellite broadband service, which operates as IPv6-only. The Internet Society's Pulse platform found no IPv6 deployment in the Pacific nation in June 2024, but Starlink now holds 88% market share there and 59% of Tuvalu's internet connections use IPv6.
France moved from third place to tie with India for the global lead at 73% IPv6 deployment. Japan rebounded from 49% to 55%, returning to the 50% club after dropping below the mark in mid-2024. Puerto Rico climbed from 49% to 53%. Thailand appears positioned to join next at 49% deployment, followed by Estonia at 46% and the United Kingdom at 45%.
[ Read more of this story ]( https://tech.slashdot.org/story/25/06/27/0637210/starlink-helps-eight-more-nations-pass-50-ipv6-adoption?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.
bot.slashdot
robot(spnet, 1) — All
2025-06-27 19:22:01
Eight nations have surpassed 50% IPv6 deployment since June 2024, bringing the total number of countries in the majority IPv6 club to 21, according to the Internet Society. Brazil, Guatemala, Hungary, Japan, Mexico, Puerto Rico, Sri Lanka, and Tuvalu all crossed the threshold over the past year.
Tuvalu's adoption coincided with the arrival of Elon Musk's Starlink satellite broadband service, which operates as IPv6-only. The Internet Society's Pulse platform found no IPv6 deployment in the Pacific nation in June 2024, but Starlink now holds 88% market share there and 59% of Tuvalu's internet connections use IPv6.
France moved from third place to tie with India for the global lead at 73% IPv6 deployment. Japan rebounded from 49% to 55%, returning to the 50% club after dropping below the mark in mid-2024. Puerto Rico climbed from 49% to 53%. Thailand appears positioned to join next at 49% deployment, followed by Estonia at 46% and the United Kingdom at 45%.
[ Read more of this story ]( https://tech.slashdot.org/story/25/06/27/0637210/starlink-helps-eight-more-nations-pass-50-ipv6-adoption?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.