Hackers may have been able to grab control over a series of vulnerabilities affecting more than 150 printer models manufactured by HP, one of the largest businesses in the sector.
In HP’s MFP (multi-function printer) M725z – part of HP’s FutureSmart series of printers – security consultants Timo Hirvonen and Alexander Bolshev detected exposed physical access port vulnerabilities (CVE-2021-39237) and font parsing vulnerabilities (CVE-2021-39238). In total, the consultants discovered 150 different HP models that leverage the port and font parsing vulnerabilities.
According to Reuters, the Pegasus spyware, manufactured by Israeli technology company NSO group, was used to infiltrate the phones of at least nine US Department of State employees over the previous few months, citing four unidentified sources with knowledge of the situation.
The employees who used Apple’s iPhones were either based in Uganda or worked on Ugandan-related issues.
According to Reuters, these are the most significant recorded Pegasus spyware-based hacks aimed at US officials. Unidentified officials speaking to AP and CNN confirmed the incursions, which Reuters initially reported.
Moscow court fined Alphabet’s Google (GOOGL.O) 9 million roubles ($121,000) on Tuesday, the latest in a series of fines against the internet giant for failing to erase content that the government considers illegal.
This year, Moscow has stepped up its pressure on international tech companies in what opponents see as an attempt by the authorities to tighten control over the Internet, which they believe threatens individual and corporate freedom.